per_pageinteger
Results per page (max 100)
Default:30
pageinteger
Page number of the results to fetch.
Default:1
client_idstring
The client ID of your GitHub app.
List your grants
DEPRECATEDDeprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
You can use this API to list the set of OAuth applications that have been granted access to your account. Unlike the list your authorizations API, this API does not manage individual tokens. This API will return one entry for each OAuth application that has been granted access to your account, regardless of the number of tokens an application has generated for your user. The list of OAuth applications returned matches what is shown on the application authorizations settings screen within GitHub. The scopes returned are the union of scopes authorized for the application. For example, if an application has one token with repo scope and another token with user scope, the grant will return ["repo", "user"].
get
{protocol}://{hostname}/api/v3/applications/grants
Query Parameters
Response
application/json
Response
application/json
Response
The authorization associated with an OAuth Access.
idintegerrequired
Example:1
urlstring(uri)required
Example:https://api.github.com/applications/grants/1
appobjectrequired
Show Child Parameters
created_atstring(date-time)required
Example:2011-09-06T17:26:27Z
updated_atstring(date-time)required
Example:2011-09-06T20:39:23Z
scopesarray[string]required
Example:["public_repo"]
userobject | null
Simple User
Show Child Parameters
get/applications/grants
Query Parameters
application/json
Get a single grant
DEPRECATEDDeprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
get
{protocol}://{hostname}/api/v3/applications/grants/{grant_id}
Path Parameters
grant_idintegerrequired
grant_id parameter
Response
application/json
Response
application/json
Response
Application Grant
The authorization associated with an OAuth Access.
idintegerrequired
Example:1
urlstring(uri)required
Example:https://api.github.com/applications/grants/1
appobjectrequired
Show Child Parameters
created_atstring(date-time)required
Example:2011-09-06T17:26:27Z
updated_atstring(date-time)required
Example:2011-09-06T20:39:23Z
scopesarray[string]required
Example:["public_repo"]
userobject | null
Simple User
Show Child Parameters
get/applications/grants/{grant_id}
Path Parameters
application/json
Delete a grant
DEPRECATEDDeprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
Deleting an OAuth application’s grant will also delete all OAuth tokens associated with the application for your user. Once deleted, the application has no access to your account and is no longer listed on the application authorizations settings screen within GitHub.
delete
{protocol}://{hostname}/api/v3/applications/grants/{grant_id}
Path Parameters
grant_idintegerrequired
grant_id parameter
Response
Response
Response
delete/applications/grants/{grant_id}
Path Parameters
List your authorizations
DEPRECATEDDeprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
get
{protocol}://{hostname}/api/v3/authorizations
Query Parameters
per_pageinteger
Results per page (max 100)
Default:30
pageinteger
Page number of the results to fetch.
Default:1
client_idstring
The client ID of your GitHub app.
Response
application/json
Response
application/json
Response
The authorization for an OAuth app, GitHub App, or a Personal Access Token.
idintegerrequired
urlstring(uri)required
scopesarray | null[string]required
A list of scopes that this authorization is in.
tokenstringrequired
token_last_eightstring | nullrequired
hashed_tokenstring | nullrequired
appobjectrequired
Show Child Parameters
notestring | nullrequired
note_urlstring | null(uri)required
updated_atstring(date-time)required
created_atstring(date-time)required
fingerprintstring | nullrequired
userobject | null
Simple User
Show Child Parameters
installationobject | null
Show Child Parameters
get/authorizations
Query Parameters
application/json
Create a new authorization
DEPRECATEDDeprecation Notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November, 13, 2020. For more information, including scheduled brownouts, see the blog post.
Warning: Apps must use the web application flow to obtain OAuth tokens that work with GitHub Enterprise Server SAML organizations. OAuth tokens created using the Authorizations API will be unable to access GitHub Enterprise Server SAML organizations. For more information, see the blog post.
Creates OAuth tokens using Basic Authentication. If you have two-factor authentication setup, Basic Authentication for this endpoint requires that you use a one-time password (OTP) and your username and password instead of tokens. For more information, see “Working with two-factor authentication.”
To create tokens for a particular OAuth application using this endpoint, you must authenticate as the user you want to create an authorization for and provide the app’s client ID and secret, found on your OAuth application’s settings page. If your OAuth application intends to create multiple tokens for one user, use fingerprint to differentiate between them.
You can also create tokens on GitHub Enterprise Server from the personal access tokens settings page. Read more about these tokens in the GitHub Help documentation.
Organizations that enforce SAML SSO require personal access tokens to be allowed. Read more about allowing tokens in the GitHub Help documentation.
post
{protocol}://{hostname}/api/v3/authorizations
Body
application/json
Body
application/json
scopesarray | null[string]
A list of scopes that this authorization is in.
Example:["public_repo","user"]
notestring
A note to remind you what the OAuth token is for.
Example:Update all gems
note_urlstring
A URL to remind you what app the OAuth token is for.
client_idstring
The OAuth app client key for which to create the token.
<= 20 characters
client_secretstring
The OAuth app client secret for which to create the token.
<= 40 characters
fingerprintstring
A unique string to distinguish an authorization from others created for the same client ID and user.
Response
application/json
Response
application/json
Response
Authorization
The authorization for an OAuth app, GitHub App, or a Personal Access Token.
idintegerrequired
urlstring(uri)required
scopesarray | null[string]required
A list of scopes that this authorization is in.
tokenstringrequired
token_last_eightstring | nullrequired
hashed_tokenstring | nullrequired
appobjectrequired
Show Child Parameters
notestring | nullrequired
note_urlstring | null(uri)required
updated_atstring(date-time)required
created_atstring(date-time)required
fingerprintstring | nullrequired
userobject | null
Simple User
Show Child Parameters
installationobject | null
Show Child Parameters
post/authorizations
Body
{}
application/json