Puntos de conexión de la API de REST para las autorizaciones de OAuth
Uso de la API REST para interactuar con OAuth apps y autorizaciones OAuth de GitHub Apps
Acerca de OAuth apps y autorizaciones OAuth de GitHub Apps
Puede usar estos puntos de conexión para administrar los tokens de OAuth que OAuth apps o GitHub Apps usa para acceder a las cuentas de las personas en GitHub.
Los tokens para OAuth apps tienen el prefijo gho_
, mientras que los tokens de OAuth para GitHub Apps, que se usan para autenticarse en nombre del usuario, tienen el prefijo ghu_
. Puedes usar los siguientes puntos de conexión para ambos tipos de tokens de OAuth.
Delete an app authorization
OAuth and GitHub application owners can revoke a grant for their application and a specific user. You must provide a valid OAuth access_token
as an input parameter and the grant for the token's owner will be deleted.
Deleting an application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on the application authorizations settings screen within GitHub.
Autenticación básica para “Delete an app authorization”
Para usar la autenticación básica, debe usar este punto de conexión. Use la aplicación client_id
como nombre de usuario y client_secret
como contraseña.
Parámetros para "Delete an app authorization"
Nombre, Tipo, Descripción |
---|
accept string Setting to |
Nombre, Tipo, Descripción |
---|
client_id string RequeridoThe client ID of the GitHub app. |
Nombre, Tipo, Descripción |
---|
access_token string RequeridoThe OAuth access token used to authenticate to the GitHub API. |
Códigos de estado de respuesta HTTP para "Delete an app authorization"
status code | Descripción |
---|---|
204 | No Content |
422 | Validation failed, or the endpoint has been spammed. |
Ejemplos de código para "Delete an app authorization"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Ejemplo de solicitud
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-u "<YOUR_CLIENT_ID>:<YOUR_CLIENT_SECRET>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/applications/Iv1.8a61f9b3a7aba766/grant \
-d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'
Response
Status: 204
Check a token
OAuth applications and GitHub applications with OAuth authorizations can use this API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. Invalid tokens will return 404 NOT FOUND
.
Autenticación básica para “Check a token”
Para usar la autenticación básica, debe usar este punto de conexión. Use la aplicación client_id
como nombre de usuario y client_secret
como contraseña.
Parámetros para "Check a token"
Nombre, Tipo, Descripción |
---|
accept string Setting to |
Nombre, Tipo, Descripción |
---|
client_id string RequeridoThe client ID of the GitHub app. |
Nombre, Tipo, Descripción |
---|
access_token string RequeridoThe access_token of the OAuth or GitHub application. |
Códigos de estado de respuesta HTTP para "Check a token"
status code | Descripción |
---|---|
200 | OK |
404 | Resource not found |
422 | Validation failed, or the endpoint has been spammed. |
Ejemplos de código para "Check a token"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Ejemplo de solicitud
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-u "<YOUR_CLIENT_ID>:<YOUR_CLIENT_SECRET>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/applications/Iv1.8a61f9b3a7aba766/token \
-d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'
Response
Status: 200
{
"id": 1,
"url": "https://api.github.com/authorizations/1",
"scopes": [
"public_repo",
"user"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "Iv1.8a61f9b3a7aba766"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"fingerprint": "jklmnop12345678",
"expires_at": "2011-09-08T17:26:27Z",
"user": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
}
Reset a token
OAuth applications and GitHub applications with OAuth authorizations can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the "token" property in the response because changes take effect immediately. Invalid tokens will return 404 NOT FOUND
.
Autenticación básica para “Reset a token”
Para usar la autenticación básica, debe usar este punto de conexión. Use la aplicación client_id
como nombre de usuario y client_secret
como contraseña.
Parámetros para "Reset a token"
Nombre, Tipo, Descripción |
---|
accept string Setting to |
Nombre, Tipo, Descripción |
---|
client_id string RequeridoThe client ID of the GitHub app. |
Nombre, Tipo, Descripción |
---|
access_token string RequeridoThe access_token of the OAuth or GitHub application. |
Códigos de estado de respuesta HTTP para "Reset a token"
status code | Descripción |
---|---|
200 | OK |
422 | Validation failed, or the endpoint has been spammed. |
Ejemplos de código para "Reset a token"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Ejemplo de solicitud
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-u "<YOUR_CLIENT_ID>:<YOUR_CLIENT_SECRET>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/applications/Iv1.8a61f9b3a7aba766/token \
-d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'
Response
Status: 200
{
"id": 1,
"url": "https://api.github.com/authorizations/1",
"scopes": [
"public_repo",
"user"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "Iv1.8a61f9b3a7aba766"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"fingerprint": "jklmnop12345678",
"expires_at": "2011-09-08T17:26:27Z",
"user": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
}
Delete an app token
OAuth or GitHub application owners can revoke a single token for an OAuth application or a GitHub application with an OAuth authorization.
Autenticación básica para “Delete an app token”
Para usar la autenticación básica, debe usar este punto de conexión. Use la aplicación client_id
como nombre de usuario y client_secret
como contraseña.
Parámetros para "Delete an app token"
Nombre, Tipo, Descripción |
---|
accept string Setting to |
Nombre, Tipo, Descripción |
---|
client_id string RequeridoThe client ID of the GitHub app. |
Nombre, Tipo, Descripción |
---|
access_token string RequeridoThe OAuth access token used to authenticate to the GitHub API. |
Códigos de estado de respuesta HTTP para "Delete an app token"
status code | Descripción |
---|---|
204 | No Content |
422 | Validation failed, or the endpoint has been spammed. |
Ejemplos de código para "Delete an app token"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Ejemplo de solicitud
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-u "<YOUR_CLIENT_ID>:<YOUR_CLIENT_SECRET>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/applications/Iv1.8a61f9b3a7aba766/token \
-d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'
Response
Status: 204