Authentication
| Action | Description |
|---|---|
oauth_access.create | An OAuth access token was generated for a user account. |
oauth_access.destroy | An OAuth access token was deleted from a user account. |
oauth_application.destroy | An OAuth application was deleted from a user or organization account. |
oauth_application.reset_secret | An OAuth application's secret key was reset. |
oauth_application.transfer | An OAuth application was transferred from one user or organization account to another. |
public_key.create | An SSH key was added to a user account or a deploy key was added to a repository. |
public_key.delete | An SSH key was removed from a user account or a deploy key was removed from a repository. |
public_key.update | A user account's SSH key or a repository's deploy key was updated. |
two_factor_authentication.enabled | Two-factor authentication was enabled for a user account. |
two_factor_authentication.disabled | Two-factor authentication was disabled for a user account. |
GitHub Actions
| Action | Description |
|---|---|
remove_self_hosted_runner | Triggered when a self-hosted runner is removed. |
register_self_hosted_runner | Triggered when a new self-hosted runner is registered. For more information, see "Adding self-hosted runners." |
runner_group_created | Triggered when a self-hosted runner group is created. For more information, see "About self-hosted runner groups. |
runner_group_removed | Triggered when a self-hosted runner group is removed. For more information, see "Removing a self-hosted runner group." |
runner_group_renamed | Triggered when the self-hosted runner group is renamed. |
runner_group_visiblity_updated | Triggered when the visibility settings of the self-hosted runner group are changed. |
runner_group_runner_removed | Triggered when the REST API is used to remove a self-hosted runner from a group. |
runner_group_runners_added | Triggered when a self-hosted runner is added to a group. For more information, see "Moving a self-hosted runner to a group." |
runner_group_runners_updated | Triggered when a runner group's list of members is updated. For more information, see "Set self-hosted runners in a group for an organization." |
self_hosted_runner_updated | Triggered when the runner application is updated. Can be viewed using the REST API and the UI; not visible in the JSON/CSV export. For more information, see "About self-hosted runners." |
Hooks
| Action | Description |
|---|---|
hook.create | A new hook was added to a repository. |
hook.config_changed | A hook's configuration was changed. |
hook.destroy | A hook was deleted. |
hook.events_changed | A hook's configured events were changed. |
Enterprise configuration settings
| Action | Description |
|---|---|
business.clear_members_can_create_repos | A site admin clears a restriction on repository creation in organizations in the enterprise. For more information, see "Enforcing repository management policies in your enterprise." |
business.update_member_repository_creation_permission | A site admin restricts repository creation in organizations in the enterprise. For more information, see "Enforcing repository management policies in your enterprise." |
enterprise.config.lock_anonymous_git_access | A site admin locks anonymous Git read access to prevent repository admins from changing existing anonymous Git read access settings for repositories in the enterprise. For more information, see "Enforcing repository management policies in your enterprise." |
enterprise.config.unlock_anonymous_git_access | A site admin unlocks anonymous Git read access to allow repository admins to change existing anonymous Git read access settings for repositories in the enterprise. For more information, see "Enforcing repository management policies in your enterprise." |
Issues
| Action | Description |
|---|---|
issue.update | An issue's body text (initial comment) changed. |
issue_comment.update | A comment on an issue (other than the initial one) changed. |
issue.destroy | An issue was deleted from the repository. For more information, see "Deleting an issue." |
Organizations
| Action | Description |
|---|---|
org.async_delete | A user initiated a background job to delete an organization. |
org.delete | An organization was deleted by a user-initiated background job. |
org.transform | A user account was converted into an organization. For more information, see "Converting a user into an organization." |
Pull requests
| Action | Description |
|---|---|
pull_request_review_comment.delete | A review comment on a pull request was deleted. |
Protected branches
| Action | Description |
|---|---|
protected_branch.create | Branch protection is enabled on a branch. |
