My application uses Github’s Oauth . Suppose that: in version 1, the app required

Question

0

Editorial Team

Asked: June 13, 20262026-06-13T03:13:27+00:00 2026-06-13T03:13:27+00:00

My application uses Github’s Oauth . Suppose that: in version 1, the app required

0

My application uses Github’s Oauth.
Suppose that:

in version 1, the app required only basic authorization (scopes = [])
in version 2, the app required R/W access to public repos (scope = [‘public_repo’])

Some users have not logged in yet since the upgrade.

Now I have some tokens with greater authorization capabilities then others. How do I tell them apart?
In other words, how can I ask Github: “Hey, I have this oauth token… what can I do with it?”

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-13T03:13:29+00:00

You can make any GitHub API request and read the value of the X-OAuth-Scopes header to see which scopes were supplied with the token. Using /rate_limit won’t count against your app’s rate limit.

curl -I -H 'Authorization: token <token>' https://api.github.com/rate_limit
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Oct 2012 23:48:37 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Status: 200 OK
Content-Length: 61
X-GitHub-Media-Type: github.beta
X-RateLimit-Remaining: 4999
X-RateLimit-Limit: 5000
X-OAuth-Scopes: public_repo
Cache-Control: 
X-Content-Type-Options: nosniff

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

My application uses Github’s Oauth . Suppose that: in version 1, the app required

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply