Use the REST API to manage the access OAuth apps have to your account.
About OAuth authorizationsYou can use the REST API to manage the access OAuth apps have to your account. You can only access these endpoints via basic authentication using your username and password, not tokens.
List your grantsWarning
Closing down notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November 13, 2020. For more information, including scheduled brownouts, see the blog post.
You can use this API to list the set of OAuth applications that have been granted access to your account. Unlike the list your authorizations API, this API does not manage individual tokens. This API will return one entry for each OAuth application that has been granted access to your account, regardless of the number of tokens an application has generated for your user. The list of OAuth applications returned matches what is shown on the application authorizations settings screen within GitHub. The scopes returned are the union of scopes authorized for the application. For example, if an application has one token with repo scope and another token with user scope, the grant will return ["repo", "user"].
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "List your grants" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
per_page integer
The number of results per page (max 100). For more information, see "Using pagination in the REST API."
Default: 30
page integer
The page number of the results to fetch. For more information, see "Using pagination in the REST API."
Default: 1
client_id string
The client ID of your GitHub app.
HTTP response status codes for "List your grants" Status code Description200
OK
304
Not modified
401
Requires authentication
403
Forbidden
404
Resource not found
Code samples for "List your grants" Request exampleCopy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/applications/grants
Response
Status: 200
[ { "id": 1, "url": "https://HOSTNAME/applications/grants/1", "app": { "url": "http://my-github-app.com", "name": "my github app", "client_id": "abcde12345fghij67890" }, "created_at": "2011-09-06T17:26:27Z", "updated_at": "2011-09-06T20:39:23Z", "scopes": [ "public_repo" ] } ]
Warning
Closing down notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November 13, 2020. For more information, including scheduled brownouts, see the blog post.
Fine-grained access tokens for "Get a single grant"This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Get a single grant" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
grant_id integer Required
The unique identifier of the grant.
HTTP response status codes for "Get a single grant" Status code Description200
OK
304
Not modified
401
Requires authentication
403
Forbidden
Code samples for "Get a single grant" Request exampleget/applications/grants/{grant_id}
Copy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/applications/grants/GRANT_ID
Response
Status: 200
{ "id": 1, "url": "https://HOSTNAME/applications/grants/1", "app": { "url": "http://my-github-app.com", "name": "my github app", "client_id": "abcde12345fghij67890" }, "created_at": "2011-09-06T17:26:27Z", "updated_at": "2011-09-06T20:39:23Z", "scopes": [ "public_repo" ] }
delete/applications/grants/{grant_id}
Copy to clipboard curl request example
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/applications/grants/GRANT_ID
Response
List your authorizationsWarning
Closing down notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November 13, 2020. For more information, including scheduled brownouts, see the blog post.
Fine-grained access tokens for "List your authorizations"This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "List your authorizations" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
per_page integer
The number of results per page (max 100). For more information, see "Using pagination in the REST API."
Default: 30
page integer
The page number of the results to fetch. For more information, see "Using pagination in the REST API."
Default: 1
client_id string
The client ID of your GitHub app.
HTTP response status codes for "List your authorizations" Status code Description200
OK
304
Not modified
401
Requires authentication
403
Forbidden
404
Resource not found
Code samples for "List your authorizations" Request exampleCopy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/authorizations
Response
Status: 200
[ { "id": 2, "url": "https://enterprise.octocat.com/api/v3/authorizations/2", "app": { "name": "My personal access token", "url": "https://docs.github.com/enterprise/rest/enterprise-admin/users#list-personal-access-tokens", "client_id": "00000000000000000000" }, "token": "ghp_16C7e42F292c6912E7710c838347Ae178B4a", "hashed_token": "23cffb2fab1b0a62747863eba88cb9327e561f2f7a0c8661c0d9b83146cb8d45", "token_last_eight": "Ae178B4a", "note": "My personal access token", "note_url": null, "created_at": "2019-04-24T21:49:02Z", "updated_at": "2019-04-24T21:49:02Z", "scopes": [ "admin:business", "admin:gpg_key", "admin:org", "admin:org_hook", "admin:pre_receive_hook", "admin:public_key", "admin:repo_hook", "delete_repo", "gist", "notifications", "repo", "user", "write:discussion" ], "fingerprint": null } ]
Warning
Closing down notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November 13 2020. For more information, including scheduled brownouts, see the blog post.
