REST API endpoints for repository webhooks
Use the REST API to create and manage webhooks for your repositories.
About repository webhooks
Repository webhooks allow your server to receive HTTP POST
payloads whenever certain events happen in a repository. For more information, see "Webhooks documentation."
List repository webhooks
Lists webhooks for a repository. last response
may return null if there have not been any deliveries within 30 days.
Fine-grained access tokens for "List repository webhooks"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Webhooks" repository permissions (read)
Parameters for "List repository webhooks"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
Name, Type, Description |
---|
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Default: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Default: |
HTTP response status codes for "List repository webhooks"
Status code | Description |
---|---|
200 | OK |
404 | Resource not found |
Code samples for "List repository webhooks"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Request example
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/hooks
Response
Status: 200
[
{
"type": "Repository",
"id": 12345678,
"name": "web",
"active": true,
"events": [
"push",
"pull_request"
],
"config": {
"content_type": "json",
"insecure_ssl": "0",
"url": "https://example.com/webhook"
},
"updated_at": "2019-06-03T00:57:16Z",
"created_at": "2019-06-03T00:57:16Z",
"url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678",
"test_url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678/test",
"ping_url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678/pings",
"deliveries_url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678/deliveries",
"last_response": {
"code": null,
"status": "unused",
"message": null
}
}
]
Create a repository webhook
Repositories can have multiple webhooks installed. Each webhook should have a unique config
. Multiple webhooks can
share the same config
as long as those webhooks do not have any events
that overlap.
Fine-grained access tokens for "Create a repository webhook"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Webhooks" repository permissions (write)
Parameters for "Create a repository webhook"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
Name, Type, Description | |||||
---|---|---|---|---|---|
name string Use | |||||
config object Key/value pairs to provide settings for this webhook. | |||||
Properties of |
Name, Type, Description |
---|
url string The URL to which the payloads will be delivered. |
content_type string The media type used to serialize the payloads. Supported values include |
secret string If provided, the |
insecure_ssl string or number Determines whether the SSL certificate of the host for |
events
array of strings Determines what events the hook is triggered for.
Default: ["push"]
active
boolean Determines if notifications are sent when the webhook is triggered. Set to true
to send notifications.
Default: true
HTTP response status codes for "Create a repository webhook"
Status code | Description |
---|---|
201 | Created |
403 | Forbidden |
404 | Resource not found |
422 | Validation failed, or the endpoint has been spammed. |
Code samples for "Create a repository webhook"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Request example
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/hooks \
-d '{"name":"web","active":true,"events":["push","pull_request"],"config":{"url":"https://example.com/webhook","content_type":"json","insecure_ssl":"0"}}'
Response
Status: 201
{
"type": "Repository",
"id": 12345678,
"name": "web",
"active": true,
"events": [
"push",
"pull_request"
],
"config": {
"content_type": "json",
"insecure_ssl": "0",
"url": "https://example.com/webhook"
},
"updated_at": "2019-06-03T00:57:16Z",
"created_at": "2019-06-03T00:57:16Z",
"url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678",
"test_url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678/test",
"ping_url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678/pings",
"deliveries_url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678/deliveries",
"last_response": {
"code": null,
"status": "unused",
"message": null
}
}
Get a repository webhook
Returns a webhook configured in a repository. To get only the webhook config
properties, see "Get a webhook configuration for a repository."
Fine-grained access tokens for "Get a repository webhook"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Webhooks" repository permissions (read)
Parameters for "Get a repository webhook"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
hook_id integer RequiredThe unique identifier of the hook. You can find this value in the |
HTTP response status codes for "Get a repository webhook"
Status code | Description |
---|---|
200 | OK |
404 | Resource not found |
Code samples for "Get a repository webhook"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Request example
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/hooks/HOOK_ID
Response
Status: 200
{
"type": "Repository",
"id": 12345678,
"name": "web",
"active": true,
"events": [
"push",
"pull_request"
],
"config": {
"content_type": "json",
"insecure_ssl": "0",
"url": "https://example.com/webhook"
},
"updated_at": "2019-06-03T00:57:16Z",
"created_at": "2019-06-03T00:57:16Z",
"url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678",
"test_url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678/test",
"ping_url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678/pings",
"deliveries_url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678/deliveries",
"last_response": {
"code": null,
"status": "unused",
"message": null
}
}
Update a repository webhook
Updates a webhook configured in a repository. If you previously had a secret
set, you must provide the same secret
or set a new secret
or the secret will be removed. If you are only updating individual webhook config
properties, use "Update a webhook configuration for a repository."
Fine-grained access tokens for "Update a repository webhook"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Webhooks" repository permissions (write)
Parameters for "Update a repository webhook"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
hook_id integer RequiredThe unique identifier of the hook. You can find this value in the |
Name, Type, Description | |||||
---|---|---|---|---|---|
config object Configuration object of the webhook | |||||
Properties of |
Name, Type, Description |
---|
url string The URL to which the payloads will be delivered. |
content_type string The media type used to serialize the payloads. Supported values include |
secret string If provided, the |
insecure_ssl string or number Determines whether the SSL certificate of the host for |
events
array of strings Determines what events the hook is triggered for. This replaces the entire array of events.
