This page lists endpoints that you can access while authenticated as a GitHub App. See "Authenticating as a GitHub App" to learn more.
When authenticated as a GitHub App, the GitHub Apps API enables you to get high-level information about a GitHub App as well as specific information about installations of an app.
You can access REST API v3 endpoints while authenticated as a GitHub App. These endpoints have a "Notes" section that contains a bullet point that says "Works with GitHub Apps." You can also access these endpoints while authenticated as a user.
A subset of REST API v3 endpoints requires authenticating as a GitHub App installation. See Installations for a list of these endpoints.
Get the authenticated app
Returns the GitHub App associated with the authentication credentials used. To see how many app installations are associated with this GitHub App, see the installations_count
in the response. For more details about your app's installations, see the "List installations for the authenticated app" endpoint.
You must use a JWT to access this endpoint.
get /app
Code samples
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/app
JavaScript (@octokit/core.js)
await octokit.request('GET /app')
Response
Status: 200 OK
{
"id": 1,
"slug": "octoapp",
"node_id": "MDExOkludGVncmF0aW9uMQ==",
"owner": {
"login": "github",
"id": 1,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
"url": "https://api.github.com/orgs/github",
"repos_url": "https://api.github.com/orgs/github/repos",
"events_url": "https://api.github.com/orgs/github/events",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": true
},
"name": "Octocat App",
"description": "",
"external_url": "https://example.com",
"html_url": "https://github.com/apps/octoapp",
"created_at": "2017-07-08T16:18:44-04:00",
"updated_at": "2017-07-08T16:18:44-04:00",
"permissions": {
"metadata": "read",
"contents": "read",
"issues": "write",
"single_file": "write"
},
"events": [
"push",
"pull_request"
]
}
Notes
Create a GitHub App from a manifest
Use this endpoint to complete the handshake necessary when implementing the GitHub App Manifest flow. When you create a GitHub App with the manifest flow, you receive a temporary code
used to retrieve the GitHub App's id
, pem
(private key), and webhook_secret
.
post /app-manifests/{code}/conversions
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
code |
string | path |
Code samples
Shell
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/app-manifests/CODE/conversions
JavaScript (@octokit/core.js)
await octokit.request('POST /app-manifests/{code}/conversions', {
code: 'code'
})
Response
Status: 201 Created
{
"id": 1,
"slug": "octoapp",
"node_id": "MDxOkludGVncmF0aW9uMQ==",
"owner": {
"login": "github",
"id": 1,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
"url": "https://api.github.com/orgs/github",
"repos_url": "https://api.github.com/orgs/github/repos",
"events_url": "https://api.github.com/orgs/github/events",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": true
},
"name": "Octocat App",
"description": "",
"external_url": "https://example.com",
"html_url": "https://github.com/apps/octoapp",
"created_at": "2017-07-08T16:18:44-04:00",
"updated_at": "2017-07-08T16:18:44-04:00",
"permissions": {
"metadata": "read",
"contents": "read",
"issues": "write",
"single_file": "write"
},
"events": [
"push",
"pull_request"
],
"client_id": "Iv1.8a61f9b3a7aba766",
"client_secret": "1726be1638095a19edd134c77bde3aa2ece1e5d8",
"webhook_secret": "e340154128314309424b7c8e90325147d99fdafa",
"pem": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAuEPzOUE+kiEH1WLiMeBytTEF856j0hOVcSUSUkZxKvqczkWM\n9vo1gDyC7ZXhdH9fKh32aapba3RSsp4ke+giSmYTk2mGR538ShSDxh0OgpJmjiKP\nX0Bj4j5sFqfXuCtl9SkH4iueivv4R53ktqM+n6hk98l6hRwC39GVIblAh2lEM4L/\n6WvYwuQXPMM5OG2Ryh2tDZ1WS5RKfgq+9ksNJ5Q9UtqtqHkO+E63N5OK9sbzpUUm\noNaOl3udTlZD3A8iqwMPVxH4SxgATBPAc+bmjk6BMJ0qIzDcVGTrqrzUiywCTLma\nszdk8GjzXtPDmuBgNn+o6s02qVGpyydgEuqmTQIDAQABAoIBACL6AvkjQVVLn8kJ\ndBYznJJ4M8ECo+YEgaFwgAHODT0zRQCCgzd+Vxl4YwHmKV2Lr+y2s0drZt8GvYva\nKOK8NYYZyi15IlwFyRXmvvykF1UBpSXluYFDH7KaVroWMgRreHcIys5LqVSIb6Bo\ngDmK0yBLPp8qR29s2b7ScZRtLaqGJiX+j55rNzrZwxHkxFHyG9OG+u9IsBElcKCP\nkYCVE8ZdYexfnKOZbgn2kZB9qu0T/Mdvki8yk3I2bI6xYO24oQmhnT36qnqWoCBX\nNuCNsBQgpYZeZET8mEAUmo9d+ABmIHIvSs005agK8xRaP4+6jYgy6WwoejJRF5yd\nNBuF7aECgYEA50nZ4FiZYV0vcJDxFYeY3kYOvVuKn8OyW+2rg7JIQTremIjv8FkE\nZnwuF9ZRxgqLxUIfKKfzp/5l5LrycNoj2YKfHKnRejxRWXqG+ZETfxxlmlRns0QG\nJ4+BYL0CoanDSeA4fuyn4Bv7cy/03TDhfg/Uq0Aeg+hhcPE/vx3ebPsCgYEAy/Pv\neDLssOSdeyIxf0Brtocg6aPXIVaLdus+bXmLg77rJIFytAZmTTW8SkkSczWtucI3\nFI1I6sei/8FdPzAl62/JDdlf7Wd9K7JIotY4TzT7Tm7QU7xpfLLYIP1bOFjN81rk\n77oOD4LsXcosB/U6s1blPJMZ6AlO2EKs10UuR1cCgYBipzuJ2ADEaOz9RLWwi0AH\nPza2Sj+c2epQD9ZivD7Zo/Sid3ZwvGeGF13JyR7kLEdmAkgsHUdu1rI7mAolXMaB\n1pdrsHureeLxGbRM6za3tzMXWv1Il7FQWoPC8ZwXvMOR1VQDv4nzq7vbbA8z8c+c\n57+8tALQHOTDOgQIzwK61QKBgERGVc0EJy4Uag+VY8J4m1ZQKBluqo7TfP6DQ7O8\nM5MX73maB/7yAX8pVO39RjrhJlYACRZNMbK+v/ckEQYdJSSKmGCVe0JrGYDuPtic\nI9+IGfSorf7KHPoMmMN6bPYQ7Gjh7a++tgRFTMEc8956Hnt4xGahy9NcglNtBpVN\n6G8jAoGBAMCh028pdzJa/xeBHLLaVB2sc0Fe7993WlsPmnVE779dAz7qMscOtXJK\nfgtriltLSSD6rTA9hUAsL/X62rY0wdXuNdijjBb/qvrx7CAV6i37NK1CjABNjsfG\nZM372Ac6zc1EqSrid2IjET1YqyIW2KGLI1R2xbQc98UGlt48OdWu\n-----END RSA PRIVATE KEY-----\n"
}
Resource not found
Status: 404 Not Found
Validation failed
Status: 422 Unprocessable Entity
List installations for the authenticated app
You must use a JWT to access this endpoint.
