joshjohanning · joshjohanning · Jul 31, 2025 · Jul 31, 2025
diff --git a/gh-cli/get-sso-credential-authorizations.sh b/gh-cli/get-sso-credential-authorizations.sh
@@ -1,13 +1,21 @@
 #!/bin/bash
 
+if [ -z "$1" ]; then
+  echo "Usage: $0 <organization>"
+  echo "Example: ./get-sso-enabled-pats.sh my-org"
+  exit 1
+fi
+
+org="$1"
+
 # more info: 
 # - https://github.blog/changelog/2019-04-09-credential-authorizations-api/
 # - https://github.blog/changelog/2021-11-09-expiration-dates-of-saml-authorized-pats-available-via-api/
 # - https://docs.github.com/en/enterprise-cloud@latest/rest/orgs/orgs?apiVersion=2022-11-28#list-saml-sso-authorizations-for-an-organization
 
 # gets all credential types ("personal access token", "SSH key", "OAuth app token", and "GitHub app token") and their expiration (if applicable)
 
-gh api --paginate /orgs/githubcustomers/credential-authorizations
+gh api --paginate /orgs/$org/credential-authorizations
 
 # old - raw text output, 1 per line
-# gh api --paginate /orgs/githubcustomers/credential-authorizations --jq='.[] | "login: \(.login)    expiration: \(.authorized_credential_expires_at)    ID: \(.credential_id)    note: \(.authorized_credential_note) type: \(.credential_type)"'
+# gh api --paginate /orgs/$org/credential-authorizations --jq='.[] | "login: \(.login)    expiration: \(.authorized_credential_expires_at)    ID: \(.credential_id)    note: \(.authorized_credential_note) type: \(.credential_type)"'
diff --git a/gh-cli/get-sso-enabled-pats.sh b/gh-cli/get-sso-enabled-pats.sh
@@ -1,15 +1,23 @@
 #!/bin/bash
 
+if [ -z "$1" ]; then
+  echo "Usage: $0 <organization>"
+  echo "Example: ./get-sso-enabled-pats.sh my-org"
+  exit 1
+fi
+
+org="$1"
+
 # more info: 
 # - https://github.blog/changelog/2019-04-09-credential-authorizations-api/
 # - https://github.blog/changelog/2021-11-09-expiration-dates-of-saml-authorized-pats-available-via-api/
 # - https://docs.github.com/en/enterprise-cloud@latest/rest/orgs/orgs?apiVersion=2022-11-28#list-saml-sso-authorizations-for-an-organization
 
 # credential_type: personal access token, SSH key, OAuth app token, GitHub app token
-gh api --paginate /orgs/githubcustomers/credential-authorizations --jq='.[] | select(.credential_type == "personal access token" and .token_last_eight != null)' # the null check is b/c we only want to get active PATs
+gh api --paginate /orgs/$org/credential-authorizations --jq='.[] | select(.credential_type == "personal access token" and .token_last_eight != null)' # the null check is b/c we only want to get active PATs
 
 # old - raw text output, 1 per line
-# gh api --paginate /orgs/githubcustomers/credential-authorizations --jq='.[] | select(.credential_type == "personal access token" and .token_last_eight != null) | "login: \(.login)  expiration: \(.authorized_credential_expires_at)  ID: \(.credential_id)  note: \(.authorized_credential_note)  type: \(.credential_type))"'
+# gh api --paginate /orgs/$org/credential-authorizations --jq='.[] | select(.credential_type == "personal access token" and .token_last_eight != null) | "login: \(.login)  expiration: \(.authorized_credential_expires_at)  ID: \(.credential_id)  note: \(.authorized_credential_note)  type: \(.credential_type))"'
 
 # old - raw text output, 1 per line, with scopes
-# gh api --paginate /orgs/githubcustomers/credential-authorizations --jq='.[] | select(.credential_type == "personal access token" and .token_last_eight != null) | "login: \(.login)  expiration: \(.authorized_credential_expires_at)  ID: \(.credential_id)  note: \(.authorized_credential_note)  type: \(.credential_type)  scopes: \((.scopes // ["None"]) | join(", "))"'
+# gh api --paginate /orgs/$org/credential-authorizations --jq='.[] | select(.credential_type == "personal access token" and .token_last_eight != null) | "login: \(.login)  expiration: \(.authorized_credential_expires_at)  ID: \(.credential_id)  note: \(.authorized_credential_note)  type: \(.credential_type)  scopes: \((.scopes // ["None"]) | join(", "))"'
diff --git a/gh-cli/get-sso-enabled-ssh-keys.sh b/gh-cli/get-sso-enabled-ssh-keys.sh
@@ -1,12 +1,20 @@
 #!/bin/bash
 
+if [ -z "$1" ]; then
+  echo "Usage: $0 <organization>"
+  echo "Example: ./get-sso-enabled-pats.sh my-org"
+  exit 1
+fi
+
+org="$1"
+
 # more info: 
 # - https://github.blog/changelog/2019-04-09-credential-authorizations-api/
 # - https://github.blog/changelog/2021-11-09-expiration-dates-of-saml-authorized-pats-available-via-api/
 # - https://docs.github.com/en/enterprise-cloud@latest/rest/orgs/orgs?apiVersion=2022-11-28#list-saml-sso-authorizations-for-an-organization
 
 # credential_type: personal access token, SSH key, OAuth app token, GitHub app token
-gh api --paginate /orgs/githubcustomers/credential-authorizations --jq='.[] | select(.credential_type == "SSH key")'
+gh api --paginate /orgs/$org/credential-authorizations --jq='.[] | select(.credential_type == "SSH key")'
 
 # old - raw text output, 1 per line
-# gh api --paginate /orgs/githubcustomers/credential-authorizations --jq='.[] | select(.credential_type == "SSH key") | "login: \(.login)    ID: \(.credential_id)    title: \(.authorized_credential_title)    type: \(.credential_type)"'
+# gh api --paginate /orgs/$org/credential-authorizations --jq='.[] | select(.credential_type == "SSH key") | "login: \(.login)    ID: \(.credential_id)    title: \(.authorized_credential_title)    type: \(.credential_type)"'