Skip to main content

This version of GitHub Enterprise was discontinued on 2023-07-06. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.

After a site administrator upgrades your Enterprise Server instance to Enterprise Server 3.9 or later, the REST API will be versioned. To learn how to find your instance's version, see "About versions of GitHub Docs". For more information, see "About API versioning."

GitHub Apps

Use the REST API to interact with GitHub Apps

About GitHub Apps

This page lists endpoints that you can access while authenticated as a GitHub App. For more information, see "Authenticating as a GitHub App".

See "Apps" for a list of endpoints that require authentication as a GitHub App installation.

Get the authenticated app

Works with GitHub Apps

Returns the GitHub App associated with the authentication credentials used. To see how many app installations are associated with this GitHub App, see the installations_count in the response. For more details about your app's installations, see the "List installations for the authenticated app" endpoint.

You must use a JWT to access this endpoint.

HTTP response status codes for "Get the authenticated app"

Status codeDescription
200

OK

Code samples for "Get the authenticated app"

get/app
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/app

Response

Status: 200
{ "id": 1, "slug": "octoapp", "node_id": "MDExOkludGVncmF0aW9uMQ==", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false }, "name": "Octocat App", "description": "", "external_url": "https://example.com", "html_url": "https://github.com/apps/octoapp", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "permissions": { "metadata": "read", "contents": "read", "issues": "write", "single_file": "write" }, "events": [ "push", "pull_request" ] }

Create a GitHub App from a manifest

Use this endpoint to complete the handshake necessary when implementing the GitHub App Manifest flow. When you create a GitHub App with the manifest flow, you receive a temporary code used to retrieve the GitHub App's id, pem (private key), and webhook_secret.

Parameters for "Create a GitHub App from a manifest"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
code string Required

HTTP response status codes for "Create a GitHub App from a manifest"

Status codeDescription
201

Created

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Code samples for "Create a GitHub App from a manifest"

post/app-manifests/{code}/conversions
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/app-manifests/CODE/conversions

Response

Status: 201
{ "id": 1, "slug": "octoapp", "node_id": "MDxOkludGVncmF0aW9uMQ==", "owner": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "url": "https://HOSTNAME/orgs/github", "repos_url": "https://HOSTNAME/orgs/github/repos", "events_url": "https://HOSTNAME/orgs/github/events", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": true }, "name": "Octocat App", "description": "", "external_url": "https://example.com", "html_url": "https://github.com/apps/octoapp", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "permissions": { "metadata": "read", "contents": "read", "issues": "write", "single_file": "write" }, "events": [ "push", "pull_request" ], "client_id": "Iv1.8a61f9b3a7aba766", "client_secret": "1726be1638095a19edd134c77bde3aa2ece1e5d8", "webhook_secret": "e340154128314309424b7c8e90325147d99fdafa", "pem": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAuEPzOUE+kiEH1WLiMeBytTEF856j0hOVcSUSUkZxKvqczkWM\n9vo1gDyC7ZXhdH9fKh32aapba3RSsp4ke+giSmYTk2mGR538ShSDxh0OgpJmjiKP\nX0Bj4j5sFqfXuCtl9SkH4iueivv4R53ktqM+n6hk98l6hRwC39GVIblAh2lEM4L/\n6WvYwuQXPMM5OG2Ryh2tDZ1WS5RKfgq+9ksNJ5Q9UtqtqHkO+E63N5OK9sbzpUUm\noNaOl3udTlZD3A8iqwMPVxH4SxgATBPAc+bmjk6BMJ0qIzDcVGTrqrzUiywCTLma\nszdk8GjzXtPDmuBgNn+o6s02qVGpyydgEuqmTQIDAQABAoIBACL6AvkjQVVLn8kJ\ndBYznJJ4M8ECo+YEgaFwgAHODT0zRQCCgzd+Vxl4YwHmKV2Lr+y2s0drZt8GvYva\nKOK8NYYZyi15IlwFyRXmvvykF1UBpSXluYFDH7KaVroWMgRreHcIys5LqVSIb6Bo\ngDmK0yBLPp8qR29s2b7ScZRtLaqGJiX+j55rNzrZwxHkxFHyG9OG+u9IsBElcKCP\nkYCVE8ZdYexfnKOZbgn2kZB9qu0T/Mdvki8yk3I2bI6xYO24oQmhnT36qnqWoCBX\nNuCNsBQgpYZeZET8mEAUmo9d+ABmIHIvSs005agK8xRaP4+6jYgy6WwoejJRF5yd\nNBuF7aECgYEA50nZ4FiZYV0vcJDxFYeY3kYOvVuKn8OyW+2rg7JIQTremIjv8FkE\nZnwuF9ZRxgqLxUIfKKfzp/5l5LrycNoj2YKfHKnRejxRWXqG+ZETfxxlmlRns0QG\nJ4+BYL0CoanDSeA4fuyn4Bv7cy/03TDhfg/Uq0Aeg+hhcPE/vx3ebPsCgYEAy/Pv\neDLssOSdeyIxf0Brtocg6aPXIVaLdus+bXmLg77rJIFytAZmTTW8SkkSczWtucI3\nFI1I6sei/8FdPzAl62/JDdlf7Wd9K7JIotY4TzT7Tm7QU7xpfLLYIP1bOFjN81rk\n77oOD4LsXcosB/U6s1blPJMZ6AlO2EKs10UuR1cCgYBipzuJ2ADEaOz9RLWwi0AH\nPza2Sj+c2epQD9ZivD7Zo/Sid3ZwvGeGF13JyR7kLEdmAkgsHUdu1rI7mAolXMaB\n1pdrsHureeLxGbRM6za3tzMXWv1Il7FQWoPC8ZwXvMOR1VQDv4nzq7vbbA8z8c+c\n57+8tALQHOTDOgQIzwK61QKBgERGVc0EJy4Uag+VY8J4m1ZQKBluqo7TfP6DQ7O8\nM5MX73maB/7yAX8pVO39RjrhJlYACRZNMbK+v/ckEQYdJSSKmGCVe0JrGYDuPtic\nI9+IGfSorf7KHPoMmMN6bPYQ7Gjh7a++tgRFTMEc8956Hnt4xGahy9NcglNtBpVN\n6G8jAoGBAMCh028pdzJa/xeBHLLaVB2sc0Fe7993WlsPmnVE779dAz7qMscOtXJK\nfgtriltLSSD6rTA9hUAsL/X62rY0wdXuNdijjBb/qvrx7CAV6i37NK1CjABNjsfG\nZM372Ac6zc1EqSrid2IjET1YqyIW2KGLI1R2xbQc98UGlt48OdWu\n-----END RSA PRIVATE KEY-----\n" }

