Эта версия GitHub Enterprise Server была прекращена 2024-03-26. Исправления выпускаться не будут даже при критических проблемах безопасности. Для повышения производительности, повышения безопасности и новых функций выполните обновление до последней версии GitHub Enterprise Server. Чтобы получить справку по обновлению, обратитесь в службу поддержки GitHub Enterprise.
Конечные точки REST API для авторизации приложений OAuth
Используйте REST API для управления доступом OAuth apps к вашей учетной записи.
Сведения о авторизациях OAuth
Rest API можно использовать для управления доступом OAuth apps к вашей учетной записи. Доступ к этим конечным точкам можно получить только с помощью базовой проверки подлинности с помощью имени пользователя и пароля, а не маркеров.
List your grants
Deprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
You can use this API to list the set of OAuth applications that have been granted access to your account. Unlike the list your authorizations API, this API does not manage individual tokens. This API will return one entry for each OAuth application that has been granted access to your account, regardless of the number of tokens an application has generated for your user. The list of OAuth applications returned matches what is shown on the application authorizations settings screen within GitHub. The scopes
returned are the union of scopes authorized for the application. For example, if an application has one token with repo
scope and another token with user
scope, the grant will return ["repo", "user"]
.
Параметры для "List your grants"
Имя., Тип, Description |
---|
accept string Setting to |
Имя., Тип, Description |
---|
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." По умолчанию.: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." По умолчанию.: |
client_id string The client ID of your GitHub app. |
Коды состояния http-ответа для "List your grants"
Код состояния | Описание |
---|---|
200 | OK |
304 | Not modified |
401 | Requires authentication |
403 | Forbidden |
404 | Resource not found |
Примеры кода для "List your grants"
Пример запроса
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/applications/grants
Response
Status: 200
[
{
"id": 1,
"url": "https://HOSTNAME/applications/grants/1",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"created_at": "2011-09-06T17:26:27Z",
"updated_at": "2011-09-06T20:39:23Z",
"scopes": [
"public_repo"
]
}
]
Get a single grant
Deprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
Параметры для "Get a single grant"
Имя., Тип, Description |
---|
accept string Setting to |
Имя., Тип, Description |
---|
grant_id integer Обязательное полеThe unique identifier of the grant. |
Коды состояния http-ответа для "Get a single grant"
Код состояния | Описание |
---|---|
200 | OK |
304 | Not modified |
401 | Requires authentication |
403 | Forbidden |
Примеры кода для "Get a single grant"
Пример запроса
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/applications/grants/GRANT_ID
Response
Status: 200
{
"id": 1,
"url": "https://HOSTNAME/applications/grants/1",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"created_at": "2011-09-06T17:26:27Z",
"updated_at": "2011-09-06T20:39:23Z",
"scopes": [
"public_repo"
]
}
Delete a grant
Deprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for your user. Once deleted, the application has no access to your account and is no longer listed on the application authorizations settings screen within GitHub.
Параметры для "Delete a grant"
Имя., Тип, Description |
---|
accept string Setting to |
Имя., Тип, Description |
---|
grant_id integer Обязательное полеThe unique identifier of the grant. |
Коды состояния http-ответа для "Delete a grant"
Код состояния | Описание |
---|---|
204 | No Content |
304 | Not modified |
401 | Requires authentication |
403 | Forbidden |
Примеры кода для "Delete a grant"
Пример запроса
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/applications/grants/GRANT_ID
Response
Status: 204
List your authorizations
Deprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
Параметры для "List your authorizations"
Имя., Тип, Description |
---|
accept string Setting to |
Имя., Тип, Description |
---|
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." По умолчанию.: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." По умолчанию.: |
client_id string The client ID of your GitHub app. |
Коды состояния http-ответа для "List your authorizations"
Код состояния | Описание |
---|---|
200 | OK |
304 | Not modified |
401 | Requires authentication |
403 | Forbidden |
404 | Resource not found |
Примеры кода для "List your authorizations"
Пример запроса
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/authorizations
Response
Status: 200
[
{
"id": 2,
"url": "https://enterprise.octocat.com/api/v3/authorizations/2",
"app": {
"name": "My personal access token",
"url": "https://docs.github.com/enterprise/rest/enterprise-admin/users#list-personal-access-tokens",
"client_id": "00000000000000000000"
},
"token": "ghp_16C7e42F292c6912E7710c838347Ae178B4a",
"hashed_token": "23cffb2fab1b0a62747863eba88cb9327e561f2f7a0c8661c0d9b83146cb8d45",
"token_last_eight": "Ae178B4a",
"note": "My personal access token",
"note_url": null,
"created_at": "2019-04-24T21:49:02Z",
"updated_at": "2019-04-24T21:49:02Z",
"scopes": [
"admin:business",
"admin:gpg_key",
"admin:org",
"admin:org_hook",
"admin:pre_receive_hook",
"admin:public_key",
"admin:repo_hook",
"delete_repo",
"gist",
"notifications",
"repo",
"user",
"write:discussion"
],
"fingerprint": null
}
]
Create a new authorization
Deprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
Warning: Apps must use the web application flow to obtain OAuth tokens that work with GitHub Enterprise Server SAML organizations. OAuth tokens created using the Authorizations API will be unable to access GitHub Enterprise Server SAML organizations. For more information, see the blog post.