Warning
Apps must use the web application flow to obtain OAuth tokens that work with GitHub Enterprise Server SAML organizations. OAuth tokens created using the Authorizations API will be unable to access GitHub Enterprise Server SAML organizations. For more information, see the blog post.
Creates OAuth tokens using Basic Authentication. If you have two-factor authentication setup, Basic Authentication for this endpoint requires that you use a one-time password (OTP) and your username and password instead of tokens. For more information, see "Working with two-factor authentication."
To create tokens for a particular OAuth application using this endpoint, you must authenticate as the user you want to create an authorization for and provide the app's client ID and secret, found on your OAuth application's settings page. If your OAuth application intends to create multiple tokens for one user, use fingerprint to differentiate between them.
You can also create tokens on GitHub Enterprise Server from the personal access tokens settings page. Read more about these tokens in the GitHub Help documentation.
Organizations that enforce SAML SSO require personal access tokens to be allowed. For more information, see "About identity and access management with SAML single sign-on" in the GitHub Enterprise Cloud documentation.
Fine-grained access tokens for "Create a new authorization"This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Create a new authorization" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
scopes array of strings or null
A list of scopes that this authorization is in.
note string
A note to remind you what the OAuth token is for.
note_url string
A URL to remind you what app the OAuth token is for.
client_id string
The OAuth app client key for which to create the token.
client_secret string
The OAuth app client secret for which to create the token.
fingerprint string
A unique string to distinguish an authorization from others created for the same client ID and user.
HTTP response status codes for "Create a new authorization" Status code Description201
Created
304
Not modified
401
Requires authentication
403
Forbidden
410
Gone
422
Validation failed, or the endpoint has been spammed.
Code samples for "Create a new authorization" Request exampleCopy to clipboard curl request example
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/authorizations \ -d '{"scopes":["public_repo"],"note":"optional note","note_url":"http://optional/note/url","client_id":"abcde12345fghij67890","client_secret":"3ef4ad510c59ad37bac6bb4f80047fb3aee3cc7f"}'
Response
Status: 201
{ "id": 1, "url": "https://HOSTNAME/authorizations/1", "scopes": [ "public_repo" ], "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a", "token_last_eight": "Ae178B4a", "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8", "app": { "url": "http://my-github-app.com", "name": "my github app", "client_id": "abcde12345fghij67890" }, "note": "optional note", "note_url": "http://optional/note/url", "updated_at": "2011-09-06T20:39:23Z", "created_at": "2011-09-06T17:26:27Z", "expires_at": "2011-10-06T17:26:27Z", "fingerprint": "jklmnop12345678" }
Warning
Closing down notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November 13, 2020. For more information, including scheduled brownouts, see the blog post.
Warning
Apps must use the web application flow to obtain OAuth tokens that work with GitHub Enterprise Server SAML organizations. OAuth tokens created using the Authorizations API will be unable to access GitHub Enterprise Server SAML organizations. For more information, see the blog post.
Creates a new authorization for the specified OAuth application, only if an authorization for that application doesn't already exist for the user. The URL includes the 20 character client ID for the OAuth app that is requesting the token. It returns the user's existing authorization for the application if one is present. Otherwise, it creates and returns a new one.
If you have two-factor authentication setup, Basic Authentication for this endpoint requires that you use a one-time password (OTP) and your username and password instead of tokens. For more information, see "Working with two-factor authentication."
Fine-grained access tokens for "Get-or-create an authorization for a specific app"This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Get-or-create an authorization for a specific app" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
client_id string Required
The client ID of the OAuth app.
