Skip to main content

This version of GitHub Enterprise was discontinued on 2023-01-18. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.

Deploy keys

Use the REST API to create and manage deploy keys.

About deploy keys

You can launch projects from a repository on your GitHub Enterprise Server instance to your server by using a deploy key, which is an SSH key that grants access to a single repository. GitHub Enterprise Server attaches the public part of the key directly to your repository instead of a personal account, and the private part of the key remains on your server. For more information, see "Delivering deployments."

Deploy keys can either be setup using the following API endpoints, or by using GitHub. To learn how to set deploy keys up in GitHub, see "Managing deploy keys."

List deploy keys

Works with GitHub Apps

Parameters

Headers
Name, Type, Description
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

Query parameters
Name, Type, Description
per_pageinteger

The number of results per page (max 100).

Default: 30

pageinteger

Page number of the results to fetch.

Default: 1

HTTP response status codes

Status codeDescription
200

OK

Code samples

get/repos/{owner}/{repo}/keys
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/keys

Response

Create a deploy key

Works with GitHub Apps

You can create a read-only deploy key.

Parameters

Headers
Name, Type, Description
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

Body parameters
Name, Type, Description
titlestring

A name for the key.

keystringRequired

The contents of the key.

read_onlyboolean

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see "Repository permission levels for an organization" and "Permission levels for a user account repository."

HTTP response status codes

Status codeDescription
201

Created

422

Validation failed, or the endpoint has been spammed.

Code samples

post/repos/{owner}/{repo}/keys
curl \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/keys \ -d '{"title":"octocat@octomac","key":"ssh-rsa AAA...","read_only":true}'

Response

Status: 201
{ "id": 1, "key": "ssh-rsa AAA...", "url": "https://api.github.com/repos/octocat/Hello-World/keys/1", "title": "octocat@octomac", "verified": true, "created_at": "2014-12-10T15:53:42Z", "read_only": true }

Get a deploy key

Works with GitHub Apps

Parameters

Headers
Name, Type, Description
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

key_idintegerRequired

The unique identifier of the key.

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

Code samples

get/repos/{owner}/{repo}/keys/{key_id}
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/keys/KEY_ID

Response

Status: 200
{ "id": 1, "key": "ssh-rsa AAA...", "url": "https://api.github.com/repos/octocat/Hello-World/keys/1", "title": "octocat@octomac", "verified": true, "created_at": "2014-12-10T15:53:42Z", "read_only": true }

Delete a deploy key

Works with GitHub Apps

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

Parameters

Headers
Name, Type, Description
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

key_idintegerRequired

The unique identifier of the key.

HTTP response status codes

Status codeDescription
204

No Content

Code samples

delete/repos/{owner}/{repo}/keys/{key_id}
curl \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/keys/KEY_ID

Response

Status: 204