The permissions the installation has are included under the permissions
key.
get /app/installations
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
per_page |
integer | query |
Results per page (max 100) Default:30 |
page |
integer | query |
Page number of the results to fetch. Default:1 |
since |
string | query |
Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: |
outdated |
string | query |
Code samples
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/app/installations
JavaScript (@octokit/core.js)
await octokit.request('GET /app/installations')
The permissions the installation has are included under the permissions
key.
Status: 200 OK
[
{
"id": 1,
"account": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"access_tokens_url": "https://api.github.com/installations/1/access_tokens",
"repositories_url": "https://api.github.com/installation/repositories",
"html_url": "https://github.com/organizations/github/settings/installations/1",
"app_id": 1,
"target_id": 1,
"target_type": "Organization",
"permissions": {
"checks": "write",
"metadata": "read",
"contents": "read"
},
"events": [
"push",
"pull_request"
],
"single_file_name": "config.yaml",
"has_multiple_single_files": true,
"single_file_paths": [
"config.yml",
".github/issue_TEMPLATE.md"
],
"repository_selection": "selected",
"created_at": "2017-07-08T16:18:44-04:00",
"updated_at": "2017-07-08T16:18:44-04:00",
"app_slug": "github-actions",
"suspended_at": null,
"suspended_by": null
}
]
Notes
Get an installation for the authenticated app
Enables an authenticated GitHub App to find an installation's information using the installation id.
You must use a JWT to access this endpoint.
get /app/installations/{installation_id}
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
installation_id |
integer | path |
installation_id parameter |
Code samples
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/app/installations/42
JavaScript (@octokit/core.js)
await octokit.request('GET /app/installations/{installation_id}', {
installation_id: 42
})
Response
Status: 200 OK
{
"id": 1,
"account": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"access_tokens_url": "https://api.github.com/installations/1/access_tokens",
"repositories_url": "https://api.github.com/installation/repositories",
"html_url": "https://github.com/organizations/github/settings/installations/1",
"app_id": 1,
"target_id": 1,
"target_type": "Organization",
"permissions": {
"checks": "write",
"metadata": "read",
"contents": "read"
},
"events": [
"push",
"pull_request"
],
"single_file_name": "config.yaml",
"has_multiple_single_files": true,
"single_file_paths": [
"config.yml",
".github/issue_TEMPLATE.md"
],
"repository_selection": "selected",
"created_at": "2017-07-08T16:18:44-04:00",
"updated_at": "2017-07-08T16:18:44-04:00",
"app_slug": "github-actions",
"suspended_at": null,
"suspended_by": null
}
Resource not found
Status: 404 Not Found
Preview header missing
Status: 415 Unsupported Media Type
Notes
Delete an installation for the authenticated app
Uninstalls a GitHub App on a user, organization, or business account. If you prefer to temporarily suspend an app's access to your account's resources, then we recommend the "Suspend an app installation" endpoint.
You must use a JWT to access this endpoint.
delete /app/installations/{installation_id}
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
installation_id |
integer | path |
installation_id parameter |
Code samples
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/app/installations/42
JavaScript (@octokit/core.js)
await octokit.request('DELETE /app/installations/{installation_id}', {
installation_id: 42
})
Response
Status: 204 No Content
Resource not found
Status: 404 Not Found
Create an installation access token for an app
Creates an installation access token that enables a GitHub App to make authenticated API requests for the app's installation on an organization or individual account. Installation tokens expire one hour from the time you create them. Using an expired token produces a status code of 401 - Unauthorized
, and requires creating a new installation token. By default the installation token has access to all repositories that the installation can access. To restrict the access to specific repositories, you can provide the repository_ids
when creating the token. When you omit repository_ids
, the response does not contain the repositories
key.
You must use a JWT to access this endpoint.
post /app/installations/{installation_id}/access_tokens
Parameters
Name | Type | In | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
accept |
string | header |
Setting to
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
installation_id |
integer | path |
installation_id parameter |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
repositories |
array of strings | body |
List of repository names that the token should have access to |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
repository_ids |
array of integers | body |
List of repository IDs that the token should have access to |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
permissions |
object | body |
The permissions granted to the user-to-server access token. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Properties of the
|
Name (Type) | Description |
---|---|
actions (string)
|
The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts. Can be one of: |
administration (string)
|
The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation. Can be one of: |
checks (string)
|
The level of permission to grant the access token for checks on code. Can be one of: |
contents (string)
|
The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges. Can be one of: |
deployments (string)
|
The level of permission to grant the access token for deployments and deployment statuses. Can be one of: |
environments (string)
|
The level of permission to grant the access token for managing repository environments. Can be one of: |
issues (string)
|
The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones. Can be one of: |
metadata (string)
|
The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata. Can be one of: |
packages (string)
|
The level of permission to grant the access token for packages published to GitHub Packages. Can be one of: |
pages (string)
|
The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds. Can be one of: |
pull_requests (string)
|
The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges. Can be one of: |
repository_hooks (string)
|
The level of permission to grant the access token to manage the post-receive hooks for a repository. Can be one of: |
repository_projects (string)
|
The level of permission to grant the access token to manage repository projects, columns, and cards. Can be one of: |
secret_scanning_alerts (string)
|
The level of permission to grant the access token to view and manage secret scanning alerts. Can be one of: |
secrets (string)
|
The level of permission to grant the access token to manage repository secrets. Can be one of: |
security_events (string)
|
The level of permission to grant the access token to view and manage security events like code scanning alerts. Can be one of: |
single_file (string)
|
The level of permission to grant the access token to manage just a single file. Can be one of: |
statuses (string)
|
The level of permission to grant the access token for commit statuses. Can be one of: |
vulnerability_alerts (string)
|
The level of permission to grant the access token to manage Dependabot alerts. Can be one of: |
workflows (string)
|
The level of permission to grant the access token to update GitHub Actions workflow files. Can be one of: |
members (string)
|
The level of permission to grant the access token for organization teams and members. Can be one of: |
organization_administration (string)
|
The level of permission to grant the access token to manage access to an organization. Can be one of: |
organization_hooks (string)
|
The level of permission to grant the access token to manage the post-receive hooks for an organization. Can be one of: |
organization_plan (string)
|
The level of permission to grant the access token for viewing an organization's plan. Can be one of: |
organization_projects (string)
|
The level of permission to grant the access token to manage organization projects and projects beta (where available). Can be one of: |
organization_packages (string)
|
The level of permission to grant the access token for organization packages published to GitHub Packages. Can be one of: |
organization_secrets (string)
|
The level of permission to grant the access token to manage organization secrets. Can be one of: |
organization_self_hosted_runners (string)
|
The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization. Can be one of: |
organization_user_blocking (string)
|
The level of permission to grant the access token to view and manage users blocked by the organization. Can be one of: |
team_discussions (string)
|
The level of permission to grant the access token to manage team discussions and related comments. Can be one of: |
content_references (string)
|
The level of permission to grant the access token for notification of content references and creation content attachments. Can be one of: |
Code samples
Shell
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/app/installations/42/access_tokens \
-d '{"repositories":["repositories"]}'
JavaScript (@octokit/core.js)
await octokit.request('POST /app/installations/{installation_id}/access_tokens', {
installation_id: 42,
repositories: [
'repositories'
]
})
Response
Status: 201 Created
{
"token": "ghs_16C7e42F292c6912E7710c838347Ae178B4a",
"expires_at": "2016-07-11T22:14:10Z",
"permissions": {
"issues": "write",
"contents": "read"
},
"repository_selection": "selected",
"repositories": [
{
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://api.github.com/repos/octocat/Hello-World",
"archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
"deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
"downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
"events_url": "https://api.github.com/repos/octocat/Hello-World/events",
"forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
"git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
"git_url": "git:github.com/octocat/Hello-World.git",
"issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
"merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
"milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
"ssh_url": "git@github.com:octocat/Hello-World.git",
"stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
"tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
"teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
"trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
"clone_url": "https://github.com/octocat/Hello-World.git",
"mirror_url": "git:git.example.com/octocat/Hello-World",
"hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks",
"svn_url": "https://svn.github.com/octocat/Hello-World",
"homepage": "https://github.com",
"language": null,
"forks_count": 9,
"stargazers_count": 80,
"watchers_count": 80,
"size": 108,
"default_branch": "master",
"open_issues_count": 0,
"is_template": true,
"topics": [
"octocat",
"atom",
"electron",
"api"
],
"has_issues": true,
"has_projects": true,
"has_wiki": true,
"has_pages": false,
"has_downloads": true,
"archived": false,
"disabled": false,
"visibility": "public",
"pushed_at": "2011-01-26T19:06:43Z",
"created_at": "2011-01-26T19:01:12Z",
"updated_at": "2011-01-26T19:14:43Z",
"permissions": {
"admin": false,
"push": false,
"pull": true
},
"allow_rebase_merge": true,
"template_repository": null,
"temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
"allow_squash_merge": true,
"delete_branch_on_merge": true,
"allow_merge_commit": true,
"subscribers_count": 42,
"network_count": 0,
"license": {
"key": "mit",
"name": "MIT License",
"url": "https://api.github.com/licenses/mit",
"spdx_id": "MIT",
"node_id": "MDc6TGljZW5zZW1pdA==",
"html_url": "https://github.com/licenses/mit"
},
"forks": 1,
"open_issues": 1,
"watchers": 1
}
]
}
Requires authentication
Status: 401 Unauthorized
Forbidden
Status: 403 Forbidden
Resource not found
Status: 404 Not Found
Preview header missing
Status: 415 Unsupported Media Type
Validation failed
Status: 422 Unprocessable Entity
Notes
Suspend an app installation
Suspends a GitHub App on a user, organization, or business account, which blocks the app from accessing the account's resources. When a GitHub App is suspended, the app's access to the GitHub Enterprise Server API or webhook events is blocked for that account.
You must use a JWT to access this endpoint.
put /app/installations/{installation_id}/suspended
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
installation_id |
integer | path |
installation_id parameter |
Code samples
Shell
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/app/installations/42/suspended
JavaScript (@octokit/core.js)
await octokit.request('PUT /app/installations/{installation_id}/suspended', {
installation_id: 42
})
Response
Status: 204 No Content
Resource not found
Status: 404 Not Found
Unsuspend an app installation
Removes a GitHub App installation suspension.
You must use a JWT to access this endpoint.
delete /app/installations/{installation_id}/suspended
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
installation_id |
integer | path |
installation_id parameter |
Code samples
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/app/installations/42/suspended
JavaScript (@octokit/core.js)
await octokit.request('DELETE /app/installations/{installation_id}/suspended', {
installation_id: 42
})
Response
Status: 204 No Content
Resource not found
Status: 404 Not Found
Get an app
Note: The :app_slug
is just the URL-friendly name of your GitHub App. You can find this on the settings page for your GitHub App (e.g., https://github.com/settings/apps/:app_slug
).
If the GitHub App you specify is public, you can access this endpoint without authenticating. If the GitHub App you specify is private, you must authenticate with a personal access token or an installation access token to access this endpoint.
get /apps/{app_slug}
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
app_slug |
string | path |
Code samples
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/apps/APP_SLUG
JavaScript (@octokit/core.js)
await octokit.request('GET /apps/{app_slug}', {
app_slug: 'app_slug'
})
Response
Status: 200 OK
{
"id": 1,
"slug": "octoapp",
"node_id": "MDExOkludGVncmF0aW9uMQ==",
"owner": {
"login": "github",
"id": 1,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
"url": "https://api.github.com/orgs/github",
"repos_url": "https://api.github.com/orgs/github/repos",
"events_url": "https://api.github.com/orgs/github/events",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": true
},
"name": "Octocat App",
"description": "",
"external_url": "https://example.com",
"html_url": "https://github.com/apps/octoapp",
"created_at": "2017-07-08T16:18:44-04:00",
"updated_at": "2017-07-08T16:18:44-04:00",
"permissions": {
"metadata": "read",
"contents": "read",
"issues": "write",
"single_file": "write"
},
"events": [
"push",
"pull_request"
]
}
Forbidden
Status: 403 Forbidden
Resource not found
Status: 404 Not Found
Preview header missing
Status: 415 Unsupported Media Type
Notes
Get an organization installation for the authenticated app
Enables an authenticated GitHub App to find the organization's installation information.