Body parameters Name, Type, Descriptionclient_secret string Required
The OAuth app client secret for which to create the token.
scopes array of strings or null
A list of scopes that this authorization is in.
note string
A note to remind you what the OAuth token is for.
note_url string
A URL to remind you what app the OAuth token is for.
fingerprint string
A unique string to distinguish an authorization from others created for the same client ID and user.
HTTP response status codes for "Get-or-create an authorization for a specific app" Status code Description200
if returning an existing token
201
Warning
Closing down notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November 13, 2020. For more information, including scheduled brownouts, see the blog post.
304
Not modified
401
Requires authentication
403
Forbidden
422
Validation failed, or the endpoint has been spammed.
Code samples for "Get-or-create an authorization for a specific app" Request examplesput/authorizations/clients/{client_id}
Copy to clipboard curl request example
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/authorizations/clients/abcde12345fghij67890 \ -d '{"client_secret":"3ef4ad510c59ad37bac6bb4f80047fb3aee3cc7f","scopes":["public_repo"],"note":"optional note","note_url":"http://optional/note/url"}'
if returning an existing token
Status: 200
{ "id": 1, "url": "https://HOSTNAME/authorizations/1", "scopes": [ "public_repo" ], "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a", "token_last_eight": "Ae178B4a", "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8", "app": { "url": "http://my-github-app.com", "name": "my github app", "client_id": "abcde12345fghij67890" }, "note": "optional note", "note_url": "http://optional/note/url", "updated_at": "2011-09-06T20:39:23Z", "created_at": "2011-09-06T17:26:27Z", "expires_at": "2011-10-06T17:26:27Z", "fingerprint": "" }
Warning
Closing down notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November 13, 2020. For more information, including scheduled brownouts, see the blog post.
Warning
Apps must use the web application flow to obtain OAuth tokens that work with GitHub Enterprise Server SAML organizations. OAuth tokens created using the Authorizations API will be unable to access GitHub Enterprise Server SAML organizations. For more information, see the blog post.
This method will create a new authorization for the specified OAuth application, only if an authorization for that application and fingerprint do not already exist for the user. The URL includes the 20 character client ID for the OAuth app that is requesting the token. fingerprint is a unique string to distinguish an authorization from others created for the same client ID and user. It returns the user's existing authorization for the application if one is present. Otherwise, it creates and returns a new one.
If you have two-factor authentication setup, Basic Authentication for this endpoint requires that you use a one-time password (OTP) and your username and password instead of tokens. For more information, see "Working with two-factor authentication."
Fine-grained access tokens for "Get-or-create an authorization for a specific app and fingerprint"This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Get-or-create an authorization for a specific app and fingerprint" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
client_id string Required
The client ID of the OAuth app.
fingerprint string Required
client_secret string Required
The OAuth app client secret for which to create the token.
scopes array of strings or null
A list of scopes that this authorization is in.
note string
A note to remind you what the OAuth token is for.
note_url string
A URL to remind you what app the OAuth token is for.
HTTP response status codes for "Get-or-create an authorization for a specific app and fingerprint" Status code Description200
if returning an existing token
201
Response if returning a new token
422
Validation failed, or the endpoint has been spammed.
Code samples for "Get-or-create an authorization for a specific app and fingerprint" Request examplesput/authorizations/clients/{client_id}/{fingerprint}
Copy to clipboard curl request example
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/authorizations/clients/abcde12345fghij67890/FINGERPRINT \ -d '{"client_secret":"3ef4ad510c59ad37bac6bb4f80047fb3aee3cc7f","scopes":["public_repo"],"note":"optional note","note_url":"http://optional/note/url"}'
if returning an existing token
Status: 200
{ "id": 1, "url": "https://HOSTNAME/authorizations/1", "scopes": [ "public_repo" ], "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a", "token_last_eight": "Ae178B4a", "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8", "app": { "url": "http://my-github-app.com", "name": "my github app", "client_id": "abcde12345fghij67890" }, "note": "optional note", "note_url": "http://optional/note/url", "updated_at": "2011-09-06T20:39:23Z", "created_at": "2011-09-06T17:26:27Z", "expires_at": "2011-10-06T17:26:27Z", "fingerprint": "jklmnop12345678" }
Warning
Closing down notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November 13, 2020. For more information, including scheduled brownouts, see the blog post.
