Skip to main content

This version of GitHub Enterprise was discontinued on 2023-01-18. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.

Creating a GitHub App using URL parameters

You can preselect the settings of a new GitHub App using URL query parameters to quickly set up the new GitHub App's configuration.

About GitHub App URL parameters

You can add query parameters to these URLs to preselect the configuration of a GitHub App on a personal or organization account:

  • Personal account: http(s)://HOSTNAME/settings/apps/new
  • Organization account: http(s)://HOSTNAME/organizations/:org/settings/apps/new

The person creating the app can edit the preselected values from the GitHub App registration page, before submitting the app. If you do not include required parameters in the URL query string, like name, the person creating the app will need to input a value before submitting the app.

For apps that require a secret to secure their webhook, the secret's value must be set in the form by the person creating the app, not by using query parameters. For more information, see "Securing your webhooks."

The following URL creates a new public app called octocat-github-app with a preconfigured description and callback URL. This URL also selects read and write permissions for checks, subscribes to the check_run and check_suite webhook events, and selects the option to request user authorization (OAuth) during installation:

http(s)://HOSTNAME/settings/apps/new?name=octocat-github-app&description=An%20Octocat%20App&callback_urls[]=https://example.com&request_oauth_on_install=true&public=true&checks=write&events[]=check_run&events[]=check_suite

The complete list of available query parameters, permissions, and events is listed in the sections below.

GitHub App configuration parameters

NameTypeDescription
namestringThe name of the GitHub App. Give your app a clear and succinct name. Your app cannot have the same name as an existing GitHub user, unless it is your own user or organization name. A slugged version of your app's name will be shown in the user interface when your integration takes an action.
descriptionstringA description of the GitHub App.
urlstringThe full URL of your GitHub App's website homepage.
callback_urlsarray of stringsA full URL to redirect to after someone authorizes an installation. You can provide up to 10 callback URLs. These URLs are used if your app needs to identify and authorize user-to-server requests. For example, callback_urls[]=https://example.com&callback_urls[]=https://example-2.com.
request_oauth_on_installbooleanIf your app authorizes users using the OAuth flow, you can set this option to true to allow people to authorize the app when they install it, saving a step. If you select this option, the setup_url becomes unavailable and users will be redirected to your callback_url after installing the app.
setup_urlstringThe full URL to redirect to after someone installs the GitHub App if the app requires additional setup after installation.
setup_on_updatebooleanSet to true to redirect people to the setup URL when installations have been updated, for example, after repositories are added or removed.
publicbooleanSet to true when your GitHub App is available to the public or false when it is only accessible to the owner of the app.
webhook_activebooleanSet to false to disable webhook. Webhook is enabled by default.
webhook_urlstringThe full URL that you would like to send webhook event payloads to.
eventsarray of stringsWebhook events. Some webhook events require read or write permissions for a resource before you can select the event when registering a new GitHub App. See the "GitHub App webhook events" section for available events and their required permissions. You can select multiple events in a query string. For example, events[]=public&events[]=label.
domainstringThe URL of a content reference.
single_file_namestringThis is a narrowly-scoped permission that allows the app to access a single file in any repository. When you set the single_file permission to read or write, this field provides the path to the single file your GitHub App will manage. If you need to manage multiple files, see single_file_paths below.
single_file_pathsarray of stringsThis allows the app to access up ten specified files in a repository. When you set the single_file permission to read or write, this array can store the paths for up to ten files that your GitHub App will manage. These files all receive the same permission set by single_file, and do not have separate individual permissions. When two or more files are configured, the API returns multiple_single_files=true, otherwise it returns multiple_single_files=false.

GitHub App permissions

You can select permissions in a query string using the permission name in the following table as the query parameter name and the permission type as the query value. For example, to select Read & write permissions in the user interface for contents, your query string would include &contents=write. To select Read-only permissions in the user interface for blocking, your query string would include &blocking=read. To select no-access in the user interface for checks, your query string would not include the checks permission.

PermissionDescription
administrationGrants access to various endpoints for organization and repository administration. Can be one of: none, read, or write.
checksGrants access to the Checks API. Can be one of: none, read, or write.
content_referencesGrants access to the "Create a content attachment" endpoint. Can be one of: none, read, or write.
contentsGrants access to various endpoints that allow you to modify repository contents. Can be one of: none, read, or write.
deploymentsGrants access to the Deployments API. Can be one of: none, read, or write.
emailsGrants access to the Emails API. Can be one of: none, read, or write.
followersGrants access to the Followers API. Can be one of: none, read, or write.
gpg_keysGrants access to the GPG Keys API. Can be one of: none, read, or write.
issuesGrants access to the Issues API. Can be one of: none, read, or write.
keysGrants access to the Public Keys API. Can be one of: none, read, or write.
membersGrants access to manage an organization's members. Can be one of: none, read, or write.
organization_hooksGrants access to the Organization Webhooks API. Can be one of: none, read, or write.
organization_planGrants access to get information about an organization's plan using the "Get an organization" endpoint. Can be one of: none or read.
organization_projectsGrants access to the Projects API. Can be one of: none, read, write, or admin.
pagesGrants access to the Pages API. Can be one of: none, read, or write.
planGrants access to get information about a user's GitHub plan using the "Get a user" endpoint. Can be one of: none or read.
pull_requestsGrants access to various pull request endpoints. Can be one of: none, read, or write.
repository_hooksGrants access to the Repository Webhooks API. Can be one of: none, read, or write.
repository_projectsGrants access to the Projects API. Can be one of: none, read, write, or admin.
secret_scanning_alertsGrants access to the Secret scanning API. Can be one of: none, read, or write.
security_eventsGrants access to the Code scanning API. Can be one of: none, read, or write.
single_fileGrants access to the Contents API. Can be one of: none, read, or write.
starringGrants access to the Starring API. Can be one of: none, read, or write.
statusesGrants access to the Statuses API. Can be one of: none, read, or write.
team_discussionsGrants access to the Team Discussions API and the Team Discussion Comments API. Can be one of: none, read, or write.
vulnerability_alertsGrants access to receive Dependabot alerts in a repository. See "About Dependabot alerts" to learn more. Can be one of: none, read, or write.
watchingGrants access to list and change repositories a user is subscribed to. Can be one of: none, read, or write.

