用于企业凭据授权的 REST API 终结点

使用 REST API 管理企业凭据授权。

Revoke all credential authorizations for an enterprise

Revokes all credential authorizations for all organizations within the enterprise. This includes any guest, outside, or repository collaborators.

For Enterprise Managed User (EMU) enterprises, you can optionally also destroy all credentials (PATs v1, PATs v2, and SSH keys) owned by enterprise members by setting the revoke_credentials parameter to true.

This operation is performed asynchronously. A background job will be queued to process the revocations.

Warning

If you use a personal access token to call this endpoint, that token may also be revoked or destroyed as part of this operation.

The authenticated user must be an enterprise owner or have the write_enterprise_credentials permission to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

“Revoke all credential authorizations for an enterprise”的细粒度访问令牌

此端点支持以下精细令牌类型:

细粒度令牌必须具有以下权限集:

"Enterprise credentials" enterprise permissions (write)

“”Revoke all credential authorizations for an enterprise 的参数

标头
名称, 类型, 说明
`accept` string Setting to `application/vnd.github+json` is recommended.

路径参数
名称, 类型, 说明
`enterprise` string 必须 The slug version of the enterprise name.

主体参数
名称, 类型, 说明
`revoke_credentials` boolean Whether to also destroy the actual credentials (PATs and SSH keys) owned by enterprise members. This option is only available for Enterprise Managed User (EMU) enterprises. When set to `true`, all PATs (v1 and v2) and SSH keys owned by enterprise members will be destroyed in addition to the credential authorizations. 默认: `false`

“Revoke all credential authorizations for an enterprise”的 HTTP 响应状态代码

状态代码	说明
`202`	Accepted - The revocation request has been queued
`403`	Forbidden
`404`	Resource not found
`422`	Validation error - The `revoke_credentials` option is only available for EMU enterprises

“Revoke all credential authorizations for an enterprise”的代码示例

如果你在 GHE.com 上访问 GitHub，请将 api.github.com 替换为企业的专用子域，位于 api.SUBDOMAIN.ghe.com。

请求示例

post/enterprises/{enterprise}/credential-authorizations/revoke-all

curl -L \
  -X POST \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2026-03-10" \
  https://api.github.com/enterprises/ENTERPRISE/credential-authorizations/revoke-all \
  -d '{"revoke_credentials":false}'

Accepted - The revocation request has been queued

Status: 202

{
  "message": "Credential authorization revocation has been queued"
}