You must use a JWT to access this endpoint.
get /orgs/{org}/installation
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
org |
string | path |
Code samples
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/orgs/ORG/installation
JavaScript (@octokit/core.js)
await octokit.request('GET /orgs/{org}/installation', {
org: 'org'
})
Response
Status: 200 OK
{
"id": 1,
"account": {
"login": "github",
"id": 1,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
"avatar_url": "https://github.com/images/error/hubot_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/orgs/github",
"html_url": "https://github.com/github",
"followers_url": "https://api.github.com/users/github/followers",
"following_url": "https://api.github.com/users/github/following{/other_user}",
"gists_url": "https://api.github.com/users/github/gists{/gist_id}",
"starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/github/subscriptions",
"organizations_url": "https://api.github.com/users/github/orgs",
"repos_url": "https://api.github.com/orgs/github/repos",
"events_url": "https://api.github.com/orgs/github/events",
"received_events_url": "https://api.github.com/users/github/received_events",
"type": "Organization",
"site_admin": false
},
"repository_selection": "all",
"access_tokens_url": "https://api.github.com/installations/1/access_tokens",
"repositories_url": "https://api.github.com/installation/repositories",
"html_url": "https://github.com/organizations/github/settings/installations/1",
"app_id": 1,
"target_id": 1,
"target_type": "Organization",
"permissions": {
"checks": "write",
"metadata": "read",
"contents": "read"
},
"events": [
"push",
"pull_request"
],
"created_at": "2018-02-09T20:51:14Z",
"updated_at": "2018-02-09T20:51:14Z",
"single_file_name": "config.yml",
"has_multiple_single_files": true,
"single_file_paths": [
"config.yml",
".github/issue_TEMPLATE.md"
],
"app_slug": "github-actions",
"suspended_at": null,
"suspended_by": null
}
Get a repository installation for the authenticated app
Enables an authenticated GitHub App to find the repository's installation information. The installation's account type will be either an organization or a user account, depending which account the repository belongs to.
You must use a JWT to access this endpoint.
get /repos/{owner}/{repo}/installation
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
owner |
string | path | |
repo |
string | path |
Code samples
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/repos/octocat/hello-world/installation
JavaScript (@octokit/core.js)
await octokit.request('GET /repos/{owner}/{repo}/installation', {
owner: 'octocat',
repo: 'hello-world'
})
Response
Status: 200 OK
{
"id": 1,
"account": {
"login": "github",
"id": 1,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
"avatar_url": "https://github.com/images/error/hubot_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/orgs/github",
"html_url": "https://github.com/github",
"followers_url": "https://api.github.com/users/github/followers",
"following_url": "https://api.github.com/users/github/following{/other_user}",
"gists_url": "https://api.github.com/users/github/gists{/gist_id}",
"starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/github/subscriptions",
"organizations_url": "https://api.github.com/users/github/orgs",
"repos_url": "https://api.github.com/orgs/github/repos",
"events_url": "https://api.github.com/orgs/github/events",
"received_events_url": "https://api.github.com/users/github/received_events",
"type": "Organization",
"site_admin": false
},
"repository_selection": "all",
"access_tokens_url": "https://api.github.com/installations/1/access_tokens",
"repositories_url": "https://api.github.com/installation/repositories",
"html_url": "https://github.com/organizations/github/settings/installations/1",
"app_id": 1,
"target_id": 1,
"target_type": "Organization",
"permissions": {
"checks": "write",
"metadata": "read",
"contents": "read"
},
"events": [
"push",
"pull_request"
],
"created_at": "2018-02-09T20:51:14Z",
"updated_at": "2018-02-09T20:51:14Z",
"single_file_name": "config.yml",
"has_multiple_single_files": true,
"single_file_paths": [
"config.yml",
".github/issue_TEMPLATE.md"
],
"app_slug": "github-actions",
"suspended_at": null,
"suspended_by": null
}
Moved permanently
Status: 301 Moved Permanently
Resource not found
Status: 404 Not Found
Get a user installation for the authenticated app
Enables an authenticated GitHub App to find the user’s installation information.
You must use a JWT to access this endpoint.
get /users/{username}/installation
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
username |
string | path |
Code samples
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/users/USERNAME/installation
JavaScript (@octokit/core.js)
await octokit.request('GET /users/{username}/installation', {
username: 'username'
})
Response
Status: 200 OK
{
"id": 1,
"account": {
"login": "github",
"id": 1,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
"avatar_url": "https://github.com/images/error/hubot_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/orgs/github",
"html_url": "https://github.com/github",
"followers_url": "https://api.github.com/users/github/followers",
"following_url": "https://api.github.com/users/github/following{/other_user}",
"gists_url": "https://api.github.com/users/github/gists{/gist_id}",
"starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/github/subscriptions",
"organizations_url": "https://api.github.com/users/github/orgs",
"repos_url": "https://api.github.com/orgs/github/repos",
"events_url": "https://api.github.com/orgs/github/events",
"received_events_url": "https://api.github.com/users/github/received_events",
"type": "Organization",
"site_admin": false
},
"repository_selection": "all",
"access_tokens_url": "https://api.github.com/installations/1/access_tokens",
"repositories_url": "https://api.github.com/installation/repositories",
"html_url": "https://github.com/organizations/github/settings/installations/1",
"app_id": 1,
"target_id": 1,
"target_type": "Organization",
"permissions": {
"checks": "write",
"metadata": "read",
"contents": "read"
},
"events": [
"push",
"pull_request"
],
"created_at": "2018-02-09T20:51:14Z",
"updated_at": "2018-02-09T20:51:14Z",
"single_file_name": "config.yml",
"has_multiple_single_files": true,
"single_file_paths": [
"config.yml",
".github/issue_TEMPLATE.md"
],
"app_slug": "github-actions",
"suspended_at": null,
"suspended_by": null
}
OAuth Applications API
You can use this API to manage the OAuth tokens an OAuth application uses to access people's accounts on your GitHub Enterprise Server instance.
Delete an app authorization
OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id
and client_secret
as the username and password. You must also provide a valid OAuth access_token
as an input parameter and the grant for the token's owner will be deleted.
Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on the application authorizations settings screen within GitHub.
delete /applications/{client_id}/grant
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
client_id |
string | path |
The client ID of your GitHub app. |
access_token |
string | body |
Required. The OAuth access token used to authenticate to the GitHub API. |
Code samples
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/applications/CLIENT_ID/grant \
-d '{"access_token":"access_token"}'
JavaScript (@octokit/core.js)
await octokit.request('DELETE /applications/{client_id}/grant', {
client_id: 'client_id',
access_token: 'access_token'
})
Response
Status: 204 No Content
Validation failed
Status: 422 Unprocessable Entity
Revoke a grant for an application
Deprecation Notice: GitHub Enterprise Server will discontinue OAuth endpoints that contain access_token
in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving access_token
to the request body. For more information, see the blog post.
OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id
and client_secret
as the username and password. You must also provide a valid token as :access_token
and the grant for the token's owner will be deleted.
Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on the Applications settings page under "Authorized OAuth Apps" on GitHub Enterprise Server.
delete /applications/{client_id}/grants/{access_token}
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
client_id |
string | path |
The client ID of your GitHub app. |
access_token |
string | path |
Code samples
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/applications/CLIENT_ID/grants/ACCESS_TOKEN
JavaScript (@octokit/core.js)
await octokit.request('DELETE /applications/{client_id}/grants/{access_token}', {
client_id: 'client_id',
access_token: 'access_token'
})
Response
Status: 204 No Content
Check a token
OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use Basic Authentication to use this endpoint, where the username is the OAuth application client_id
and the password is its client_secret
. Invalid tokens will return 404 NOT FOUND
.
post /applications/{client_id}/token
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
client_id |
string | path |
The client ID of your GitHub app. |
access_token |
string | body |
Required. The access_token of the OAuth application. |
Code samples
Shell
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/applications/CLIENT_ID/token \
-d '{"access_token":"access_token"}'
JavaScript (@octokit/core.js)
await octokit.request('POST /applications/{client_id}/token', {
client_id: 'client_id',
access_token: 'access_token'
})
Response
Status: 200 OK
{
"id": 1,
"url": "https://api.github.com/authorizations/1",
"scopes": [
"public_repo",
"user"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"fingerprint": "jklmnop12345678",
"expires_at": "2011-09-08T17:26:27Z",
"user": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
}
Resource not found
Status: 404 Not Found
Validation failed
Status: 422 Unprocessable Entity
Reset a token
OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the "token" property in the response because changes take effect immediately. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id
and client_secret
as the username and password. Invalid tokens will return 404 NOT FOUND
.
patch /applications/{client_id}/token
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
client_id |
string | path |
The client ID of your GitHub app. |
access_token |
string | body |
Required. The access_token of the OAuth application. |
Code samples
Shell
curl \
-X PATCH \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/applications/CLIENT_ID/token \
-d '{"access_token":"access_token"}'
JavaScript (@octokit/core.js)
await octokit.request('PATCH /applications/{client_id}/token', {
client_id: 'client_id',
access_token: 'access_token'
})
Response
Status: 200 OK
{
"id": 1,
"url": "https://api.github.com/authorizations/1",
"scopes": [
"public_repo",
"user"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"fingerprint": "jklmnop12345678",
"expires_at": "2011-09-08T17:26:27Z",
"user": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
}
Validation failed
Status: 422 Unprocessable Entity
Delete an app token
OAuth application owners can revoke a single token for an OAuth application. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id
and client_secret
as the username and password.
delete /applications/{client_id}/token
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
client_id |
string | path |
The client ID of your GitHub app. |
access_token |
string | body |
Required. The OAuth access token used to authenticate to the GitHub API. |
Code samples
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/applications/CLIENT_ID/token \
-d '{"access_token":"access_token"}'
JavaScript (@octokit/core.js)
await octokit.request('DELETE /applications/{client_id}/token', {
client_id: 'client_id',
access_token: 'access_token'
})
Response
Status: 204 No Content
Validation failed
Status: 422 Unprocessable Entity
Create a scoped access token
Use a non-scoped user-to-server OAuth access token to create a repository scoped and/or permission scoped user-to-server OAuth access token. You can specify which repositories the token can access and which permissions are granted to the token. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id
and client_secret
as the username and password. Invalid tokens will return 404 NOT FOUND
.
post /applications/{client_id}/token/scoped
Parameters
Name | Type | In | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
accept |
string | header |
Setting to
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
client_id |
string | path |
The client ID of your GitHub app. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
access_token |
string | body |
Required. The OAuth access token used to authenticate to the GitHub API. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
target |
string | body |
The name of the user or organization to scope the user-to-server access token to. Required unless |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
target_id |
integer | body |
The ID of the user or organization to scope the user-to-server access token to. Required unless |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
repositories |
array of strings | body |
The list of repository names to scope the user-to-server access token to. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
repository_ids |
array of integers | body |
The list of repository IDs to scope the user-to-server access token to. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
permissions |
object | body |
The permissions granted to the user-to-server access token. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Properties of the
|
Name (Type) | Description |
---|---|
actions (string)
|
The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts. Can be one of: |
administration (string)
|
The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation. Can be one of: |
checks (string)
|
The level of permission to grant the access token for checks on code. Can be one of: |
contents (string)
|
The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges. Can be one of: |
deployments (string)
|
The level of permission to grant the access token for deployments and deployment statuses. Can be one of: |
environments (string)
|
The level of permission to grant the access token for managing repository environments. Can be one of: |
issues (string)
|
The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones. Can be one of: |
metadata (string)
|
The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata. Can be one of: |
packages (string)
|
The level of permission to grant the access token for packages published to GitHub Packages. Can be one of: |
pages (string)
|
The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds. Can be one of: |
pull_requests (string)
|
The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges. Can be one of: |
repository_hooks (string)
|