GitHub App webhook events

Webhook event nameRequired permissionDescription
check_runchecksCheck run activity has occurred. The type of activity is specified in the action property of the payload object. For more information, see the "check runs" REST API.
check_suitechecksCheck suite activity has occurred. The type of activity is specified in the action property of the payload object. For more information, see the "check suites" REST API.
commit_commentcontentsA commit comment is created. The type of activity is specified in the action property of the payload object. For more information, see the "commit comment" REST API.
content_referencecontent_referencesA new content reference is created. A new content reference is created when the body or comment of an issue or pull request includes a URL that matches a configured content reference domain. For more information, see "Using content attachments" to learn more about content references and attachments.
createcontentsA Git branch or tag is created. For more information, see the "Git database" REST API.
deletecontentsA Git branch or tag is deleted. For more information, see the "Git database" REST API.
deploymentdeploymentsA deployment is created. The type of activity is specified in the action property of the payload object. For more information, see the "deployment" REST API.
deployment_statusdeploymentsA deployment is created. The type of activity is specified in the action property of the payload object. For more information, see the "deployments" REST API.
forkcontentsA user forks a repository. For more information, see the "forks" REST API.
gollumcontentsA wiki page is created or updated. For more information, see "About wikis."
issuesissuesActivity related to an issue. The type of activity is specified in the action property of the payload object. For more information, see the "issues" REST API.
issue_commentissuesActivity related to an issue or pull request comment. The type of activity is specified in the action property of the payload object. For more information, see the "issue comments" REST API.
labelmetadataActivity related to a label. The type of activity is specified in the action property of the payload object. For more information, see the "labels" REST API.
membermembersActivity related to repository collaborators. The type of activity is specified in the action property of the payload object. For more information, see the "collaborators" REST API.
membershipmembersActivity related to team membership. The type of activity is specified in the action property of the payload object. For more information, see the "team members" REST API.
milestonepull_requestActivity related to milestones. The type of activity is specified in the action property of the payload object. For more information, see the "milestones" REST API.
organizationmembersActivity related to an organization and its members. The type of activity is specified in the action property of the payload object. For more information, see the "organizations" REST API.
page_buildpagesRepresents an attempted build of a GitHub Pages site, whether successful or not. A push to a GitHub Pages enabled branch (gh-pages for project pages, the default branch for user and organization pages) triggers this event.
projectrepository_projects or organization_projectsActivity related to project boards. The type of activity is specified in the action property of the payload object. For more information, see the "projects" REST API.
project_cardrepository_projects or organization_projectsActivity related to cards in a project board. The type of activity is specified in the action property of the payload object. For more information, see the "project cards" REST API.
project_columnrepository_projects or organization_projectsActivity related to columns in a project board. The type of activity is specified in the action property of the payload object. For more information, see the "project columns" REST API.
publicmetadataWhen a private repository is made public. Without a doubt: the best GitHub Enterprise Server event.
pull_requestpull_requestsActivity related to pull requests. The type of activity is specified in the action property of the payload object. For more information, see the "pull requests" REST API.
pull_request_reviewpull_requestActivity related to pull request reviews. The type of activity is specified in the action property of the payload object. For more information, see the "pull request reviews" REST API.
pull_request_review_commentpull_requestActivity related to pull request review comments in the pull request's unified diff. The type of activity is specified in the action property of the payload object. For more information, see the "pull request review comments" REST API.
pull_request_review_threadpull_requestActivity related to a comment thread on a pull request being marked as resolved or unresolved. The type of activity is specified in the action property of the payload object.
pushcontentsOne or more commits are pushed to a repository branch or tag.
releasecontentsActivity related to a release. The type of activity is specified in the action property of the payload object. For more information, see the "releases" REST API.
repositorymetadataActivity related to a repository. The type of activity is specified in the action property of the payload object. For more information, see the "repositories" REST API.
statusstatusesWhen the status of a Git commit changes. For more information, see the "statuses" REST API.
teammembersActivity related to an organization's team. The type of activity is specified in the action property of the payload object. For more information, see the "teams" REST API.
team_addmembersWhen a repository is added to a team.
watchmetadataWhen someone stars a repository. The type of activity is specified in the action property of the payload object. For more information, see the "starring" REST API.