From 1d6a9ad0ca0398c0104bab52f25726dca9c2ff82 Mon Sep 17 00:00:00 2001 From: Matt Pollard Date: Mon, 13 Sep 2021 01:53:09 +0200 Subject: [PATCH] Version content on personal access token expiration for GitHub Enterprise Server 3.3+ and GitHub AE >M2 (#21421) Co-authored-by: Lucas Costi --- .../apps/building-oauth-apps/authorizing-oauth-apps.md | 4 ++-- .../developers/apps/getting-started-with-apps/about-apps.md | 4 ++-- .../creating-a-personal-access-token.md | 6 +++--- .../reviewing-your-security-log.md | 2 +- .../token-expiration-and-revocation.md | 4 ++-- data/release-notes/enterprise-server/3-2/0-rc1.yml | 6 ------ 6 files changed, 10 insertions(+), 16 deletions(-) diff --git a/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md b/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md index e4e9939b8e..dbd5571257 100644 --- a/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md +++ b/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md @@ -298,8 +298,8 @@ To build this link, you'll need your OAuth Apps `client_id` that you received fr * "[Troubleshooting authorization request errors](/apps/managing-oauth-apps/troubleshooting-authorization-request-errors)" * "[Troubleshooting OAuth App access token request errors](/apps/managing-oauth-apps/troubleshooting-oauth-app-access-token-request-errors)" -{% ifversion fpt or ghae or ghes > 3.0 %}* "[Device flow errors](#error-codes-for-the-device-flow)"{% endif %} -* "[Token expiration and revocation](/github/authenticating-to-github/keeping-your-account-and-data-secure/token-expiration-and-revocation)" +{% ifversion fpt or ghae or ghes > 3.0 %}* "[Device flow errors](#error-codes-for-the-device-flow)"{% endif %}{% ifversion fpt or ghae-issue-4374 or ghes > 3.2 %} +* "[Token expiration and revocation](/github/authenticating-to-github/keeping-your-account-and-data-secure/token-expiration-and-revocation)"{% endif %} ## Further reading diff --git a/content/developers/apps/getting-started-with-apps/about-apps.md b/content/developers/apps/getting-started-with-apps/about-apps.md index b0c1e13016..65c1e00da0 100644 --- a/content/developers/apps/getting-started-with-apps/about-apps.md +++ b/content/developers/apps/getting-started-with-apps/about-apps.md @@ -83,8 +83,8 @@ Keep these ideas in mind when using personal access tokens: * You can perform one-off cURL requests. * You can run personal scripts. * Don't set up a script for your whole team or company to use. -* Don't set up a shared user account to act as a bot user. -* Do set an expiration for your personal access tokens, to help keep your information secure. +* Don't set up a shared user account to act as a bot user.{% ifversion fpt or ghes > 3.2 or ghae-issue-4374 %} +* Do set an expiration for your personal access tokens, to help keep your information secure.{% endif %} ## Determining which integration to build diff --git a/content/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token.md b/content/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token.md index 72c71f4eb7..8d991bc51e 100644 --- a/content/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token.md +++ b/content/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token.md @@ -38,7 +38,7 @@ Personal access tokens (PATs) are an alternative to using passwords for authenti 4. Click **Generate new token**. ![Generate new token button](/assets/images/help/settings/generate_new_token.png) 5. Give your token a descriptive name. - ![Token description field](/assets/images/help/settings/token_description.png){% ifversion fpt or ghes > 3.1 or ghae-issue-4374 %} + ![Token description field](/assets/images/help/settings/token_description.png){% ifversion fpt or ghes > 3.2 or ghae-issue-4374 %} 6. To give your token an expiration, select the **Expiration** drop-down menu, then click a default or use the calendar picker. ![Token expiration field](/assets/images/help/settings/token_expiration.png){% endif %} 7. Select the scopes, or permissions, you'd like to grant this token. To use your token to access repositories from the command line, select **repo**. @@ -76,5 +76,5 @@ Instead of manually entering your PAT for every HTTPS Git operation, you can cac ## Further reading -- "[About authentication to GitHub](/github/authenticating-to-github/about-authentication-to-github)" -- "[Token expiration and revocation](/github/authenticating-to-github/keeping-your-account-and-data-secure/token-expiration-and-revocation)" +- "[About authentication to GitHub](/github/authenticating-to-github/about-authentication-to-github)"{% ifversion fpt or ghae-issue-4374 or ghes > 3.2 %} +- "[Token expiration and revocation](/github/authenticating-to-github/keeping-your-account-and-data-secure/token-expiration-and-revocation)"{% endif %} diff --git a/content/github/authenticating-to-github/keeping-your-account-and-data-secure/reviewing-your-security-log.md b/content/github/authenticating-to-github/keeping-your-account-and-data-secure/reviewing-your-security-log.md