kind:change

title:Removing token attribute from Authorizations API responses (Update)

created_at:2015-02-03

author_name:ptoomey3

In December, we[released a preview][removing-authorizations-token] of several API changes related to managing OAuth application authorizations. As part of those changes we introduced several new response attributes (`token_last_eight`,`hashed_token`, and`fingerprint`) to the Authorizations API. We have decided to modify`hashed_token` to return the SHA-256 hex digest of the associated token instead of Base64. Given that Base64 has several common variants (original, URL safe, etc) we decided that returning the value as hex is less ambiguous and will be more useful for developers.

Because of the change to`hashed_token`, we are extending the preview period by two weeks. If no additional changes are made during this extended preview period we will announce the end of the preview and beginning of the eight week migration period on February 17. The migration period will allow applications to opt in to these changes before they become an official part of the GitHub API v3.

If you have any questions or feedback, please[drop us a line][contact]!

[removing-authorizations-token]:/changes/2014-12-08-removing-authorizations-token/

[contact]:https://github.com/contact?form[subject]=Removing+authorizations+token

GitHub expects that integrations respond within thirty seconds of receiving the webhook payload. If your service takes longer than that to complete, then GitHub terminates the connection and the payload is lost.

Since it's impossible to predict how fast your service will complete, you should do all of "the real work" in a background job.[Resque](http://resquework.org/) (for Ruby),[RQ](http://python-rq.org/) (for Python), or[RabbitMQ](http://www.rabbitmq.com/) (for Java) are examples of libraries that can handle queuing and processing of background jobs.

Since it's impossible to predict how fast your service will complete, you should do all of "the real work" in a background job.[Resque](https://github.com/resque/resque/) (for Ruby),[RQ](http://python-rq.org/) (for Python), or[RabbitMQ](http://www.rabbitmq.com/) (for Java) are examples of libraries that can handle queuing and processing of background jobs.

Note that even with a background job running, GitHub still expects your server to respond within thirty seconds. Your server simply needs to acknowledge that it received the payload by sending some sort of response. It's critical that your service to performs any validations on a payload as soon as possible, so that you can accurately report whether your server will continue with the request or not.

{{#warning}}

If your GitHub Enterprise appliance has[LDAP Sync with Active Directory LDAP servers](https://help.github.com/enterprise/admin/guides/user-management/using-ldap), this API is disabled and will return a`403` response. Users managed by an external account cannot be suspended via the API.

If your GitHub Enterprise appliance has[LDAP Sync with Active Directory LDAP servers](https://help.github.com/enterprise/2.1/admin/guides/user-management/using-ldap), this API is disabled and will return a`403` response. Users managed by an external account cannot be suspended via the API.

{{/warning}}

{{#warning}}

If your GitHub Enterprise appliance has[LDAP Sync with Active Directory LDAP servers](https://help.github.com/enterprise/admin/guides/user-management/using-ldap), this API is disabled and will return a`403` response. Users managed by an external account cannot be unsuspended via the API.

If your GitHub Enterprise appliance has[LDAP Sync with Active Directory LDAP servers](https://help.github.com/enterprise/2.1/admin/guides/user-management/using-ldap), this API is disabled and will return a`403` response. Users managed by an external account cannot be unsuspended via the API.

{{/warning}}

{{#warning}}

If your GitHub Enterprise appliance has[LDAP Sync enabled](https://help.github.com/enterprise/admin/guides/user-management/using-ldap) and the option to synchronize emails enabled, this API is disabled and will return a`403` response. Users managed in LDAP won't be able to add an email address via the API with these options enabled.

If your GitHub Enterprise appliance has[LDAP Sync enabled](https://help.github.com/enterprise/2.1/admin/guides/user-management/using-ldap) and the option to synchronize emails enabled, this API is disabled and will return a`403` response. Users managed in LDAP won't be able to add an email address via the API with these options enabled.

{{/warning}}

{{#warning}}

If your GitHub Enterprise appliance has[LDAP Sync enabled](https://help.github.com/enterprise/admin/guides/user-management/using-ldap) and the option to synchronize emails enabled, this API is disabled and will return a`403` response. Users managed in LDAP won't be able to remove an email address via the API with these options enabled.

If your GitHub Enterprise appliance has[LDAP Sync enabled](https://help.github.com/enterprise/2.1/admin/guides/user-management/using-ldap) and the option to synchronize emails enabled, this API is disabled and will return a`403` response. Users managed in LDAP won't be able to remove an email address via the API with these options enabled.

{{/warning}}