Default: ["push"]
add_events
array of strings Determines a list of events to be added to the list of events that the Hook triggers for.
remove_events
array of strings Determines a list of events to be removed from the list of events that the Hook triggers for.
active
boolean Determines if notifications are sent when the webhook is triggered. Set to true
to send notifications.
Default: true
HTTP response status codes for "Update a repository webhook"
Status code | Description |
---|---|
200 | OK |
404 | Resource not found |
422 | Validation failed, or the endpoint has been spammed. |
Code samples for "Update a repository webhook"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Request example
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/hooks/HOOK_ID \
-d '{"active":true,"add_events":["pull_request"]}'
Response
Status: 200
{
"type": "Repository",
"id": 12345678,
"name": "web",
"active": true,
"events": [
"push",
"pull_request"
],
"config": {
"content_type": "json",
"insecure_ssl": "0",
"url": "https://example.com/webhook"
},
"updated_at": "2019-06-03T00:57:16Z",
"created_at": "2019-06-03T00:57:16Z",
"url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678",
"test_url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678/test",
"ping_url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678/pings",
"deliveries_url": "https://api.github.com/repos/octocat/Hello-World/hooks/12345678/deliveries",
"last_response": {
"code": null,
"status": "unused",
"message": null
}
}
Delete a repository webhook
Fine-grained access tokens for "Delete a repository webhook"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Webhooks" repository permissions (write)
Parameters for "Delete a repository webhook"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
hook_id integer RequiredThe unique identifier of the hook. You can find this value in the |
HTTP response status codes for "Delete a repository webhook"
Status code | Description |
---|---|
204 | No Content |
404 | Resource not found |
Code samples for "Delete a repository webhook"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Request example
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/hooks/HOOK_ID
Response
Status: 204
Get a webhook configuration for a repository
Returns the webhook configuration for a repository. To get more information about the webhook, including the active
state and events
, use "Get a repository webhook."
OAuth app tokens and personal access tokens (classic) need the read:repo_hook
or repo
scope to use this endpoint.
Fine-grained access tokens for "Get a webhook configuration for a repository"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Webhooks" repository permissions (read)
Parameters for "Get a webhook configuration for a repository"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
hook_id integer RequiredThe unique identifier of the hook. You can find this value in the |
HTTP response status codes for "Get a webhook configuration for a repository"
Status code | Description |
---|---|
200 | OK |
Code samples for "Get a webhook configuration for a repository"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Request example
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/hooks/HOOK_ID/config
Response
Status: 200
{
"content_type": "json",
"insecure_ssl": "0",
"secret": "********",
"url": "https://example.com/webhook"
}
Update a webhook configuration for a repository
Updates the webhook configuration for a repository. To update more information about the webhook, including the active
state and events
, use "Update a repository webhook."
OAuth app tokens and personal access tokens (classic) need the write:repo_hook
or repo
scope to use this endpoint.
Fine-grained access tokens for "Update a webhook configuration for a repository"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Webhooks" repository permissions (write)
Parameters for "Update a webhook configuration for a repository"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
hook_id integer RequiredThe unique identifier of the hook. You can find this value in the |
Name, Type, Description |
---|
url string The URL to which the payloads will be delivered. |
content_type string The media type used to serialize the payloads. Supported values include |
secret string If provided, the |
insecure_ssl string or number Determines whether the SSL certificate of the host for |
HTTP response status codes for "Update a webhook configuration for a repository"
Status code | Description |
---|---|
200 | OK |
Code samples for "Update a webhook configuration for a repository"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Request example
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/hooks/HOOK_ID/config \
-d '{"content_type":"json","url":"https://example.com/webhook"}'
Response
Status: 200
{
"content_type": "json",
"insecure_ssl": "0",
"secret": "********",
"url": "https://example.com/webhook"
}
List deliveries for a repository webhook
Returns a list of webhook deliveries for a webhook configured in a repository.
Fine-grained access tokens for "List deliveries for a repository webhook"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Webhooks" repository permissions (read)
Parameters for "List deliveries for a repository webhook"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
hook_id integer RequiredThe unique identifier of the hook. You can find this value in the |
Name, Type, Description |
---|
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Default: |
cursor string Used for pagination: the starting delivery from which the page of deliveries is fetched. Refer to the |
redelivery boolean |
HTTP response status codes for "List deliveries for a repository webhook"
Status code | Description |
---|---|
200 | OK |
400 | Bad Request |
422 | Validation failed, or the endpoint has been spammed. |
Code samples for "List deliveries for a repository webhook"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Request example
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/hooks/HOOK_ID/deliveries
Response
Status: 200
[
{
"id": 12345678,
"guid": "0b989ba4-242f-11e5-81e1-c7b6966d2516",
"delivered_at": "2019-06-03T00:57:16Z",
"redelivery": false,
"duration": 0.27,
"status": "OK",
"status_code": 200,
"event": "issues",
"action": "opened",
"installation_id": 123,
"repository_id": 456,
"throttled_at": "2019-06-03T00:57:16Z"
},
{
"id": 123456789,
"guid": "0b989ba4-242f-11e5-81e1-c7b6966d2516",
"delivered_at": "2019-06-04T00:57:16Z",
"redelivery": true,
"duration": 0.28,
"status": "OK",
"status_code": 200,
"event": "issues",
"action": "opened",
"installation_id": 123,
"repository_id": 456,
"throttled_at": null
}
]
Get a delivery for a repository webhook
Returns a delivery for a webhook configured in a repository.