protected_branch.destroy | Branch protection is disabled on a branch. |
protected_branch.update_admin_enforced | Branch protection is enforced for repository administrators. |
protected_branch.update_require_code_owner_review | Enforcement of required code owner review is updated on a branch. |
protected_branch.dismiss_stale_reviews | Enforcement of dismissing stale pull requests is updated on a branch. |
protected_branch.update_signature_requirement_enforcement_level | Enforcement of required commit signing is updated on a branch. |
protected_branch.update_pull_request_reviews_enforcement_level | Enforcement of required pull request reviews is updated on a branch. |
protected_branch.update_required_status_checks_enforcement_level | Enforcement of required status checks is updated on a branch. |
protected_branch.rejected_ref_update | A branch update attempt is rejected. |
protected_branch.policy_override | A branch protection requirement is overridden by a repository administrator. |
Repositories
| Action | Description |
|---|---|
repo.access | The visibility of a repository changed to private, public, or internal. |
repo.archived | A repository was archived. For more information, see "Archiving a GitHub repository." |
repo.add_member | A collaborator was added to a repository. |
repo.config | A site admin blocked force pushes. For more information, see Blocking force pushes to a repository to a repository. |
repo.create | A repository was created. |
repo.destroy | A repository was deleted. |
repo.remove_member | A collaborator was removed from a repository. |
repo.rename | A repository was renamed. |
repo.transfer | A user accepted a request to receive a transferred repository. |
repo.transfer_start | A user sent a request to transfer a repository to another user or organization. |
repo.unarchived | A repository was unarchived. For more information, see "Archiving a GitHub repository." |
repo.config.disable_anonymous_git_access | Anonymous Git read access is disabled for a repository. For more information, see "Enabling anonymous Git read access for a repository." |
repo.config.enable_anonymous_git_access | Anonymous Git read access is enabled for a repository. For more information, see "Enabling anonymous Git read access for a repository." |
repo.config.lock_anonymous_git_access | A repository's anonymous Git read access setting is locked, preventing repository administrators from changing (enabling or disabling) this setting. For more information, see "Preventing users from changing anonymous Git read access." |
repo.config.unlock_anonymous_git_access | A repository's anonymous Git read access setting is unlocked, allowing repository administrators to change (enable or disable) this setting. For more information, see "Preventing users from changing anonymous Git read access." |
Site admin tools
| Action | Description |
|---|---|
staff.disable_repo | A site admin disabled access to a repository and all of its forks. |
staff.enable_repo | A site admin re-enabled access to a repository and all of its forks. |
staff.fake_login | A site admin signed into GitHub Enterprise Server as another user. |
staff.repo_unlock | A site admin unlocked (temporarily gained full access to) one of a user's private repositories. |
staff.unlock | A site admin unlocked (temporarily gained full access to) all of a user's private repositories. |
Teams
| Action | Description |
|---|---|
team.create | A user account or repository was added to a team. |
team.delete | A user account or repository was removed from a team. |
team.destroy | A team was deleted. |
Users
| Action | Description |
|---|---|
user.add_email | An email address was added to a user account. |
user.async_delete | An asynchronous job was started to destroy a user account, eventually triggering user.delete. |
user.change_password | A user changed his or her password. |
user.create | A new user account was created. |
user.delete | A user account was destroyed by an asynchronous job. |
user.demote | A site admin was demoted to an ordinary user account. |
user.destroy | A user deleted his or her account, triggering user.async_delete. |
user.failed_login | A user tried to sign in with an incorrect username, password, or two-factor authentication code. |
user.forgot_password | A user requested a password reset via the sign-in page. |
user.login | A user signed in. |
user.promote | An ordinary user account was promoted to a site admin. |
user.remove_email | An email address was removed from a user account. |
user.rename | A username was changed. |
user.suspend | A user account was suspended by a site admin. |
user.two_factor_requested | A user was prompted for a two-factor authentication code. |
user.unsuspend | A user account was unsuspended by a site admin. |