了解访问令牌的类型以及如何使用它们。
在设置 CI 或编写脚本来帮助管理你的项目时,我们建议避免使用你的用户名和密码进行身份验证。有了这些凭据,任何人都可以登录并使用你的账户。
¥When setting up CI or writing a script to help manage your projects, we recommend avoiding using your username and password to authenticate. With these credentials, anyone will be able to log in and use your account.
你可以生成令牌,而不是提供凭据,从而允许你单独管理每个集成点。有权访问这些令牌的任何人都可以对你的账户执行操作。请像对待用户密码一样小心对待它们。如果发生泄露,你可以撤销这些令牌以阻止访问。
¥Instead of providing credentials, you can generate tokens that will allow you to manage each integration point separately. Anyone who has access to these tokens will be able to perform actions against your account. Please treat them with the same care as a user password. In case something is leaked, you can revoke these tokens to block access.
¥Personal access tokens
你可以从仪表板上的 访问令牌 创建个人访问令牌。拥有此令牌的任何人都可以代表你执行操作。这适用于你个人账户上的所有内容,以及你被授予访问权限的任何个人账户或组织。
¥You can create Personal access tokens from the Access tokens on your dashboard. Anyone with this token can perform actions on your behalf. That applies to all content on your Personal Account, as well as any Personal Accounts or Organizations that you have been granted access to.
¥Robot users and access tokens
账户可以创建机器人用户以对该账户拥有的资源执行操作。可以为机器人用户分配 一名角色 以限制他们有权执行的操作。机器人用户无法登录任何 Expo 产品,自己无法拥有任何项目,只能通过访问令牌进行身份验证。
¥Accounts can create Robot users to take actions on resources owned by the Account. Bot Users can be assigned a role to limit the actions they are authorized to perform. Bot users cannot sign in to any Expo products, cannot own any projects themselves, and can only authenticate via an access token.
¥Access tokens usage
你可以使用你创建的任何令牌来通过 EAS CLI 执行操作。要使用令牌,你需要在运行命令之前定义一个环境变量,例如 EXPO_TOKEN="token"
。
¥You can use any tokens you have created to perform actions with the EAS CLI. To use tokens, you need to define an environment variable, like EXPO_TOKEN="token"
, before running commands.
设置 EXPO_TOKEN
环境变量后,你可以运行任何使用令牌进行身份验证的 EAS CLI 命令,而无需运行 eas login
命令。eas login
命令仅用于用户名和密码身份验证。如果配置了用户名和密码,则 EXPO_TOKEN
身份验证方法优先于用户名和密码。
¥Once you set the EXPO_TOKEN
environment variable, you can run any EAS CLI command authenticated with the token without running the eas login
command. The eas login
command is only used for username and password authentication. The EXPO_TOKEN
auth method takes precedence over the username and password if both are configured.
例如,一旦你获得令牌,你就可以运行以下 EAS CLI 命令来触发构建:
¥For example, once you obtain a token, you can run the following EAS CLI command to trigger a build:
EXPO_TOKEN=my_token eas build
如果你使用的是 GitHub Actions,你可以配置 token
属性 会将此环境变量包含在所有作业步骤中。
¥If you are using GitHub Actions, you can configure the token
property to include this environment variable in all the job steps.
访问令牌有用的常见情况:
¥Common situations where access tokens are useful:
从 CI 发布或构建,无需提供你的 Expo 用户名和密码
¥Publish or build from CI without providing your Expo username and password
更新令牌以尽可能保证其安全;无需重置密码并退出所有会话
¥Renew a token to keep it as secure as possible; no need to reset your password and sign out of all sessions
授予某人(或脚本)一次性访问你的项目的有限权限
¥Give someone (or a script) one-time access to your project with limited permissions
¥Revoke access tokens
如果令牌意外泄露,你可以撤销它,而无需更改用户名和密码。当你撤销访问令牌时,你将阻止使用此令牌对你的账户进行的所有访问。为此,请转到仪表板上的 访问令牌页面 并删除要撤销的令牌。
¥In case a token is accidentally leaked, you can revoke it without changing your username and password. When you revoke the access token, you block all access to your account using this token. To do this, go to the Access Token page on your dashboard and delete the token you want to revoke.