index 0f6146a4bd..0207d51eea 100644 --- a/content/github/authenticating-to-github/keeping-your-account-and-data-secure/reviewing-your-security-log.md +++ b/content/github/authenticating-to-github/keeping-your-account-and-data-secure/reviewing-your-security-log.md @@ -123,7 +123,7 @@ An overview of some of the most common actions that are recorded as events in th | Action | Description |------------------|------------------- | `create` | Triggered when you [grant access to an {% data variables.product.prodname_oauth_app %}](/github/authenticating-to-github/keeping-your-account-and-data-secure/authorizing-oauth-apps). -| `destroy` | Triggered when you [revoke an {% data variables.product.prodname_oauth_app %}'s access to your account](/articles/reviewing-your-authorized-integrations) and when [authorizations are revoked or expire](/github/authenticating-to-github/keeping-your-account-and-data-secure/token-expiration-and-revocation). +| `destroy` | Triggered when you [revoke an {% data variables.product.prodname_oauth_app %}'s access to your account](/articles/reviewing-your-authorized-integrations){% ifversion fpt or ghae-issue-4374 or ghes > 3.2 %} and when [authorizations are revoked or expire](/github/authenticating-to-github/keeping-your-account-and-data-secure/token-expiration-and-revocation).{% else %}.{% endif %} {% ifversion fpt %} diff --git a/content/github/authenticating-to-github/keeping-your-account-and-data-secure/token-expiration-and-revocation.md b/content/github/authenticating-to-github/keeping-your-account-and-data-secure/token-expiration-and-revocation.md index 7351e1f3e7..460e607e60 100644 --- a/content/github/authenticating-to-github/keeping-your-account-and-data-secure/token-expiration-and-revocation.md +++ b/content/github/authenticating-to-github/keeping-your-account-and-data-secure/token-expiration-and-revocation.md @@ -11,7 +11,7 @@ topics: shortTitle: Token expiration --- -When a token has expired or has been revoked, it can no longer be used to authenticate Git and API requests. It is not possible to restore an expired or revoked token, you or the application will need to create a new token. +When a token {% ifversion fpt or ghae-issue-4374 or ghes > 3.2 %}has expired or {% endif %} has been revoked, it can no longer be used to authenticate Git and API requests. It is not possible to restore an expired or revoked token, you or the application will need to create a new token. This article explains the possible reasons your {% data variables.product.product_name %} token might be revoked or expire. @@ -21,7 +21,7 @@ This article explains the possible reasons your {% data variables.product.produc {% endnote %} -{% ifversion fpt or ghae-issue-4374 or ghes > 3.1 %} +{% ifversion fpt or ghae-issue-4374 or ghes > 3.2 %} ## Token revoked after reaching its expiration date When you create a personal access token, we recommend that you set an expiration for your token. Upon reaching your token's expiration date, the token is automatically revoked. For more information, see "[Creating a personal access token](/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token)." diff --git a/data/release-notes/enterprise-server/3-2/0-rc1.yml b/data/release-notes/enterprise-server/3-2/0-rc1.yml index 21a4a70453..dcb6cd999e 100644 --- a/data/release-notes/enterprise-server/3-2/0-rc1.yml +++ b/data/release-notes/enterprise-server/3-2/0-rc1.yml @@ -83,12 +83,6 @@ sections: The different token types now have unique identifiable prefixes, which allows for secret scanning to detect the tokens so that you can mitigate the impact of someone accidentally committing a token to a repository. {% data variables.product.company_short %} recommends updating existing tokens as soon as possible. For more information, see "[About authentication to {% data variables.product.prodname_dotcom %}](/github/authenticating-to-github/keeping-your-account-and-data-secure/about-authentication-to-github#githubs-token-formats)" and "[About {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/about-secret-scanning)." - # https://github.com/github/releases/issues/1390 - - | - An expiration date can now be set for new and existing personal access tokens. Setting an expiration date on personal access tokens is highly recommended to prevent older tokens from leaking and compromising security. Token owners will receive an email when it's time to renew a token that's about to expire. Tokens that have expired can be regenerated, giving users a duplicate token with the same properties as the original. - - When using a personal access token with the {% data variables.product.company_short %} API, a new `GitHub-Authentication-Token-Expiration` header is included in the response, which indicates the token's expiration date. For more information, see "[Creating a personal access token](/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token)." - - heading: 'Repositories changes' notes: # https://github.com/github/releases/issues/1295