程序化访问
了解访问令牌的类型以及如何使用它们。
在设置持续集成(CI)或编写脚本来帮助管理项目时,我们建议避免使用用户名和密码进行身份验证。使用这些凭据,任何人都可以登录并使用你的账户。
🌐 When setting up CI or writing a script to help manage your projects, we recommend avoiding using your username and password to authenticate. With these credentials, anyone will be able to log in and use your account.
你可以生成令牌来代替提供凭据,这将允许你单独管理每个集成点。任何有权使用这些令牌的人都能够对你的账户执行操作。请像对待用户密码一样谨慎对待它们。如果出现泄露情况,你可以撤销这些令牌以阻止访问。
🌐 Instead of providing credentials, you can generate tokens that will allow you to manage each integration point separately. Anyone who has access to these tokens will be able to perform actions against your account. Treat them with the same care as a user password. In case something is leaked, you can revoke these tokens to block access.
个人访问令牌
🌐 Personal access tokens
你可以在仪表板的 访问令牌 页面创建个人访问令牌。拥有此令牌的任何人都可以以你的名义执行操作。这适用于你个人账户上的所有内容,以及你被授予访问权限的任何个人账户或组织。
🌐 You can create Personal access tokens from the Access tokens on your dashboard. Anyone with this token can perform actions on your behalf. That applies to all content on your Personal Account, as well as any Personal Accounts or Organizations that you have been granted access to.
机器人用户和访问令牌
🌐 Robot users and access tokens
账户可以创建机器人用户来对账户拥有的资源执行操作。机器人用户可以被分配角色以限制其被授权执行的操作。机器人用户无法登录任何 Expo 产品,无法拥有任何项目,并且只能通过访问令牌进行身份验证。
🌐 Accounts can create Robot users to take actions on resources owned by the Account. Bot Users can be assigned a role to limit the actions they are authorized to perform. Bot users cannot sign in to any Expo products, cannot own any projects themselves, and can only authenticate via an access token.
访问令牌的使用
🌐 Access tokens usage
你可以使用你创建的任何令牌来使用 EAS CLI 执行操作。要使用令牌,你需要在运行命令之前定义一个环境变量,例如 EXPO_TOKEN="token"。
🌐 You can use any tokens you have created to perform actions with the EAS CLI. To use tokens, you need to define an environment variable, like EXPO_TOKEN="token", before running commands.
一旦你设置了 EXPO_TOKEN 环境变量,你就可以使用令牌运行任何经过身份验证的 EAS CLI 命令,而无需运行 eas login 命令。eas login 命令仅用于用户名和密码认证。如果同时配置了两者,EXPO_TOKEN 认证方法优先于用户名和密码。
🌐 Once you set the EXPO_TOKEN environment variable, you can run any EAS CLI command authenticated with the token without running the eas login command. The eas login command is only used for username and password authentication. The EXPO_TOKEN auth method takes precedence over the username and password if both are configured.
例如,一旦你获得令牌,你就可以运行以下 EAS CLI 命令来触发构建:
🌐 For example, once you obtain a token, you can run the following EAS CLI command to trigger a build:
- EXPO_TOKEN=my_token eas build如果你正在使用 GitHub Actions,你可以配置 token 属性 将这个环境变量包含在所有的作业步骤中。
🌐 If you are using GitHub Actions, you can configure the token property to include this environment variable in all the job steps.
访问令牌有用的常见情况:
🌐 Common situations where access tokens are useful:
- 从 CI 发布或构建,无需提供你的 Expo 用户名和密码
- 续订令牌以保持尽可能的安全;无需重置密码或退出所有会话
- 授予某人(或脚本)一次性访问你的项目的有限权限
撤销访问令牌
🌐 Revoke access tokens
如果令牌不小心泄露了,你可以在不更改用户名和密码的情况下撤销它。当你撤销访问令牌时,会阻止使用该令牌访问你的账户。要操作此步骤,请前往仪表板上的 访问令牌页面,然后删除你想撤销的令牌。
🌐 In case a token is accidentally leaked, you can revoke it without changing your username and password. When you revoke the access token, you block all access to your account using this token. To do this, go to the Access Token page on your dashboard and delete the token you want to revoke.