List installation requests for the authenticated app

Works with GitHub Apps

Lists all the pending installation requests for the authenticated GitHub App.

Parameters for "List installation requests for the authenticated app"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Query parameters
Name, Type, Description
per_page integer

The number of results per page (max 100).

Default: 30

page integer

Page number of the results to fetch.

Default: 1

HTTP response status codes for "List installation requests for the authenticated app"

Status codeDescription
200

List of integration installation requests

304

Not modified

401

Requires authentication

Code samples for "List installation requests for the authenticated app"

get/app/installation-requests
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/app/installation-requests

List of integration installation requests

Status: 200
[ { "id": 25381, "node_id": "MDEyOkludGVncmF0aW9uMTIzNDU2Nzg5MA==", "account": { "login": "octo-org", "id": 6811672, "node_id": "MDEyOk9yZ2FuaXphdGlvbjY4MTE2NzI=", "avatar_url": "https://avatars3.githubusercontent.com/u/6811672?v=4", "gravatar_id": "", "url": "https://HOSTNAME/users/octo-org", "html_url": "https://github.com/octo-org", "followers_url": "https://HOSTNAME/users/octo-org/followers", "following_url": "https://HOSTNAME/users/octo-org/following{/other_user}", "gists_url": "https://HOSTNAME/users/octo-org/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octo-org/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octo-org/subscriptions", "organizations_url": "https://HOSTNAME/users/octo-org/orgs", "repos_url": "https://HOSTNAME/users/octo-org/repos", "events_url": "https://HOSTNAME/users/octo-org/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octo-org/received_events", "type": "Organization", "site_admin": false }, "requester": { "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false }, "created_at": "2022-07-08T16:18:44-04:00" } ]

List installations for the authenticated app

Works with GitHub Apps

You must use a JWT to access this endpoint.

The permissions the installation has are included under the permissions key.

Parameters for "List installations for the authenticated app"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Query parameters
Name, Type, Description
per_page integer

The number of results per page (max 100).

Default: 30

page integer

Page number of the results to fetch.

