Enhanced OAuth security for SSH keys
We just added more granular permissions so third party applications can specifically request read-only access, read/write access, or full admin access to your public SSH keys. You’re in control As…
We just added more granular permissions so third party applications can specifically request read-only access, read/write access, or full admin access to your public SSH keys.
You’re in control
As always, when an application requests access to your account, you get to decide whether to grant that access or not.

Revoke with ease
In addition to these finer-grained permissions, we’re also making it easier to revoke SSH access to your data. If an OAuth application creates an SSH key in your account, we’ll automatically delete that key when you revoke the application’s access.

To help you track security events that affect you, we’ll still email you any time a new key is added to your account. And of course, you can audit and delete your SSH keys any time you like.
You can read about the new changes in more detail on the GitHub Developer site.
Tags:
Written by
Related posts
An update on GitHub availability
Here’s what we’ve done—and what we’re still doing—to improve our availability and reliability.
GitHub Copilot is moving to usage-based billing
Starting June 1, your Copilot usage will consume GitHub AI Credits.
Changes to GitHub Copilot Individual plans
We’re making these changes to ensure a reliable and predictable experience for existing customers.