Creates OAuth tokens using Basic Authentication. If you have two-factor authentication setup, Basic Authentication for this endpoint requires that you use a one-time password (OTP) and your username and password instead of tokens. For more information, see "Working with two-factor authentication."
To create tokens for a particular OAuth application using this endpoint, you must authenticate as the user you want to create an authorization for and provide the app's client ID and secret, found on your OAuth application's settings page. If your OAuth application intends to create multiple tokens for one user, use fingerprint
to differentiate between them.
You can also create tokens on GitHub Enterprise Server from the personal access tokens settings page. Read more about these tokens in the GitHub Help documentation.
Organizations that enforce SAML SSO require personal access tokens to be allowed. For more information, see "About identity and access management with SAML single sign-on" in the GitHub Enterprise Cloud documentation.
Параметры для "Create a new authorization"
Имя., Тип, Description |
---|
accept string Setting to |
Имя., Тип, Description |
---|
scopes array of strings or null A list of scopes that this authorization is in. |
note string A note to remind you what the OAuth token is for. |
note_url string A URL to remind you what app the OAuth token is for. |
client_id string The OAuth app client key for which to create the token. |
client_secret string The OAuth app client secret for which to create the token. |
fingerprint string A unique string to distinguish an authorization from others created for the same client ID and user. |
Коды состояния http-ответа для "Create a new authorization"
Код состояния | Описание |
---|---|
201 | Created |
304 | Not modified |
401 | Requires authentication |
403 | Forbidden |
410 | Gone |
422 | Validation failed, or the endpoint has been spammed. |
Примеры кода для "Create a new authorization"
Пример запроса
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/authorizations \
-d '{"scopes":["public_repo"],"note":"optional note","note_url":"http://optional/note/url","client_id":"abcde12345fghij67890","client_secret":"3ef4ad510c59ad37bac6bb4f80047fb3aee3cc7f"}'
Response
Status: 201
{
"id": 1,
"url": "https://HOSTNAME/authorizations/1",
"scopes": [
"public_repo"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"expires_at": "2011-10-06T17:26:27Z",
"fingerprint": "jklmnop12345678"
}
Get-or-create an authorization for a specific app
Deprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
Warning: Apps must use the web application flow to obtain OAuth tokens that work with GitHub Enterprise Server SAML organizations. OAuth tokens created using the Authorizations API will be unable to access GitHub Enterprise Server SAML organizations. For more information, see the blog post.
Creates a new authorization for the specified OAuth application, only if an authorization for that application doesn't already exist for the user. The URL includes the 20 character client ID for the OAuth app that is requesting the token. It returns the user's existing authorization for the application if one is present. Otherwise, it creates and returns a new one.
If you have two-factor authentication setup, Basic Authentication for this endpoint requires that you use a one-time password (OTP) and your username and password instead of tokens. For more information, see "Working with two-factor authentication."
Deprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
Параметры для "Get-or-create an authorization for a specific app"
Имя., Тип, Description |
---|
accept string Setting to |
Имя., Тип, Description |
---|
client_id string Обязательное полеThe client ID of the OAuth app. |
Имя., Тип, Description |
---|
client_secret string Обязательное полеThe OAuth app client secret for which to create the token. |
scopes array of strings or null A list of scopes that this authorization is in. |
note string A note to remind you what the OAuth token is for. |
note_url string A URL to remind you what app the OAuth token is for. |
fingerprint string A unique string to distinguish an authorization from others created for the same client ID and user. |
Коды состояния http-ответа для "Get-or-create an authorization for a specific app"
Код состояния | Описание |
---|---|
200 | if returning an existing token |
201 | Deprecation Notice: GitHub will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post. |
304 | Not modified |
401 | Requires authentication |
403 | Forbidden |
422 | Validation failed, or the endpoint has been spammed. |
Примеры кода для "Get-or-create an authorization for a specific app"
Примеры запросов
curl -L \
-X PUT \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/authorizations/clients/abcde12345fghij67890 \
-d '{"client_secret":"3ef4ad510c59ad37bac6bb4f80047fb3aee3cc7f","scopes":["public_repo"],"note":"optional note","note_url":"http://optional/note/url"}'
if returning an existing token
Status: 200
{
"id": 1,
"url": "https://HOSTNAME/authorizations/1",
"scopes": [
"public_repo"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"expires_at": "2011-10-06T17:26:27Z",
"fingerprint": ""
}
Get-or-create an authorization for a specific app and fingerprint
Deprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
Warning: Apps must use the web application flow to obtain OAuth tokens that work with GitHub Enterprise Server SAML organizations. OAuth tokens created using the Authorizations API will be unable to access GitHub Enterprise Server SAML organizations. For more information, see the blog post.
