Diese Version von GitHub Enterprise Server wurde eingestellt am 2024-03-26. Es wird keine Patch-Freigabe vorgenommen, auch nicht für kritische Sicherheitsprobleme. Für bessere Leistung, verbesserte Sicherheit und neue Features aktualisiere auf die neueste Version von GitHub Enterprise Server. Wende dich an den GitHub Enterprise-Support, um Hilfe zum Upgrade zu erhalten.

Nachdem deine Enterprise Server-Instanz durch Websiteadministrator*innen auf Enterprise Server 3.9 oder höher aktualisiert wurde, erhält die REST-API eine Versionskontrolle. Weitere Informationen zum Ermitteln der Version deiner Instanz findest du unter Informationen zu Versionen der GitHub-Dokumentation. Weitere Informationen findest du unter Informationen zur API-Versionsverwaltung.

REST-API-Endpunkte für OAuth-Autorisierungen

Verwenden der REST-API für die Interaktion mit OAuth apps und OAuth-Autorisierungen von GitHub Apps

Informationen zu OAuth apps und OAuth-Autorisierungen von GitHub Apps

Du kannst diese Endpunkte verwenden, um die OAuth-Token zu verwalten, die OAuth app oder GitHub Apps für den Zugriff auf die Konten von Personen auf Ihre GitHub Enterprise Server-Instance verwenden.

Token für OAuth apps weisen das Präfix gho_ auf, während OAuth-Token für GitHub Apps, die für die Authentifizierung im Namen des Benutzers verwendet werden, das Präfix ghu_ aufweisen. Du kannst die folgenden Endpunkte für beide Typen von OAuth-Token verwenden.

Delete an app authorization

OAuth and GitHub application owners can revoke a grant for their application and a specific user. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password. You must also provide a valid OAuth access_token as an input parameter and the grant for the token's owner will be deleted. Deleting an application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on the application authorizations settings screen within GitHub.

Parameter für „Delete an app authorization“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
client_id string Erforderlich

The client ID of the GitHub app.

Textparameter
access_token string Erforderlich

The OAuth access token used to authenticate to the GitHub API.

HTTP-Antwortstatuscodes für „Delete an app authorization“

StatuscodeBESCHREIBUNG
204

No Content

422

Validation failed, or the endpoint has been spammed.

Codebeispiele für „Delete an app authorization“

Beispiel für eine Anfrage

delete/applications/{client_id}/grant
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/applications/Iv1.8a61f9b3a7aba766/grant \ -d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'

Response

Status: 204

Check a token

OAuth applications and GitHub applications with OAuth authorizations can use this API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use Basic Authentication to use this endpoint, where the username is the application client_id and the password is its client_secret. Invalid tokens will return 404 NOT FOUND.

Parameter für „Check a token“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
client_id string Erforderlich

The client ID of the GitHub app.

Textparameter
access_token string Erforderlich

The access_token of the OAuth or GitHub application.

HTTP-Antwortstatuscodes für „Check a token“

StatuscodeBESCHREIBUNG
200

OK

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Codebeispiele für „Check a token“

Beispiel für eine Anfrage

post/applications/{client_id}/token
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/applications/Iv1.8a61f9b3a7aba766/token \ -d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'

Response

Status: 200
{ "id": 1, "url": "https://HOSTNAME/authorizations/1", "scopes": [ "public_repo", "user" ], "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a", "token_last_eight": "Ae178B4a", "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8", "app": { "url": "http://my-github-app.com", "name": "my github app", "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", "updated_at": "2011-09-06T20:39:23Z", "created_at": "2011-09-06T17:26:27Z", "fingerprint": "jklmnop12345678", "expires_at": "2011-09-08T17:26:27Z", "user": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false } }

Reset a token

OAuth applications and GitHub applications with OAuth authorizations can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the "token" property in the response because changes take effect immediately. You must use Basic Authentication when accessing this endpoint, using the application's client_id and client_secret as the username and password. Invalid tokens will return 404 NOT FOUND.

Parameter für „Reset a token“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
client_id string Erforderlich

The client ID of the GitHub app.

Textparameter
access_token string Erforderlich

The access_token of the OAuth or GitHub application.

HTTP-Antwortstatuscodes für „Reset a token“

StatuscodeBESCHREIBUNG
200

OK

422

Validation failed, or the endpoint has been spammed.

Codebeispiele für „Reset a token“

Beispiel für eine Anfrage

patch/applications/{client_id}/token
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/applications/Iv1.8a61f9b3a7aba766/token \ -d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'

Response

Status: 200
{ "id": 1, "url": "https://HOSTNAME/authorizations/1", "scopes": [ "public_repo", "user" ], "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a", "token_last_eight": "Ae178B4a", "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8", "app": { "url": "http://my-github-app.com", "name": "my github app", "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", "updated_at": "2011-09-06T20:39:23Z", "created_at": "2011-09-06T17:26:27Z", "fingerprint": "jklmnop12345678", "expires_at": "2011-09-08T17:26:27Z", "user": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false } }

Delete an app token

OAuth or GitHub application owners can revoke a single token for an OAuth application or a GitHub application with an OAuth authorization. You must use Basic Authentication when accessing this endpoint, using the application's client_id and client_secret as the username and password.

Parameter für „Delete an app token“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
client_id string Erforderlich

The client ID of the GitHub app.

Textparameter
access_token string Erforderlich

The OAuth access token used to authenticate to the GitHub API.

HTTP-Antwortstatuscodes für „Delete an app token“

StatuscodeBESCHREIBUNG
204

No Content

422

Validation failed, or the endpoint has been spammed.

Codebeispiele für „Delete an app token“

Beispiel für eine Anfrage

delete/applications/{client_id}/token
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/applications/Iv1.8a61f9b3a7aba766/token \ -d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'

Response

Status: 204