The level of permission to grant the access token to manage the post-receive hooks for a repository. Can be one of: |
repository_projects (string)
|
The level of permission to grant the access token to manage repository projects, columns, and cards. Can be one of: |
secret_scanning_alerts (string)
|
The level of permission to grant the access token to view and manage secret scanning alerts. Can be one of: |
secrets (string)
|
The level of permission to grant the access token to manage repository secrets. Can be one of: |
security_events (string)
|
The level of permission to grant the access token to view and manage security events like code scanning alerts. Can be one of: |
single_file (string)
|
The level of permission to grant the access token to manage just a single file. Can be one of: |
statuses (string)
|
The level of permission to grant the access token for commit statuses. Can be one of: |
vulnerability_alerts (string)
|
The level of permission to grant the access token to manage Dependabot alerts. Can be one of: |
workflows (string)
|
The level of permission to grant the access token to update GitHub Actions workflow files. Can be one of: |
members (string)
|
The level of permission to grant the access token for organization teams and members. Can be one of: |
organization_administration (string)
|
The level of permission to grant the access token to manage access to an organization. Can be one of: |
organization_hooks (string)
|
The level of permission to grant the access token to manage the post-receive hooks for an organization. Can be one of: |
organization_plan (string)
|
The level of permission to grant the access token for viewing an organization's plan. Can be one of: |
organization_projects (string)
|
The level of permission to grant the access token to manage organization projects and projects beta (where available). Can be one of: |
organization_packages (string)
|
The level of permission to grant the access token for organization packages published to GitHub Packages. Can be one of: |
organization_secrets (string)
|
The level of permission to grant the access token to manage organization secrets. Can be one of: |
organization_self_hosted_runners (string)
|
The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization. Can be one of: |
organization_user_blocking (string)
|
The level of permission to grant the access token to view and manage users blocked by the organization. Can be one of: |
team_discussions (string)
|
The level of permission to grant the access token to manage team discussions and related comments. Can be one of: |
content_references (string)
|
The level of permission to grant the access token for notification of content references and creation content attachments. Can be one of: |
Code samples
Shell
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/applications/CLIENT_ID/token/scoped \
-d '{"access_token":"access_token"}'
JavaScript (@octokit/core.js)
await octokit.request('POST /applications/{client_id}/token/scoped', {
client_id: 'client_id',
access_token: 'access_token'
})
Response
Status: 200 OK
{
"id": 1,
"url": "https://api.github.com/authorizations/1",
"scopes": [],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"fingerprint": "jklmnop12345678",
"expires_at": "2011-09-08T17:26:27Z",
"user": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"installation": {
"permissions": {
"metadata": "read",
"issues": "write",
"contents": "read"
},
"repository_selection": "selected",
"single_file_name": ".github/workflow.yml",
"repositories_url": "https://api.github.com/user/repos",
"account": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"has_multiple_single_files": false,
"single_file_paths": []
}
}
Requires authentication
Status: 401 Unauthorized
Forbidden
Status: 403 Forbidden
Resource not found
Status: 404 Not Found
Validation failed
Status: 422 Unprocessable Entity
Check an authorization
Deprecation Notice: GitHub Enterprise Server will discontinue OAuth endpoints that contain access_token
in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving access_token
to the request body. For more information, see the blog post.
OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id
and client_secret
as the username and password. Invalid tokens will return 404 NOT FOUND
.
get /applications/{client_id}/tokens/{access_token}
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
client_id |
string | path |
The client ID of your GitHub app. |
access_token |
string | path |
Code samples
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/applications/CLIENT_ID/tokens/ACCESS_TOKEN
JavaScript (@octokit/core.js)
await octokit.request('GET /applications/{client_id}/tokens/{access_token}', {
client_id: 'client_id',
access_token: 'access_token'
})
Response
Status: 200 OK
{
"id": 1,
"url": "https://api.github.com/authorizations/1",
"scopes": [
"public_repo",
"user"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"fingerprint": "jklmnop12345678",
"expires_at": "2011-09-08T17:26:27Z",
"user": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
}
Resource not found
Status: 404 Not Found
Reset an authorization
Deprecation Notice: GitHub Enterprise Server will discontinue OAuth endpoints that contain access_token
in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving access_token
to the request body. For more information, see the blog post.
OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the "token" property in the response because changes take effect immediately. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id
and client_secret
as the username and password. Invalid tokens will return 404 NOT FOUND
.
post /applications/{client_id}/tokens/{access_token}
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
client_id |
string | path |
The client ID of your GitHub app. |
access_token |
string | path |
Code samples
Shell
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/applications/CLIENT_ID/tokens/ACCESS_TOKEN
JavaScript (@octokit/core.js)
await octokit.request('POST /applications/{client_id}/tokens/{access_token}', {
client_id: 'client_id',
access_token: 'access_token'
})
Response
Status: 200 OK
{
"id": 1,
"url": "https://api.github.com/authorizations/1",
"scopes": [
"public_repo",
"user"
],
"token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
"token_last_eight": "Ae178B4a",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2011-09-06T20:39:23Z",
"created_at": "2011-09-06T17:26:27Z",
"fingerprint": "jklmnop12345678",
"expires_at": "2011-09-08T17:26:27Z",
"user": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
}
Revoke an authorization for an application
Deprecation Notice: GitHub Enterprise Server will discontinue OAuth endpoints that contain access_token
in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving access_token
to the request body. For more information, see the blog post.
OAuth application owners can revoke a single token for an OAuth application. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id
and client_secret
as the username and password.
delete /applications/{client_id}/tokens/{access_token}
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
client_id |
string | path |
The client ID of your GitHub app. |
access_token |
string | path |
Code samples
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/applications/CLIENT_ID/tokens/ACCESS_TOKEN
JavaScript (@octokit/core.js)
await octokit.request('DELETE /applications/{client_id}/tokens/{access_token}', {
client_id: 'client_id',
access_token: 'access_token'
})
Response
Status: 204 No Content
Installations
The Installations API enables you to get information about installations of your GitHub App and perform actions within those installations. An installation refers to any user or organization account that has installed the app. For information on how to authenticate as an installation and limit access to specific repositories, see "Authenticating as an installation."
To list all GitHub App installations for an organization, see "List app installations for an organization."
List repositories accessible to the app installation
List repositories that an app installation can access.