Fine-grained access tokens for "Get a single authorization"This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Get a single authorization" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
authorization_id integer Required
The unique identifier of the authorization.
HTTP response status codes for "Get a single authorization" Status code Description200
OK
304
Not modified
401
Requires authentication
403
Forbidden
Code samples for "Get a single authorization" Request exampleget/authorizations/{authorization_id}
Copy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/authorizations/AUTHORIZATION_ID
Response
Status: 200
{ "id": 1, "url": "https://HOSTNAME/authorizations/1", "scopes": [ "public_repo" ], "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a", "token_last_eight": "Ae178B4a", "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8", "app": { "url": "http://my-github-app.com", "name": "my github app", "client_id": "abcde12345fghij67890" }, "note": "optional note", "note_url": "http://optional/note/url", "updated_at": "2011-09-06T20:39:23Z", "created_at": "2011-09-06T17:26:27Z", "expires_at": "2011-10-06T17:26:27Z", "fingerprint": "jklmnop12345678" }
Warning
Closing down notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November 13, 2020. For more information, including scheduled brownouts, see the blog post.
If you have two-factor authentication setup, Basic Authentication for this endpoint requires that you use a one-time password (OTP) and your username and password instead of tokens. For more information, see "Working with two-factor authentication."
You can only send one of these scope keys at a time.
Fine-grained access tokens for "Update an existing authorization"This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Update an existing authorization" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
authorization_id integer Required
The unique identifier of the authorization.
Body parameters Name, Type, Descriptionscopes array of strings or null
A list of scopes that this authorization is in.
add_scopes array of strings
A list of scopes to add to this authorization.
remove_scopes array of strings
A list of scopes to remove from this authorization.
note string
A note to remind you what the OAuth token is for.
note_url string
A URL to remind you what app the OAuth token is for.
fingerprint string
A unique string to distinguish an authorization from others created for the same client ID and user.
HTTP response status codes for "Update an existing authorization" Status code Description200
OK
422
Validation failed, or the endpoint has been spammed.
Code samples for "Update an existing authorization" Request examplepatch/authorizations/{authorization_id}
Copy to clipboard curl request example
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/authorizations/AUTHORIZATION_ID \ -d '{"add_scopes":["public_repo"],"remove_scopes":["user"],"note":"optional note"}'
Response
Status: 200
{ "id": 1, "url": "https://HOSTNAME/authorizations/1", "scopes": [ "public_repo" ], "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a", "token_last_eight": "Ae178B4a", "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8", "app": { "url": "http://my-github-app.com", "name": "my github app", "client_id": "abcde12345fghij67890" }, "note": "optional note", "note_url": "http://optional/note/url", "updated_at": "2011-09-06T20:39:23Z", "created_at": "2011-09-06T17:26:27Z", "expires_at": "2011-10-06T17:26:27Z", "fingerprint": "jklmnop12345678" }
Warning
Closing down notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November 13, 2020. For more information, including scheduled brownouts, see the blog post.
Fine-grained access tokens for "Delete an authorization"This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Delete an authorization" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
authorization_id integer Required
The unique identifier of the authorization.
HTTP response status codes for "Delete an authorization" Status code Description204
No Content
304
Not modified
401
Requires authentication
403
Forbidden
Code samples for "Delete an authorization" Request exampledelete/authorizations/{authorization_id}
Copy to clipboard curl request example
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/authorizations/AUTHORIZATION_ID
Response
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4