Skip to main content

이 버전의 GitHub Enterprise Server는 2023-09-12. 중요한 보안 문제에 대해서도 패치 릴리스가 이루어지지 않습니다. 성능 향상, 향상된 보안, 새로운 기능을 위해 최신 버전의 GitHub Enterprise로 업그레이드합니다. 업그레이드에 대한 도움말은 GitHub Enterprise 지원에 문의하세요.

토큰 만료 및 해지

토큰은 만료될 수 있으며 사용자, 사용자가 권한을 부여한 애플리케이션 및 GitHub Enterprise Server 자체에 의해 해지될 수도 있습니다.

When a token has expired or has been revoked, it can no longer be used to authenticate Git and API requests. It is not possible to restore an expired or revoked token, you or the application will need to create a new token.

This article explains the possible reasons your GitHub Enterprise Server token might be revoked or expire.

Note: When a personal access token or OAuth token expires or is revoked, you may see an oauth_authorization.destroy action in your security log. For more information, see "Reviewing your security log."

Token revoked after reaching its expiration date

When you create a personal access token, we recommend that you set an expiration for your token. Upon reaching your token's expiration date, the token is automatically revoked. For more information, see "Managing your personal access tokens."

Token revoked by the user

You can revoke your authorization of a GitHub App or OAuth app from your account settings which will revoke any tokens associated with the app. For more information, see "Reviewing and revoking authorization of GitHub Apps" and "Reviewing your authorized OAuth apps."

Once an authorization is revoked, any tokens associated with the authorization will be revoked as well. To reauthorize an application, follow the instructions from the third-party application or website to connect your account on your GitHub Enterprise Server instance again.

Token revoked by the OAuth app

The owner of an OAuth app can revoke an account's authorization of their app, this will also revoke any tokens associated with the authorization. For more information about revoking authorizations of your OAuth app, see "Apps."

OAuth app owners can also revoke individual tokens associated with an authorization. For more information about revoking individual tokens for your OAuth app, see "OAuth Authorizations".

Token revoked due to excess of tokens for an OAuth app with the same scope

There is a limit of ten tokens that are issued per user/application/scope combination. If an application creates more than 10 tokens for the same user and the same scopes, the oldest tokens with the same user/application/scope combination will be revoked.

User token revoked due to GitHub App configuration

User access tokens created by a GitHub App will expire after eight hours by default. Owners of GitHub Apps can optionally change the default expiration period for their user access tokens, or configure the tokens to never expire. For more information about configuring your GitHub App's user access tokens, see "Activating optional features for GitHub Apps."