You must use an installation access token to access this endpoint.
get /installation/repositories
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
per_page |
integer | query |
Results per page (max 100) Default:30 |
page |
integer | query |
Page number of the results to fetch. Default:1 |
Code samples
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/installation/repositories
JavaScript (@octokit/core.js)
await octokit.request('GET /installation/repositories')
Response
Status: 200 OK
{
"total_count": 1,
"repositories": [
{
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://api.github.com/repos/octocat/Hello-World",
"archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
"deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
"downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
"events_url": "https://api.github.com/repos/octocat/Hello-World/events",
"forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
"git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
"git_url": "git:github.com/octocat/Hello-World.git",
"issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
"merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
"milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
"ssh_url": "git@github.com:octocat/Hello-World.git",
"stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
"tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
"teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
"trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
"clone_url": "https://github.com/octocat/Hello-World.git",
"mirror_url": "git:git.example.com/octocat/Hello-World",
"hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks",
"svn_url": "https://svn.github.com/octocat/Hello-World",
"homepage": "https://github.com",
"language": null,
"forks_count": 9,
"stargazers_count": 80,
"watchers_count": 80,
"size": 108,
"default_branch": "master",
"open_issues_count": 0,
"is_template": true,
"topics": [
"octocat",
"atom",
"electron",
"api"
],
"has_issues": true,
"has_projects": true,
"has_wiki": true,
"has_pages": false,
"has_downloads": true,
"archived": false,
"disabled": false,
"visibility": "public",
"pushed_at": "2011-01-26T19:06:43Z",
"created_at": "2011-01-26T19:01:12Z",
"updated_at": "2011-01-26T19:14:43Z",
"allow_rebase_merge": true,
"template_repository": null,
"temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
"allow_squash_merge": true,
"delete_branch_on_merge": true,
"allow_merge_commit": true,
"subscribers_count": 42,
"network_count": 0,
"license": {
"key": "mit",
"name": "MIT License",
"url": "https://api.github.com/licenses/mit",
"spdx_id": "MIT",
"node_id": "MDc6TGljZW5zZW1pdA==",
"html_url": "https://github.com/licenses/mit"
},
"forks": 1,
"open_issues": 1,
"watchers": 1
}
]
}
Not modified
Status: 304 Not Modified
Requires authentication
Status: 401 Unauthorized
Forbidden
Status: 403 Forbidden
Notes
Preview notice
The topics
property for repositories on GitHub is currently available for developers to preview. To view the topics
property in calls that return repository results, you must provide a custom media type in the Accept
header:
application/vnd.github.mercy-preview+json
Revoke an installation access token
Revokes the installation token you're using to authenticate as an installation and access this endpoint.
Once an installation token is revoked, the token is invalidated and cannot be used. Other endpoints that require the revoked installation token must have a new installation token to work. You can create a new token using the "Create an installation access token for an app" endpoint.
You must use an installation access token to access this endpoint.
delete /installation/token
Code samples
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/installation/token
JavaScript (@octokit/core.js)
await octokit.request('DELETE /installation/token')
Response
Status: 204 No Content
Notes
Create a content attachment
Creates an attachment under a content reference URL in the body or comment of an issue or pull request. Use the id
and repository
full_name
of the content reference from the content_reference
event to create an attachment.
The app must create a content attachment within six hours of the content reference URL being posted. See "Using content attachments" for details about content attachments.
You must use an installation access token to access this endpoint.
post /repos/{owner}/{repo}/content_references/{content_reference_id}/attachments
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
owner |
string | path |
The owner of the repository. Determined from the |
repo |
string | path |
The name of the repository. Determined from the |
content_reference_id |
integer | path |
The |
title |
string | body |
Required. The title of the attachment |
body |
string | body |
Required. The body of the attachment |
Code samples
Shell
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/repos/octocat/hello-world/content_references/42/attachments \
-d '{"title":"title","body":"body"}'
JavaScript (@octokit/core.js)
await octokit.request('POST /repos/{owner}/{repo}/content_references/{content_reference_id}/attachments', {
owner: 'octocat',
repo: 'hello-world',
content_reference_id: 42,
title: 'title',
body: 'body'
})
Response
Status: 200 OK
{
"id": 101,
"title": "[A-1234] Error found in core/models.py file'",
"body": "You have used an email that already exists for the user_email_uniq field.\n ## DETAILS:\n\nThe (email)=(Octocat@github.com) already exists.\n\n The error was found in core/models.py in get_or_create_user at line 62.\n\n self.save()"
}
Not modified
Status: 304 Not Modified
Forbidden
Status: 403 Forbidden
Resource not found
Status: 404 Not Found
Gone
Status: 410 Gone
Preview header missing
Status: 415 Unsupported Media Type
Validation failed
Status: 422 Unprocessable Entity
Notes
Preview notice
To access the Content Attachments API during the preview period, you must provide a custom media type in the Accept
header:
application/vnd.github.corsair-preview+json
List app installations accessible to the user access token
Lists installations of your GitHub App that the authenticated user has explicit permission (:read
, :write
, or :admin
) to access.
You must use a user-to-server OAuth access token, created for a user who has authorized your GitHub App, to access this endpoint.
The authenticated user has explicit permission to access repositories they own, repositories where they are a collaborator, and repositories that they can access through an organization membership.
You can find the permissions for the installation under the permissions
key.
get /user/installations
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
per_page |
integer | query |
Results per page (max 100) Default:30 |
page |
integer | query |
Page number of the results to fetch. Default:1 |
Code samples
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/user/installations
JavaScript (@octokit/core.js)
await octokit.request('GET /user/installations')
You can find the permissions for the installation under the permissions
key.
Status: 200 OK
{
"total_count": 2,
"installations": [
{
"id": 1,
"account": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"access_tokens_url": "https://api.github.com/installations/1/access_tokens",
"repositories_url": "https://api.github.com/installation/repositories",
"html_url": "https://github.com/organizations/github/settings/installations/1",
"app_id": 1,
"target_id": 1,
"target_type": "Organization",
"permissions": {
"checks": "write",
"metadata": "read",
"contents": "read"
},
"events": [
"push",
"pull_request"
],
"single_file_name": "config.yaml",
"has_multiple_single_files": true,
"single_file_paths": [
"config.yml",
".github/issue_TEMPLATE.md"
],
"repository_selection": "all",
"created_at": "2017-07-08T16:18:44-04:00",
"updated_at": "2017-07-08T16:18:44-04:00",
"app_slug": "github-actions",
"suspended_at": null,
"suspended_by": null
},
{
"id": 3,
"account": {
"login": "octocat",
"id": 2,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"access_tokens_url": "https://api.github.com/installations/1/access_tokens",
"repositories_url": "https://api.github.com/installation/repositories",
"html_url": "https://github.com/organizations/github/settings/installations/1",
"app_id": 1,
"target_id": 1,
"target_type": "Organization",
"permissions": {
"checks": "write",
"metadata": "read",
"contents": "read"
},
"events": [
"push",
"pull_request"
],
"single_file_name": "config.yaml",
"has_multiple_single_files": true,
"single_file_paths": [
"config.yml",
".github/issue_TEMPLATE.md"
],
"repository_selection": "all",
"created_at": "2017-07-08T16:18:44-04:00",
"updated_at": "2017-07-08T16:18:44-04:00",
"app_slug": "github-actions",
"suspended_at": null,
"suspended_by": null
}
]
}
Not modified
Status: 304 Not Modified
Requires authentication
Status: 401 Unauthorized
Forbidden
Status: 403 Forbidden
Preview header missing
Status: 415 Unsupported Media Type
List repositories accessible to the user access token
List repositories that the authenticated user has explicit permission (:read
, :write
, or :admin
) to access for an installation.