Fine-grained access tokens for "Get a delivery for a repository webhook"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Webhooks" repository permissions (read)
Parameters for "Get a delivery for a repository webhook"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
hook_id integer RequiredThe unique identifier of the hook. You can find this value in the |
delivery_id integer Required |
HTTP response status codes for "Get a delivery for a repository webhook"
Status code | Description |
---|---|
200 | OK |
400 | Bad Request |
422 | Validation failed, or the endpoint has been spammed. |
Code samples for "Get a delivery for a repository webhook"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Request example
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/hooks/HOOK_ID/deliveries/DELIVERY_ID
Response
Status: 200
{
"id": 12345678,
"guid": "0b989ba4-242f-11e5-81e1-c7b6966d2516",
"delivered_at": "2019-06-03T00:57:16Z",
"redelivery": false,
"duration": 0.27,
"status": "OK",
"status_code": 200,
"event": "issues",
"action": "opened",
"installation_id": 123,
"repository_id": 456,
"url": "https://www.example.com",
"throttled_at": "2019-06-03T00:57:16Z",
"request": {
"headers": {
"X-GitHub-Delivery": "0b989ba4-242f-11e5-81e1-c7b6966d2516",
"X-Hub-Signature-256": "sha256=6dcb09b5b57875f334f61aebed695e2e4193db5e",
"Accept": "*/*",
"X-GitHub-Hook-ID": "42",
"User-Agent": "GitHub-Hookshot/b8c71d8",
"X-GitHub-Event": "issues",
"X-GitHub-Hook-Installation-Target-ID": "123",
"X-GitHub-Hook-Installation-Target-Type": "repository",
"content-type": "application/json",
"X-Hub-Signature": "sha1=a84d88e7554fc1fa21bcbc4efae3c782a70d2b9d"
},
"payload": {
"action": "opened",
"issue": {
"body": "foo"
},
"repository": {
"id": 123
}
}
},
"response": {
"headers": {
"Content-Type": "text/html;charset=utf-8"
},
"payload": "ok"
}
}
Redeliver a delivery for a repository webhook
Redeliver a webhook delivery for a webhook configured in a repository.
Fine-grained access tokens for "Redeliver a delivery for a repository webhook"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Webhooks" repository permissions (write)
Parameters for "Redeliver a delivery for a repository webhook"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
hook_id integer RequiredThe unique identifier of the hook. You can find this value in the |
delivery_id integer Required |
HTTP response status codes for "Redeliver a delivery for a repository webhook"
Status code | Description |
---|---|
202 | Accepted |
400 | Bad Request |
422 | Validation failed, or the endpoint has been spammed. |
Code samples for "Redeliver a delivery for a repository webhook"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Request example
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/hooks/HOOK_ID/deliveries/DELIVERY_ID/attempts
Accepted
Status: 202
Ping a repository webhook
This will trigger a ping event to be sent to the hook.
Fine-grained access tokens for "Ping a repository webhook"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Webhooks" repository permissions (read)
Parameters for "Ping a repository webhook"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
hook_id integer RequiredThe unique identifier of the hook. You can find this value in the |
HTTP response status codes for "Ping a repository webhook"
Status code | Description |
---|---|
204 | No Content |
404 | Resource not found |
Code samples for "Ping a repository webhook"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Request example
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/hooks/HOOK_ID/pings
Response
Status: 204
Test the push repository webhook
This will trigger the hook with the latest push to the current repository if the hook is subscribed to push
events. If the hook is not subscribed to push
events, the server will respond with 204 but no test POST will be generated.
Note
Previously /repos/:owner/:repo/hooks/:hook_id/test
Fine-grained access tokens for "Test the push repository webhook"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Webhooks" repository permissions (read)
Parameters for "Test the push repository webhook"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
owner string RequiredThe account owner of the repository. The name is not case sensitive. |
repo string RequiredThe name of the repository without the |
hook_id integer RequiredThe unique identifier of the hook. You can find this value in the |
HTTP response status codes for "Test the push repository webhook"
Status code | Description |
---|---|
204 | No Content |
404 | Resource not found |
Code samples for "Test the push repository webhook"
If you access GitHub at GHE.com, replace api.github.com
with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com
.
Request example
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/hooks/HOOK_ID/tests
Response
Status: 204