Self-service credential revocation for incident response - GitHub Changelog
Try GitHub Copilot CLI
Attend GitHub Universe
Search
Back to changelog
For a timely response to security incidents involving compromised accounts or stolen credentials, GitHub Enterprise owners can now use new “break-glass” capabilities to instantly revoke all credentials for a given user. This builds on the enterprise-wide credential management tools for incident response released earlier.
With this release, enterprise owners and members with the fine-grained permission Manage enterprise credentials can trigger the following bulk actions for all users or for a specific user in their enterprise:
Revoke SSO authorizations for user credentials (personal access tokens, SSH keys, and OAuth tokens) across your enterprise.
Delete user tokens and SSH keys across your enterprise, even if they don’t have an SSO authorization. This action is available only for EMU accounts.
List and revoke SSO authorizations for user credentials across a specific organization. These actions are only supported programmatically through the org-level rest APIs.
Additionally, we have introduced a new self-service revocation experience for individual enterprise members as part of Settings -> Credentials view, which enables you to:
Review counts of credentials that are generated or authorized via SSO by your personal account.
Self-service revoke or delete all of your credentials and authorizations in a single action without going token-by-token or key-by-key.
Enterprise owners and affected users can review details about revoked and deleted credentials via audit logs and email notifications generated by each of the new actions above.
To learn more, see our documentation around how to respond to security incidents in your enterprise and GitHub credentials reference.
Join the discussion within GitHub Community.
Related Posts
Jun.23 Improvement
Secret scanning adds extended metadata for Replicate secrets
application security
Jun.23 Release
Fetch Code Quality findings via REST API
application security
Jun.19 Release
AI credits consumed per user now in the Copilot usage metrics API
account management<br>copilot<br>enterprise management tools
...<br>+2
Jun.17 Improvement
Secret scanning updates – June 2026
application security
Jun.17 Improvement
Enterprise-managed settings now support bypass permission controls
client apps<br>copilot<br>enterprise management tools
...<br>+2
Jun.16 Release
GitHub Code Quality generally available July 20, 2026
application security<br>platform governance
...<br>+1
Jun.16 Release
Organization-level enablement for GitHub Code Quality
application security<br>enterprise management tools
...<br>+1
Jun.15 Improvement
Copilot usage metrics now include more of your active users
account management<br>copilot<br>enterprise management tools
...<br>+2
Jun.11 Improvement
AI usage report updates
enterprise management tools
Subscribe to our developer newsletter
Discover tips, technical guides, and best practices in our biweekly newsletter just for devs.
Enter your email*
Subscribe
By submitting, I agree to let GitHub and its affiliates use my information for personalized communications, targeted advertising, and campaign effectiveness. See the GitHub Privacy Statement for more details.
Back to top
© 2026 GitHub, Inc.
Terms
Privacy
Manage Cookies
Do not share my personal information
LinkedIn icon
GitHub on LinkedIn
Instagram icon
GitHub on Instagram
YouTube icon
GitHub on YouTube
X icon
GitHub on X
TikTok icon
GitHub on TikTok
Twitch icon
GitHub on Twitch
GitHub icon
GitHub’s organization on GitHub