The authenticated user has explicit permission to access repositories they own, repositories where they are a collaborator, and repositories that they can access through an organization membership.
You must use a user-to-server OAuth access token, created for a user who has authorized your GitHub App, to access this endpoint.
The access the user has to each repository is included in the hash under the permissions
key.
get /user/installations/{installation_id}/repositories
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
installation_id |
integer | path |
installation_id parameter |
per_page |
integer | query |
Results per page (max 100) Default:30 |
page |
integer | query |
Page number of the results to fetch. Default:1 |
Code samples
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/user/installations/42/repositories
JavaScript (@octokit/core.js)
await octokit.request('GET /user/installations/{installation_id}/repositories', {
installation_id: 42
})
The access the user has to each repository is included in the hash under the permissions
key.
Status: 200 OK
{
"total_count": 1,
"repositories": [
{
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://api.github.com/repos/octocat/Hello-World",
"archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
"deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
"downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
"events_url": "https://api.github.com/repos/octocat/Hello-World/events",
"forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
"git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
"git_url": "git:github.com/octocat/Hello-World.git",
"issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
"merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
"milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
"ssh_url": "git@github.com:octocat/Hello-World.git",
"stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
"tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
"teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
"trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
"clone_url": "https://github.com/octocat/Hello-World.git",
"mirror_url": "git:git.example.com/octocat/Hello-World",
"hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks",
"svn_url": "https://svn.github.com/octocat/Hello-World",
"homepage": "https://github.com",
"language": null,
"forks_count": 9,
"stargazers_count": 80,
"watchers_count": 80,
"size": 108,
"default_branch": "master",
"open_issues_count": 0,
"is_template": true,
"topics": [
"octocat",
"atom",
"electron",
"api"
],
"has_issues": true,
"has_projects": true,
"has_wiki": true,
"has_pages": false,
"has_downloads": true,
"archived": false,
"disabled": false,
"visibility": "public",
"pushed_at": "2011-01-26T19:06:43Z",
"created_at": "2011-01-26T19:01:12Z",
"updated_at": "2011-01-26T19:14:43Z",
"permissions": {
"admin": false,
"push": false,
"pull": true
},
"allow_rebase_merge": true,
"template_repository": null,
"temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
"allow_squash_merge": true,
"delete_branch_on_merge": true,
"allow_merge_commit": true,
"subscribers_count": 42,
"network_count": 0,
"license": {
"key": "mit",
"name": "MIT License",
"url": "https://api.github.com/licenses/mit",
"spdx_id": "MIT",
"node_id": "MDc6TGljZW5zZW1pdA==",
"html_url": "https://github.com/licenses/mit"
},
"forks": 1,
"open_issues": 1,
"watchers": 1
}
]
}
Not modified
Status: 304 Not Modified
Forbidden
Status: 403 Forbidden
Resource not found
Status: 404 Not Found
Preview notice
The topics
property for repositories on GitHub is currently available for developers to preview. To view the topics
property in calls that return repository results, you must provide a custom media type in the Accept
header:
application/vnd.github.mercy-preview+json
Add a repository to an app installation
Add a single repository to an installation. The authenticated user must have admin access to the repository.
You must use a personal access token (which you can create via the command line or Basic Authentication) to access this endpoint.
put /user/installations/{installation_id}/repositories/{repository_id}
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
installation_id |
integer | path |
installation_id parameter |
repository_id |
integer | path |
Code samples
Shell
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/user/installations/42/repositories/42
JavaScript (@octokit/core.js)
await octokit.request('PUT /user/installations/{installation_id}/repositories/{repository_id}', {
installation_id: 42,
repository_id: 42
})
Response
Status: 204 No Content
Not modified
Status: 304 Not Modified
Forbidden
Status: 403 Forbidden
Resource not found
Status: 404 Not Found
Remove a repository from an app installation
Remove a single repository from an installation. The authenticated user must have admin access to the repository.
You must use a personal access token (which you can create via the command line or Basic Authentication) to access this endpoint.
delete /user/installations/{installation_id}/repositories/{repository_id}
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
installation_id |
integer | path |
installation_id parameter |
repository_id |
integer | path |
Code samples
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/user/installations/42/repositories/42
JavaScript (@octokit/core.js)
await octokit.request('DELETE /user/installations/{installation_id}/repositories/{repository_id}', {
installation_id: 42,
repository_id: 42
})
Response
Status: 204 No Content
Not modified
Status: 304 Not Modified
Forbidden
Status: 403 Forbidden
Resource not found
Status: 404 Not Found
Webhooks
A GitHub App's webhook allows you to receive HTTP POST
payloads whenever certain events happen for an app. The webhook REST APIs enable you to manage repository, organization, and app webhooks. You can also use the REST API to change the configuration of the webhook. For example, you can modify the payload URL, content type, SSL verification, and secret. For more information, see:
Get a webhook configuration for an app
Returns the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see "Creating a GitHub App."
You must use a JWT to access this endpoint.
get /app/hook/config
Code samples
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/app/hook/config
JavaScript (@octokit/core.js)
await octokit.request('GET /app/hook/config')
Response
Status: 200 OK
{
"content_type": "json",
"insecure_ssl": "0",
"secret": "********",
"url": "https://example.com/webhook"
}
Update a webhook configuration for an app
Updates the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see "Creating a GitHub App."
You must use a JWT to access this endpoint.
patch /app/hook/config
Parameters
Name | Type | In | Description |
---|---|---|---|
accept |
string | header |
Setting to
|
url |
string | body |
The URL to which the payloads will be delivered. |
content_type |
string | body |
The media type used to serialize the payloads. Supported values include |
secret |
string | body |
If provided, the |
insecure_ssl |
string or number | body |
Determines whether the SSL certificate of the host for |
Code samples
Shell
curl \
-X PATCH \
-H "Accept: application/vnd.github.v3+json" \
http(s)://{hostname}/api/v3/app/hook/config \
-d '{"url":"url"}'
JavaScript (@octokit/core.js)
await octokit.request('PATCH /app/hook/config', {
url: 'url'
})
Response
Status: 200 OK
{
"content_type": "json",
"insecure_ssl": "0",
"secret": "********",
"url": "https://example.com/webhook"
}