Pontos de extremidade da API REST para autorizações de OAuth
Usar a API REST para interagir com os OAuth apps e as autorizações OAuth dos GitHub Apps
Sobre OAuth apps e autorizações OAuth de GitHub Apps
Você pode usar esses pontos de extremidade para gerenciar tokens OAuth que os OAuth apps ou GitHub Apps usam para acessar as contas das pessoas no GitHub.
Os tokens de OAuth apps têm o prefixo gho_, enquanto os tokens OAuth para GitHub Apps, usados para autenticação em nome do usuário, têm o prefixo ghu_. Você pode usar os endpoints a seguir para ambos os tipos de tokens OAuth.
Delete an app authorization
OAuth and GitHub application owners can revoke a grant for their application and a specific user. You must provide a valid OAuth access_token as an input parameter and the grant for the token's owner will be deleted.
Deleting an application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on the application authorizations settings screen within GitHub.
basic_auth_heading
basic_auth
Parâmetros para "Delete an app authorization"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
client_id string ObrigatórioThe client ID of the GitHub app. |
| Nome, Tipo, Descrição |
|---|
access_token string ObrigatórioThe OAuth access token used to authenticate to the GitHub API. |
http_status_code
| status_code | Descrição |
|---|---|
204 | No Content |
422 | Validation failed, or the endpoint has been spammed. |
code_samples
request_example
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-u "<YOUR_CLIENT_ID>:<YOUR_CLIENT_SECRET>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/applications/Iv1.8a61f9b3a7aba766/grant \
-d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'Response
Status: 204Check a token
OAuth applications and GitHub applications with OAuth authorizations can use this API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. Invalid tokens will return 404 NOT FOUND.
basic_auth_heading
basic_auth
Parâmetros para "Check a token"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
client_id string ObrigatórioThe client ID of the GitHub app. |
| Nome, Tipo, Descrição |
|---|
access_token string ObrigatórioThe access_token of the OAuth or GitHub application. |
http_status_code
| status_code | Descrição |
|---|---|
200 | OK |
404 | Resource not found |
422 | Validation failed, or the endpoint has been spammed. |
code_samples
request_example
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-u "<YOUR_CLIENT_ID>:<YOUR_CLIENT_SECRET>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/applications/Iv1.8a61f9b3a7aba766/token \
-d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'Response
Status: 200{
"id": 1,
"url": "https://HOSTNAME/authorizations/1",
"scopes": [
"public_repo",
"user"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "Iv1.8a61f9b3a7aba766"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"fingerprint": "jklmnop12345678",
"expires_at": "2011-09-08T17:26:27Z",
"user": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://HOSTNAME/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://HOSTNAME/users/octocat/followers",
"following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
"gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
"organizations_url": "https://HOSTNAME/users/octocat/orgs",
"repos_url": "https://HOSTNAME/users/octocat/repos",
"events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/octocat/received_events",
"type": "User",
"site_admin": false
}
}Reset a token
OAuth applications and GitHub applications with OAuth authorizations can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the "token" property in the response because changes take effect immediately. Invalid tokens will return 404 NOT FOUND.
basic_auth_heading
basic_auth
Parâmetros para "Reset a token"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
client_id string ObrigatórioThe client ID of the GitHub app. |
| Nome, Tipo, Descrição |
|---|
access_token string ObrigatórioThe access_token of the OAuth or GitHub application. |
http_status_code
| status_code | Descrição |
|---|---|
200 | OK |
422 | Validation failed, or the endpoint has been spammed. |
code_samples
request_example
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-u "<YOUR_CLIENT_ID>:<YOUR_CLIENT_SECRET>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/applications/Iv1.8a61f9b3a7aba766/token \
-d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'Response
Status: 200{
"id": 1,
"url": "https://HOSTNAME/authorizations/1",
"scopes": [
"public_repo",
"user"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "Iv1.8a61f9b3a7aba766"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"fingerprint": "jklmnop12345678",
"expires_at": "2011-09-08T17:26:27Z",
"user": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://HOSTNAME/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://HOSTNAME/users/octocat/followers",
"following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
"gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
"organizations_url": "https://HOSTNAME/users/octocat/orgs",
"repos_url": "https://HOSTNAME/users/octocat/repos",
"events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/octocat/received_events",
"type": "User",
"site_admin": false
}
}Delete an app token
OAuth or GitHub application owners can revoke a single token for an OAuth application or a GitHub application with an OAuth authorization.
basic_auth_heading
basic_auth
Parâmetros para "Delete an app token"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
client_id string ObrigatórioThe client ID of the GitHub app. |
| Nome, Tipo, Descrição |
|---|
access_token string ObrigatórioThe OAuth access token used to authenticate to the GitHub API. |
http_status_code
| status_code | Descrição |
|---|---|
204 | No Content |
422 | Validation failed, or the endpoint has been spammed. |
code_samples
request_example
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-u "<YOUR_CLIENT_ID>:<YOUR_CLIENT_SECRET>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/applications/Iv1.8a61f9b3a7aba766/token \
-d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'Response
Status: 204