Pontos de extremidade da API REST para autorizações de credenciais corporativas

Use a API REST para gerenciar as autorizações de credenciais corporativas.

Revoke all credential authorizations for an enterprise

Revokes all credential authorizations for all organizations within the enterprise. This includes any guest, outside, or repository collaborators.

For Enterprise Managed User (EMU) enterprises, you can optionally also destroy all credentials (PATs v1, PATs v2, and SSH keys) owned by enterprise members by setting the revoke_credentials parameter to true.

This operation is performed asynchronously. A background job will be queued to process the revocations.

Warning

If you use a personal access token to call this endpoint, that token may also be revoked or destroyed as part of this operation.

The authenticated user must be an enterprise owner or have the write_enterprise_credentials permission to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Tokens de acesso granulares para "Revoke all credential authorizations for an enterprise"

Este endpoint funciona com os seguintes tipos de token granulares:

O token refinado deve ter os seguintes conjuntos de permissões:

"Enterprise credentials" enterprise permissions (write)

Parâmetros para "Revoke all credential authorizations for an enterprise"

Cabeçalhos
Nome, Tipo, Descrição
`accept` string Setting to `application/vnd.github+json` is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
`enterprise` string Obrigatório The slug version of the enterprise name.

Parâmetros do corpo
Nome, Tipo, Descrição
`revoke_credentials` boolean Whether to also destroy the actual credentials (PATs and SSH keys) owned by enterprise members. This option is only available for Enterprise Managed User (EMU) enterprises. When set to `true`, all PATs (v1 and v2) and SSH keys owned by enterprise members will be destroyed in addition to the credential authorizations. Padrão: `false`

Códigos de status de resposta HTTP para "Revoke all credential authorizations for an enterprise"

Código de status	Descrição
`202`	Accepted - The revocation request has been queued
`403`	Forbidden
`404`	Resource not found
`422`	Validation error - The `revoke_credentials` option is only available for EMU enterprises

Exemplos de código para "Revoke all credential authorizations for an enterprise"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

post/enterprises/{enterprise}/credential-authorizations/revoke-all

curl -L \
  -X POST \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2026-03-10" \
  https://api.github.com/enterprises/ENTERPRISE/credential-authorizations/revoke-all \
  -d '{"revoke_credentials":false}'

Accepted - The revocation request has been queued

Status: 202

{
  "message": "Credential authorization revocation has been queued"
}