Default: 1

since string

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

outdated string

HTTP response status codes for "List installations for the authenticated app"

Status codeDescription
200

The permissions the installation has are included under the permissions key.

Code samples for "List installations for the authenticated app"

get/app/installations
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/app/installations

The permissions the installation has are included under the permissions key.

Status: 200
[ { "id": 1, "account": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false }, "access_tokens_url": "https://HOSTNAME/installations/1/access_tokens", "repositories_url": "https://HOSTNAME/installation/repositories", "html_url": "https://github.com/organizations/github/settings/installations/1", "app_id": 1, "target_id": 1, "target_type": "Organization", "permissions": { "checks": "write", "metadata": "read", "contents": "read" }, "events": [ "push", "pull_request" ], "single_file_name": "config.yaml", "has_multiple_single_files": true, "single_file_paths": [ "config.yml", ".github/issue_TEMPLATE.md" ], "repository_selection": "selected", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "app_slug": "github-actions", "suspended_at": null, "suspended_by": null } ]

Get an installation for the authenticated app

Works with GitHub Apps

Enables an authenticated GitHub App to find an installation's information using the installation id.

You must use a JWT to access this endpoint.

Parameters for "Get an installation for the authenticated app"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
installation_id integer Required

The unique identifier of the installation.

HTTP response status codes for "Get an installation for the authenticated app"

Status codeDescription
200

OK

404

Resource not found

Code samples for "Get an installation for the authenticated app"

get/app/installations/{installation_id}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/app/installations/1

Response

Status: 200
{ "id": 1, "account": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false }, "access_tokens_url": "https://HOSTNAME/installations/1/access_tokens", "repositories_url": "https://HOSTNAME/installation/repositories", "html_url": "https://github.com/organizations/github/settings/installations/1", "app_id": 1, "target_id": 1, "target_type": "Organization", "permissions": { "checks": "write", "metadata": "read", "contents": "read" }, "events": [ "push", "pull_request" ], "single_file_name": "config.yaml", "has_multiple_single_files": true, "single_file_paths": [ "config.yml", ".github/issue_TEMPLATE.md" ], "repository_selection": "selected", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "app_slug": "github-actions", "suspended_at": null, "suspended_by": null }

Delete an installation for the authenticated app

Uninstalls a GitHub App on a user, organization, or business account. If you prefer to temporarily suspend an app's access to your account's resources, then we recommend the "Suspend an app installation" endpoint.

You must use a JWT to access this endpoint.

Parameters for "Delete an installation for the authenticated app"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
installation_id integer Required

The unique identifier of the installation.

HTTP response status codes for "Delete an installation for the authenticated app"

Status codeDescription
204

No Content

404

Resource not found

Code samples for "Delete an installation for the authenticated app"

delete/app/installations/{installation_id}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/app/installations/1

Response

Status: 204

Create an installation access token for an app

Works with GitHub Apps

Creates an installation access token that enables a GitHub App to make authenticated API requests for the app's installation on an organization or individual account. Installation tokens expire one hour from the time you create them. Using an expired token produces a status code of 401 - Unauthorized, and requires creating a new installation token. By default the installation token has access to all repositories that the installation can access. To restrict the access to specific repositories, you can provide the repository_ids when creating the token. When you omit repository_ids, the response does not contain the repositories key.

You must use a JWT to access this endpoint.

Parameters for "Create an installation access token for an app"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
installation_id integer Required

The unique identifier of the installation.

Body parameters
Name, Type, Description
repositories array of strings

List of repository names that the token should have access to

repository_ids array of integers

List of repository IDs that the token should have access to

permissions object

The permissions granted to the user access token.

Name, Type, Description
actions string

The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts.

Can be one of: read, write

administration string

The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation.

Can be one of: read, write

checks string

The level of permission to grant the access token for checks on code.

Can be one of: read, write

contents string

The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges.

Can be one of: read, write

deployments string

The level of permission to grant the access token for deployments and deployment statuses.

Can be one of: read, write

environments string

The level of permission to grant the access token for managing repository environments.

Can be one of: read, write

issues string

The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones.

Can be one of: read, write

metadata string

The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata.

Can be one of: read, write

packages string

The level of permission to grant the access token for packages published to GitHub Packages.

Can be one of: read, write

pages string

The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds.

Can be one of: read, write

pull_requests string

The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges.

Can be one of: read, write

repository_hooks string

The level of permission to grant the access token to manage the post-receive hooks for a repository.

