Skip to main content
The REST API is now versioned. For more information, see "About API versioning."

REST API endpoints for blocking users

Use the REST API to block and unblock users in an organization.

About blocking users

The token used to authenticate the call must have the admin:org scope in order to make any blocking calls for an organization. Otherwise, the response returns HTTP 404.

List users blocked by an organization

List the users blocked by an organization.

Fine-grained access tokens for "List users blocked by an organization"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Blocking users" organization permissions (read)

Parameters for "List users blocked by an organization"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
org string Required

The organization name. The name is not case sensitive.

Query parameters
Name, Type, Description
per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Default: 30

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Default: 1

HTTP response status codes for "List users blocked by an organization"

Status codeDescription
200

OK

Code samples for "List users blocked by an organization"

If you access GitHub at GHE.com, replace api.github.com with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com.

Request example

get/orgs/{org}/blocks
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/blocks

Response

Status: 200
[ { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false } ]

Check if a user is blocked by an organization

Returns a 204 if the given user is blocked by the given organization. Returns a 404 if the organization is not blocking the user, or if the user account has been identified as spam by GitHub.

Fine-grained access tokens for "Check if a user is blocked by an organization"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Blocking users" organization permissions (read)

Parameters for "Check if a user is blocked by an organization"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
org string Required

The organization name. The name is not case sensitive.

username string Required

The handle for the GitHub user account.

HTTP response status codes for "Check if a user is blocked by an organization"

Status codeDescription
204

If the user is blocked

404

If the user is not blocked

Code samples for "Check if a user is blocked by an organization"

If you access GitHub at GHE.com, replace api.github.com with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com.

Request example

get/orgs/{org}/blocks/{username}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/blocks/USERNAME

If the user is blocked

Status: 204

Block a user from an organization

Blocks the given user on behalf of the specified organization and returns a 204. If the organization cannot block the given user a 422 is returned.

Fine-grained access tokens for "Block a user from an organization"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Blocking users" organization permissions (write)

Parameters for "Block a user from an organization"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
org string Required

The organization name. The name is not case sensitive.

username string Required

The handle for the GitHub user account.

HTTP response status codes for "Block a user from an organization"

Status codeDescription
204

No Content

422

Validation failed, or the endpoint has been spammed.

Code samples for "Block a user from an organization"

If you access GitHub at GHE.com, replace api.github.com with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com.

Request example

put/orgs/{org}/blocks/{username}
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/blocks/USERNAME

Response

Status: 204

Unblock a user from an organization

Unblocks the given user on behalf of the specified organization.

Fine-grained access tokens for "Unblock a user from an organization"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Blocking users" organization permissions (write)

Parameters for "Unblock a user from an organization"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
org string Required

The organization name. The name is not case sensitive.

username string Required

The handle for the GitHub user account.

HTTP response status codes for "Unblock a user from an organization"

Status codeDescription
204

No Content

Code samples for "Unblock a user from an organization"

If you access GitHub at GHE.com, replace api.github.com with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com.

Request example

delete/orgs/{org}/blocks/{username}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/blocks/USERNAME

Response

Status: 204