This method will create a new authorization for the specified OAuth application, only if an authorization for that application and fingerprint do not already exist for the user. The URL includes the 20 character client ID for the OAuth app that is requesting the token. fingerprint
is a unique string to distinguish an authorization from others created for the same client ID and user. It returns the user's existing authorization for the application if one is present. Otherwise, it creates and returns a new one.
If you have two-factor authentication setup, Basic Authentication for this endpoint requires that you use a one-time password (OTP) and your username and password instead of tokens. For more information, see "Working with two-factor authentication."
Параметры для "Get-or-create an authorization for a specific app and fingerprint"
Имя., Тип, Description |
---|
accept string Setting to |
Имя., Тип, Description |
---|
client_id string Обязательное полеThe client ID of the OAuth app. |
fingerprint string Обязательное поле |
Имя., Тип, Description |
---|
client_secret string Обязательное полеThe OAuth app client secret for which to create the token. |
scopes array of strings or null A list of scopes that this authorization is in. |
note string A note to remind you what the OAuth token is for. |
note_url string A URL to remind you what app the OAuth token is for. |
Коды состояния http-ответа для "Get-or-create an authorization for a specific app and fingerprint"
Код состояния | Описание |
---|---|
200 | if returning an existing token |
201 | Response if returning a new token |
422 | Validation failed, or the endpoint has been spammed. |
Примеры кода для "Get-or-create an authorization for a specific app and fingerprint"
Примеры запросов
curl -L \
-X PUT \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/authorizations/clients/abcde12345fghij67890/FINGERPRINT \
-d '{"client_secret":"3ef4ad510c59ad37bac6bb4f80047fb3aee3cc7f","scopes":["public_repo"],"note":"optional note","note_url":"http://optional/note/url"}'
if returning an existing token
Status: 200
{
"id": 1,
"url": "https://HOSTNAME/authorizations/1",
"scopes": [
"public_repo"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"expires_at": "2011-10-06T17:26:27Z",
"fingerprint": "jklmnop12345678"
}
Get a single authorization
Deprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
Параметры для "Get a single authorization"
Имя., Тип, Description |
---|
accept string Setting to |
Имя., Тип, Description |
---|
authorization_id integer Обязательное полеThe unique identifier of the authorization. |
Коды состояния http-ответа для "Get a single authorization"
Код состояния | Описание |
---|---|
200 | OK |
304 | Not modified |
401 | Requires authentication |
403 | Forbidden |
Примеры кода для "Get a single authorization"
Пример запроса
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/authorizations/AUTHORIZATION_ID
Response
Status: 200
{
"id": 1,
"url": "https://HOSTNAME/authorizations/1",
"scopes": [
"public_repo"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"expires_at": "2011-10-06T17:26:27Z",
"fingerprint": "jklmnop12345678"
}
Update an existing authorization
Deprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
If you have two-factor authentication setup, Basic Authentication for this endpoint requires that you use a one-time password (OTP) and your username and password instead of tokens. For more information, see "Working with two-factor authentication."
You can only send one of these scope keys at a time.
Параметры для "Update an existing authorization"
Имя., Тип, Description |
---|
accept string Setting to |
Имя., Тип, Description |
---|
authorization_id integer Обязательное полеThe unique identifier of the authorization. |
Имя., Тип, Description |
---|
scopes array of strings or null A list of scopes that this authorization is in. |
add_scopes array of strings A list of scopes to add to this authorization. |
remove_scopes array of strings A list of scopes to remove from this authorization. |
note string A note to remind you what the OAuth token is for. |
note_url string A URL to remind you what app the OAuth token is for. |
fingerprint string A unique string to distinguish an authorization from others created for the same client ID and user. |
Коды состояния http-ответа для "Update an existing authorization"
Код состояния | Описание |
---|---|
200 | OK |
422 | Validation failed, or the endpoint has been spammed. |
Примеры кода для "Update an existing authorization"
Пример запроса
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/authorizations/AUTHORIZATION_ID \
-d '{"add_scopes":["public_repo"],"remove_scopes":["user"],"note":"optional note"}'
Response
Status: 200
{
"id": 1,
"url": "https://HOSTNAME/authorizations/1",
"scopes": [
"public_repo"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"expires_at": "2011-10-06T17:26:27Z",
"fingerprint": "jklmnop12345678"
}
Delete an authorization
Deprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
Параметры для "Delete an authorization"
Имя., Тип, Description |
---|
accept string Setting to |
Имя., Тип, Description |
---|
authorization_id integer Обязательное полеThe unique identifier of the authorization. |
Коды состояния http-ответа для "Delete an authorization"
Код состояния | Описание |
---|---|
204 | No Content |
304 | Not modified |
401 | Requires authentication |
403 | Forbidden |
Примеры кода для "Delete an authorization"
Пример запроса
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/authorizations/AUTHORIZATION_ID
Response
Status: 204