Can be one of: read, write

repository_projects string

The level of permission to grant the access token to manage repository projects, columns, and cards.

Can be one of: read, write, admin

secret_scanning_alerts string

The level of permission to grant the access token to view and manage secret scanning alerts.

Can be one of: read, write

secrets string

The level of permission to grant the access token to manage repository secrets.

Can be one of: read, write

security_events string

The level of permission to grant the access token to view and manage security events like code scanning alerts.

Can be one of: read, write

single_file string

The level of permission to grant the access token to manage just a single file.

Can be one of: read, write

statuses string

The level of permission to grant the access token for commit statuses.

Can be one of: read, write

vulnerability_alerts string

The level of permission to grant the access token to manage Dependabot alerts.

Can be one of: read, write

workflows string

The level of permission to grant the access token to update GitHub Actions workflow files.

Value: write

members string

The level of permission to grant the access token for organization teams and members.

Can be one of: read, write

organization_administration string

The level of permission to grant the access token to manage access to an organization.

Can be one of: read, write

organization_hooks string

The level of permission to grant the access token to manage the post-receive hooks for an organization.

Can be one of: read, write

organization_personal_access_tokens string

The level of permission to grant the access token for viewing and managing fine-grained personal access token requests to an organization.

Can be one of: read, write

organization_personal_access_token_requests string

The level of permission to grant the access token for viewing and managing fine-grained personal access tokens that have been approved by an organization.

Can be one of: read, write

organization_plan string

The level of permission to grant the access token for viewing an organization's plan.

Value: read

organization_projects string

The level of permission to grant the access token to manage organization projects and projects beta (where available).

Can be one of: read, write, admin

organization_packages string

The level of permission to grant the access token for organization packages published to GitHub Packages.

Can be one of: read, write

organization_secrets string

The level of permission to grant the access token to manage organization secrets.

Can be one of: read, write

organization_self_hosted_runners string

The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization.

Can be one of: read, write

organization_user_blocking string

The level of permission to grant the access token to view and manage users blocked by the organization.

Can be one of: read, write

team_discussions string

The level of permission to grant the access token to manage team discussions and related comments.

Can be one of: read, write

HTTP response status codes for "Create an installation access token for an app"

Status codeDescription
201

Created

401

Requires authentication

403

Forbidden

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Code samples for "Create an installation access token for an app"

post/app/installations/{installation_id}/access_tokens
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/app/installations/1/access_tokens \ -d '{"repository":"Hello-World","permissions":{"issues":"write","contents":"read"}}'

Response

Status: 201
{ "token": "ghs_16C7e42F292c6912E7710c838347Ae178B4a", "expires_at": "2016-07-11T22:14:10Z", "permissions": { "issues": "write", "contents": "read" }, "repository_selection": "selected", "repositories": [ { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "This your first repo!", "fork": false, "url": "https://HOSTNAME/repos/octocat/Hello-World", "archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors", "deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments", "downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads", "events_url": "https://HOSTNAME/repos/octocat/Hello-World/events", "forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks", "git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}", "git_url": "git:github.com/octocat/Hello-World.git", "issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages", "merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges", "milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}", "ssh_url": "git@github.com:octocat/Hello-World.git", "stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers", "statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers", "subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription", "tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags", "teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams", "trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}", "clone_url": "https://github.com/octocat/Hello-World.git", "mirror_url": "git:git.example.com/octocat/Hello-World", "hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks", "svn_url": "https://svn.github.com/octocat/Hello-World", "homepage": "https://github.com", "language": null, "forks_count": 9, "stargazers_count": 80, "watchers_count": 80, "size": 108, "default_branch": "master", "open_issues_count": 0, "is_template": true, "topics": [ "octocat", "atom", "electron", "api" ], "has_issues": true, "has_projects": true, "has_wiki": true, "has_pages": false, "has_downloads": true, "archived": false, "disabled": false, "visibility": "public", "pushed_at": "2011-01-26T19:06:43Z", "created_at": "2011-01-26T19:01:12Z", "updated_at": "2011-01-26T19:14:43Z", "permissions": { "admin": false, "push": false, "pull": true }, "allow_rebase_merge": true, "template_repository": null, "temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O", "allow_squash_merge": true, "allow_auto_merge": false, "delete_branch_on_merge": true, "allow_merge_commit": true, "subscribers_count": 42, "network_count": 0, "license": { "key": "mit", "name": "MIT License", "url": "https://HOSTNAME/licenses/mit", "spdx_id": "MIT", "node_id": "MDc6TGljZW5zZW1pdA==", "html_url": "https://github.com/licenses/mit" }, "forks": 1, "open_issues": 1, "watchers": 1 } ] }

Suspend an app installation

Suspends a GitHub App on a user, organization, or business account, which blocks the app from accessing the account's resources. When a GitHub App is suspended, the app's access to the GitHub Enterprise Server API or webhook events is blocked for that account.

