Update OpenAPI Description (#55442)

Co-authored-by: Usha N <n-usha@github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com>
github · docs-bot · Apr 29, 2025 · Apr 29, 2025 · Apr 29, 2025 · Apr 29, 2025
commit 2ae3d74757b51a6a2fb639d0f8cf9e88ecd44de0
diff --git a/content/rest/credentials/index.md b/content/rest/credentials/index.md
@@ -0,0 +1,13 @@
+---
+title: Credentials
+topics:
+  - API
+autogenerated: rest
+allowTitleToDifferFromFilename: true
+children:
+  - /revoke
+versions:
+  fpt: '*'
+  ghec: '*'
+---
+
diff --git a/content/rest/credentials/revoke.md b/content/rest/credentials/revoke.md
@@ -0,0 +1,14 @@
+---
+title: Revocation
+shortTitle: Revocation
+intro: Use the REST API to revoke credentials that you have found exposed on {% data variables.product.github %} or elsewhere.
+versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
+  fpt: '*'
+  ghec: '*'
+topics:
+  - API
+autogenerated: rest
+allowTitleToDifferFromFilename: true
+---
+
+<!-- Content after this section is automatically generated -->
diff --git a/content/rest/index.md b/content/rest/index.md
@@ -56,6 +56,7 @@ children:
   - /collaborators
   - /commits
   - /copilot
+  - /credentials
   - /dependabot
   - /dependency-graph
   - /deploy-keys

diff --git a/src/github-apps/data/fpt-2022-11-28/fine-grained-pat.json b/src/github-apps/data/fpt-2022-11-28/fine-grained-pat.json
@@ -2171,6 +2171,14 @@
       "requestPath": "/orgs/{org}/team/{team_slug}/copilot/metrics"
     }
   ],
+  "credentials": [
+    {
+      "slug": "revoke-a-list-of-credentials",
+      "subcategory": "revoke",
+      "verb": "post",
+      "requestPath": "/credentials/revoke"
+    }
+  ],
   "dependabot": [
     {
       "slug": "list-dependabot-alerts-for-an-organization",

diff --git a/src/github-apps/data/fpt-2022-11-28/server-to-server-rest.json b/src/github-apps/data/fpt-2022-11-28/server-to-server-rest.json
@@ -1905,6 +1905,14 @@
       "requestPath": "/orgs/{org}/team/{team_slug}/copilot/metrics"
     }
   ],
+  "credentials": [
+    {
+      "slug": "revoke-a-list-of-credentials",
+      "subcategory": "revoke",
+      "verb": "post",
+      "requestPath": "/credentials/revoke"
+    }
+  ],
   "dependabot": [
     {
       "slug": "list-dependabot-alerts-for-an-organization",

diff --git a/src/github-apps/data/fpt-2022-11-28/user-to-server-rest.json b/src/github-apps/data/fpt-2022-11-28/user-to-server-rest.json
@@ -2171,6 +2171,14 @@
       "requestPath": "/orgs/{org}/team/{team_slug}/copilot/metrics"
     }
   ],
+  "credentials": [
+    {
+      "slug": "revoke-a-list-of-credentials",
+      "subcategory": "revoke",
+      "verb": "post",
+      "requestPath": "/credentials/revoke"
+    }
+  ],
   "dependabot": [
     {
       "slug": "list-dependabot-alerts-for-an-organization",

diff --git a/src/github-apps/data/ghec-2022-11-28/fine-grained-pat.json b/src/github-apps/data/ghec-2022-11-28/fine-grained-pat.json
@@ -2209,6 +2209,14 @@
       "requestPath": "/orgs/{org}/team/{team_slug}/copilot/metrics"
     }
   ],
+  "credentials": [
+    {
+      "slug": "revoke-a-list-of-credentials",
+      "subcategory": "revoke",
+      "verb": "post",
+      "requestPath": "/credentials/revoke"
+    }
+  ],
   "dependabot": [
     {
       "slug": "list-dependabot-alerts-for-an-organization",

diff --git a/src/github-apps/data/ghec-2022-11-28/server-to-server-rest.json b/src/github-apps/data/ghec-2022-11-28/server-to-server-rest.json
@@ -1943,6 +1943,14 @@
       "requestPath": "/orgs/{org}/team/{team_slug}/copilot/metrics"
     }
   ],
+  "credentials": [
+    {
+      "slug": "revoke-a-list-of-credentials",
+      "subcategory": "revoke",
+      "verb": "post",
+      "requestPath": "/credentials/revoke"
+    }
+  ],
   "dependabot": [
     {
       "slug": "list-dependabot-alerts-for-an-organization",

diff --git a/src/github-apps/data/ghec-2022-11-28/user-to-server-rest.json b/src/github-apps/data/ghec-2022-11-28/user-to-server-rest.json
@@ -2209,6 +2209,14 @@
       "requestPath": "/orgs/{org}/team/{team_slug}/copilot/metrics"
     }
   ],
+  "credentials": [
+    {
+      "slug": "revoke-a-list-of-credentials",
+      "subcategory": "revoke",
+      "verb": "post",
+      "requestPath": "/credentials/revoke"
+    }
+  ],
   "dependabot": [
     {
       "slug": "list-dependabot-alerts-for-an-organization",

