Skip to main content
L’API REST est maintenant versionnée. Pour plus d’informations, consultez « À propos des versions de l’API ».

Points de terminaison d’API REST pour les collaborateurs

Utilisez l’API REST pour gérer les collaborateurs pour un dépôt.

List repository collaborators

For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.

Team members will include the members of child teams.

The authenticated user must have push access to the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the read:org and repo scopes to use this endpoint.

Jetons d’accès affinés pour « List repository collaborators »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Metadata" repository permissions (read)

Paramètres pour « List repository collaborators »

En-têtes
Nom, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
owner string Obligatoire

The account owner of the repository. The name is not case sensitive.

repo string Obligatoire

The name of the repository without the .git extension. The name is not case sensitive.

Paramètres de requête
Nom, Type, Description
affiliation string

Filter collaborators returned by their affiliation. outside means all outside collaborators of an organization-owned repository. direct means all collaborators with permissions to an organization-owned repository, regardless of organization membership status. all means all collaborators the authenticated user can see.

Default: all

Peut être: outside, direct, all

permission string

Filter collaborators by the permissions they have on the repository. If not specified, all collaborators will be returned.

Peut être: pull, triage, push, maintain, admin

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Default: 30

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Default: 1

Codes d’état de la réponse HTTP pour « List repository collaborators »

Code d’étatDescription
200

OK

404

Resource not found

Exemples de code pour « List repository collaborators »

Exemple de requête

get/repos/{owner}/{repo}/collaborators
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/collaborators

Response

Status: 200
[ { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false, "permissions": { "pull": true, "triage": true, "push": true, "maintain": false, "admin": false }, "role_name": "write" } ]

Check if a user is a repository collaborator

For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.

Team members will include the members of child teams.

The authenticated user must have push access to the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the read:org and repo scopes to use this endpoint.

Jetons d’accès affinés pour « Check if a user is a repository collaborator »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Metadata" repository permissions (read)

Paramètres pour « Check if a user is a repository collaborator »

En-têtes
Nom, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
owner string Obligatoire

The account owner of the repository. The name is not case sensitive.

repo string Obligatoire

The name of the repository without the .git extension. The name is not case sensitive.

username string Obligatoire

The handle for the GitHub user account.

Codes d’état de la réponse HTTP pour « Check if a user is a repository collaborator »

Code d’étatDescription
204

Response if user is a collaborator

404

Not Found if user is not a collaborator

Exemples de code pour « Check if a user is a repository collaborator »

Exemple de requête

get/repos/{owner}/{repo}/collaborators/{username}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/collaborators/USERNAME

Response if user is a collaborator

Status: 204

Add a repository collaborator

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "Rate limits for the API" and "Best practices for using the REST API."

Adding an outside collaborator may be restricted by enterprise administrators. For more information, see "Enforcing repository management policies in your enterprise."

For more information on permission levels, see "Repository permission levels for an organization". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:

Cannot assign {member} permission of {role name}

Note that, if you choose not to pass any parameters, you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP method."

Updating an existing collaborator's permission level

The endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different permission parameter. The response will be a 204, with no other indication that the permission level changed.

Jetons d’accès affinés pour « Add a repository collaborator »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" repository permissions (write)

Paramètres pour « Add a repository collaborator »

En-têtes
Nom, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
owner string Obligatoire

The account owner of the repository. The name is not case sensitive.

repo string Obligatoire

The name of the repository without the .git extension. The name is not case sensitive.

username string Obligatoire

The handle for the GitHub user account.

Paramètres du corps
Nom, Type, Description
permission string

The permission to grant the collaborator. Only valid on organization-owned repositories.

Default: push

Codes d’état de la réponse HTTP pour « Add a repository collaborator »

Code d’étatDescription
204

Response when:

  • an existing collaborator is added as a collaborator
  • an organization member is added as an individual collaborator
  • an existing team member (whose team is also a repository collaborator) is added as an individual collaborator
403

Forbidden

422

Validation failed, or the endpoint has been spammed.

Exemples de code pour « Add a repository collaborator »

Exemple de requête

put/repos/{owner}/{repo}/collaborators/{username}
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/collaborators/USERNAME \ -d '{"permission":"triage"}'

Response when:

  • an existing collaborator is added as a collaborator
  • an organization member is added as an individual collaborator
  • an existing team member (whose team is also a repository collaborator) is added as an individual collaborator

Status: 204

Remove a repository collaborator

Removes a collaborator from a repository.

To use this endpoint, the authenticated user must either be an administrator of the repository or target themselves for removal.

This endpoint also:

  • Cancels any outstanding invitations
  • Unasigns the user from any issues
  • Removes access to organization projects if the user is not an organization member and is not a collaborator on any other organization repositories.
  • Unstars the repository
  • Updates access permissions to packages

Removing a user as a collaborator has the following effects on forks:

  • If the user had access to a fork through their membership to this repository, the user will also be removed from the fork.
  • If the user had their own fork of the repository, the fork will be deleted.
  • If the user still has read access to the repository, open pull requests by this user from a fork will be denied.

Note

A user can still have access to the repository through organization permissions like base repository permissions.

Although the API responds immediately, the additional permission updates might take some extra time to complete in the background.

For more information on fork permissions, see "About permissions and visibility of forks".

Jetons d’accès affinés pour « Remove a repository collaborator »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" repository permissions (write)

Paramètres pour « Remove a repository collaborator »

En-têtes
Nom, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
owner string Obligatoire

The account owner of the repository. The name is not case sensitive.

repo string Obligatoire

The name of the repository without the .git extension. The name is not case sensitive.

username string Obligatoire

The handle for the GitHub user account.

Codes d’état de la réponse HTTP pour « Remove a repository collaborator »

Code d’étatDescription
204

No Content when collaborator was removed from the repository.

403

Forbidden

422

Validation failed, or the endpoint has been spammed.

Exemples de code pour « Remove a repository collaborator »

Exemple de requête

delete/repos/{owner}/{repo}/collaborators/{username}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/collaborators/USERNAME

No Content when collaborator was removed from the repository.

Status: 204

Get repository permissions for a user

Checks the repository permission of a collaborator. The possible repository permissions are admin, write, read, and none.

Note: The permission attribute provides the legacy base roles of admin, write, read, and none, where the maintain role is mapped to write and the triage role is mapped to read. To determine the role assigned to the collaborator, see the role_name attribute, which will provide the full role name, including custom roles. The permissions hash can also be used to determine which base level of access the collaborator has to the repository.

Jetons d’accès affinés pour « Get repository permissions for a user »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Metadata" repository permissions (read)

Paramètres pour « Get repository permissions for a user »

En-têtes
Nom, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
owner string Obligatoire

The account owner of the repository. The name is not case sensitive.

repo string Obligatoire

The name of the repository without the .git extension. The name is not case sensitive.

username string Obligatoire

The handle for the GitHub user account.

Codes d’état de la réponse HTTP pour « Get repository permissions for a user »

Code d’étatDescription
200

if user has admin permissions

404

Resource not found

Exemples de code pour « Get repository permissions for a user »

Exemple de requête

get/repos/{owner}/{repo}/collaborators/{username}/permission
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/collaborators/USERNAME/permission

if user has admin permissions

Status: 200
{ "permission": "admin", "role_name": "admin", "user": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false } }