You must use a JWT to access this endpoint.

Parameters for "Suspend an app installation"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
installation_id integer Required

The unique identifier of the installation.

HTTP response status codes for "Suspend an app installation"

Status codeDescription
204

No Content

404

Resource not found

Code samples for "Suspend an app installation"

put/app/installations/{installation_id}/suspended
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/app/installations/1/suspended

Response

Status: 204

Unsuspend an app installation

Removes a GitHub App installation suspension.

You must use a JWT to access this endpoint.

Parameters for "Unsuspend an app installation"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
installation_id integer Required

The unique identifier of the installation.

HTTP response status codes for "Unsuspend an app installation"

Status codeDescription
204

No Content

404

Resource not found

Code samples for "Unsuspend an app installation"

delete/app/installations/{installation_id}/suspended
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/app/installations/1/suspended

Response

Status: 204

Create a scoped access token

Use a non-scoped user access token to create a repository scoped and/or permission scoped user access token. You can specify which repositories the token can access and which permissions are granted to the token. You must use Basic Authentication when accessing this endpoint, using the client_id and client_secret of the GitHub App as the username and password. Invalid tokens will return 404 NOT FOUND.

Parameters for "Create a scoped access token"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
client_id string Required

The client ID of the GitHub app.

Body parameters
Name, Type, Description
access_token string Required

The access token used to authenticate to the GitHub API.

target string

The name of the user or organization to scope the user access token to. Required unless target_id is specified.

target_id integer

The ID of the user or organization to scope the user access token to. Required unless target is specified.

repositories array of strings

The list of repository names to scope the user access token to. repositories may not be specified if repository_ids is specified.

repository_ids array of integers

The list of repository IDs to scope the user access token to. repository_ids may not be specified if repositories is specified.

permissions object

The permissions granted to the user access token.

Name, Type, Description
actions string

The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts.

Can be one of: read, write

administration string

The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation.

Can be one of: read, write

checks string

The level of permission to grant the access token for checks on code.

Can be one of: read, write

contents string

The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges.

Can be one of: read, write

deployments string

The level of permission to grant the access token for deployments and deployment statuses.

Can be one of: read, write

environments string

The level of permission to grant the access token for managing repository environments.

Can be one of: read, write

issues string

The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones.

Can be one of: read, write

metadata string

The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata.

Can be one of: read, write

packages string

The level of permission to grant the access token for packages published to GitHub Packages.

Can be one of: read, write

pages string

The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds.

Can be one of: read, write

pull_requests string

The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges.

Can be one of: read, write

repository_hooks string

The level of permission to grant the access token to manage the post-receive hooks for a repository.

Can be one of: read, write

repository_projects string

The level of permission to grant the access token to manage repository projects, columns, and cards.

Can be one of: read, write, admin

secret_scanning_alerts string

The level of permission to grant the access token to view and manage secret scanning alerts.

Can be one of: read, write

secrets string

The level of permission to grant the access token to manage repository secrets.

Can be one of: read, write

security_events string

The level of permission to grant the access token to view and manage security events like code scanning alerts.

Can be one of: read, write

single_file string

The level of permission to grant the access token to manage just a single file.

Can be one of: read, write

statuses string

The level of permission to grant the access token for commit statuses.

Can be one of: read, write

vulnerability_alerts string

The level of permission to grant the access token to manage Dependabot alerts.

Can be one of: read, write

workflows string

The level of permission to grant the access token to update GitHub Actions workflow files.

Value: write

members string

The level of permission to grant the access token for organization teams and members.

Can be one of: read, write

organization_administration string

The level of permission to grant the access token to manage access to an organization.

Can be one of: read, write

organization_hooks string

The level of permission to grant the access token to manage the post-receive hooks for an organization.

Can be one of: read, write

organization_personal_access_tokens string

The level of permission to grant the access token for viewing and managing fine-grained personal access token requests to an organization.