diff --git a/src/github-apps/lib/config.json b/src/github-apps/lib/config.json
@@ -60,5 +60,5 @@
       "2022-11-28"
     ]
   },
-  "sha": "8af3e59120fdf6294e2d385bdae74b39fa824da5"
+  "sha": "e7a314cf1c452fbcf55e3be650f1bb7363cad424"
 }
diff --git a/src/rest/data/fpt-2022-11-28/schema.json b/src/rest/data/fpt-2022-11-28/schema.json
@@ -243374,6 +243374,76 @@
       }
     ]
   },
+  "credentials": {
+    "revoke": [
+      {
+        "serverUrl": "https://api.github.com",
+        "verb": "post",
+        "requestPath": "/credentials/revoke",
+        "title": "Revoke a list of credentials",
+        "category": "credentials",
+        "subcategory": "revoke",
+        "parameters": [],
+        "bodyParameters": [
+          {
+            "type": "array of strings",
+            "name": "credentials",
+            "in": "body",
+            "description": "<p>A list of credentials to be revoked, up to 1000 per request.</p>",
+            "isRequired": true
+          }
+        ],
+        "progAccess": {
+          "userToServerRest": true,
+          "serverToServer": true,
+          "fineGrainedPat": true,
+          "permissions": [],
+          "allowPermissionlessAccess": true
+        },
+        "codeExamples": [
+          {
+            "key": "default",
+            "request": {
+              "contentType": "application/json",
+              "description": "Example",
+              "acceptHeader": "application/vnd.github.v3+json",
+              "bodyParameters": {
+                "credentials": [
+                  "ghp_1234567890abcdef1234567890abcdef12345678",
+                  "ghp_abcdef1234567890abcdef1234567890abcdef12"
+                ]
+              }
+            },
+            "response": {
+              "statusCode": "202",
+              "contentType": "application/json",
+              "description": "<p>Accepted</p>",
+              "example": null,
+              "schema": {
+                "type": "object"
+              }
+            }
+          }
+        ],
+        "previews": [],
+        "descriptionHTML": "<p>Submit a list of credentials to be revoked. This endpoint is intended to revoke credentials the caller does not own and may have found exposed on GitHub.com or elsewhere. It can also be used for credentials associated with an old user account that you no longer have access to. Credential owners will be notified of the revocation.</p>\n<p>This endpoint currently accepts the following credential types:</p>\n<ul>\n<li>Personal access tokens (classic)</li>\n<li>Fine-grained personal access tokens</li>\n</ul>\n<p>Revoked credentials may impact users on GitHub Free, Pro, &#x26; Team and GitHub Enterprise Cloud, and GitHub Enterprise Cloud with Enterprise Managed Users.\nGitHub cannot reactivate any credentials that have been revoked; new credentials will need to be generated.</p>\n<p>To prevent abuse, this API is limited to only 60 unauthenticated requests per hour and a max of 1000 tokens per API request.</p>\n<div class=\"ghd-alert ghd-alert-accent\"><p class=\"ghd-alert-title\"><svg version=\"1.1\" width=\"16\" height=\"16\" viewBox=\"0 0 16 16\" class=\"octicon mr-2\" aria-hidden><path d=\"M0 8a8 8 0 1 1 16 0A8 8 0 0 1 0 8Zm8-6.5a6.5 6.5 0 1 0 0 13 6.5 6.5 0 0 0 0-13ZM6.5 7.75A.75.75 0 0 1 7.25 7h1a.75.75 0 0 1 .75.75v2.75h.25a.75.75 0 0 1 0 1.5h-2a.75.75 0 0 1 0-1.5h.25v-2h-.25a.75.75 0 0 1-.75-.75ZM8 6a1 1 0 1 1 0-2 1 1 0 0 1 0 2Z\"></path></svg>Note</p>\n<p>\nAny authenticated requests will return a 403.</p>\n</div>",
+        "statusCodes": [
+          {
+            "httpStatusCode": "202",
+            "description": "<p>Accepted</p>"
+          },
+          {
+            "httpStatusCode": "422",
+            "description": "<p>Validation failed, or the endpoint has been spammed.</p>"
+          },
+          {
+            "httpStatusCode": "500",
+            "description": "<p>Internal Error</p>"
+          }
+        ]
+      }
+    ]
+  },
   "dependabot": {
     "alerts": [
       {
@@ -397864,13 +397934,14 @@
           },
           {
             "name": "filter",
-            "description": "<p>Filter members returned in the list. <code>2fa_disabled</code> means that only members without <a href=\"https://github.com/blog/1614-two-factor-authentication\">two-factor authentication</a> enabled will be returned. This options is only available for organization owners.</p>",
+            "description": "<p>Filter members returned in the list. <code>2fa_disabled</code> means that only members without <a href=\"https://github.com/blog/1614-two-factor-authentication\">two-factor authentication</a> enabled will be returned. <code>2fa_insecure</code> means that only members with <a href=\"https://docs.github.com/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization#requiring-secure-methods-of-two-factor-authentication-in-your-organization\">insecure 2FA methods</a> will be returned. These options are only available for organization owners.</p>",
             "in": "query",
             "required": false,
             "schema": {
               "type": "string",
               "enum": [
                 "2fa_disabled",
+                "2fa_insecure",
                 "all"
               ],
               "default": "all"
@@ -403906,13 +403977,14 @@
           },
           {
             "name": "filter",
-            "description": "<p>Filter the list of outside collaborators. <code>2fa_disabled</code> means that only outside collaborators without <a href=\"https://github.com/blog/1614-two-factor-authentication\">two-factor authentication</a> enabled will be returned.</p>",
+            "description": "<p>Filter the list of outside collaborators. <code>2fa_disabled</code> means that only outside collaborators without <a href=\"https://github.com/blog/1614-two-factor-authentication\">two-factor authentication</a> enabled will be returned. <code>2fa_insecure</code> means that only outside collaborators with <a href=\"https://docs.github.com/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization#requiring-secure-methods-of-two-factor-authentication-in-your-organization\">insecure 2FA methods</a> will be returned.</p>",
             "in": "query",
             "required": false,
             "schema": {
               "type": "string",
               "enum": [
                 "2fa_disabled",
+                "2fa_insecure",
                 "all"
               ],
               "default": "all"