gh-auth-refresh - Man Page

gh auth refresh [flags]

Expand or fix the permission scopes for stored credentials.

The --scopes flag accepts a comma separated list of scopes you want your gh credentials to have. If no scopes are provided, the command maintains previously added scopes.

The --remove-scopes flag accepts a comma separated list of scopes you want to remove from your gh credentials. Scope removal is idempotent. The minimum set of scopes ("repo", "read:org" and "gist") cannot be removed.

The --reset-scopes flag resets the scopes for your gh credentials to the default set of scopes for your auth flow.

-h,  --hostname <string>

The GitHub host to use for authentication

--insecure-storage

Save authentication credentials in plain text instead of credential store

-r,  --remove-scopes <strings>

Authentication scopes to remove from gh

--reset-scopes

Reset authentication scopes to the default minimum set of scopes

-s,  --scopes <strings>

Additional authentication scopes for gh to have

$ gh auth refresh --scopes write:org,read:public_key
# => open a browser to add write:org and read:public_key scopes

$ gh auth refresh
# => open a browser to ensure your authentication credentials have the correct minimum scopes

$ gh auth refresh --remove-scopes delete_repo
# => open a browser to idempotently remove the delete_repo scope

$ gh auth refresh --reset-scopes
# => open a browser to re-authenticate with the default minimum scopes

gh-auth(1)

gh-auth(1).