Can be one of: read, write

organization_personal_access_token_requests string

The level of permission to grant the access token for viewing and managing fine-grained personal access tokens that have been approved by an organization.

Can be one of: read, write

organization_plan string

The level of permission to grant the access token for viewing an organization's plan.

Value: read

organization_projects string

The level of permission to grant the access token to manage organization projects and projects beta (where available).

Can be one of: read, write, admin

organization_packages string

The level of permission to grant the access token for organization packages published to GitHub Packages.

Can be one of: read, write

organization_secrets string

The level of permission to grant the access token to manage organization secrets.

Can be one of: read, write

organization_self_hosted_runners string

The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization.

Can be one of: read, write

organization_user_blocking string

The level of permission to grant the access token to view and manage users blocked by the organization.

Can be one of: read, write

team_discussions string

The level of permission to grant the access token to manage team discussions and related comments.

Can be one of: read, write

HTTP response status codes for "Create a scoped access token"

Status codeDescription
200

OK

401

Requires authentication

403

Forbidden

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Code samples for "Create a scoped access token"

post/applications/{client_id}/token/scoped
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/applications/Iv1.8a61f9b3a7aba766/token/scoped \ -d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a","target":"octocat","permissions":{"metadata":"read","issues":"write","contents":"read"}}'

Response

Status: 200
{ "id": 1, "url": "https://HOSTNAME/authorizations/1", "scopes": [], "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a", "token_last_eight": "Ae178B4a", "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8", "app": { "url": "http://my-github-app.com", "name": "my github app", "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", "updated_at": "2011-09-06T20:39:23Z", "created_at": "2011-09-06T17:26:27Z", "fingerprint": "jklmnop12345678", "expires_at": "2011-09-08T17:26:27Z", "user": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false }, "installation": { "permissions": { "metadata": "read", "issues": "write", "contents": "read" }, "repository_selection": "selected", "single_file_name": ".github/workflow.yml", "repositories_url": "https://HOSTNAME/user/repos", "account": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false }, "has_multiple_single_files": false, "single_file_paths": [] } }

Get an app

Works with GitHub Apps

Note: The :app_slug is just the URL-friendly name of your GitHub App. You can find this on the settings page for your GitHub App (e.g., https://github.com/settings/apps/:app_slug).

If the GitHub App you specify is public, you can access this endpoint without authenticating. If the GitHub App you specify is private, you must authenticate with a personal access token or an installation access token to access this endpoint.

Parameters for "Get an app"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
app_slug string Required

HTTP response status codes for "Get an app"

Status codeDescription
200

OK

403

Forbidden

404

Resource not found

Code samples for "Get an app"

get/apps/{app_slug}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/apps/APP_SLUG

Response

Status: 200
{ "id": 1, "slug": "octoapp", "node_id": "MDExOkludGVncmF0aW9uMQ==", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false }, "name": "Octocat App", "description": "", "external_url": "https://example.com", "html_url": "https://github.com/apps/octoapp", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "permissions": { "metadata": "read", "contents": "read", "issues": "write", "single_file": "write" }, "events": [ "push", "pull_request" ] }

Get an organization installation for the authenticated app

Enables an authenticated GitHub App to find the organization's installation information.

You must use a JWT to access this endpoint.

Parameters for "Get an organization installation for the authenticated app"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
org string Required

The organization name. The name is not case sensitive.

HTTP response status codes for "Get an organization installation for the authenticated app"

Status codeDescription
200

OK

Code samples for "Get an organization installation for the authenticated app"

get/orgs/{org}/installation
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/orgs/ORG/installation

Response

Status: 200
{ "id": 1, "account": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "avatar_url": "https://github.com/images/error/hubot_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/orgs/github", "html_url": "https://github.com/github", "followers_url": "https://HOSTNAME/users/github/followers", "following_url": "https://HOSTNAME/users/github/following{/other_user}", "gists_url": "https://HOSTNAME/users/github/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/github/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/github/subscriptions", "organizations_url": "https://HOSTNAME/users/github/orgs", "repos_url": "https://HOSTNAME/orgs/github/repos", "events_url": "https://HOSTNAME/orgs/github/events", "received_events_url": "https://HOSTNAME/users/github/received_events", "type": "Organization", "site_admin": false }, "repository_selection": "all", "access_tokens_url": "https://HOSTNAME/installations/1/access_tokens", "repositories_url": "https://HOSTNAME/installation/repositories", "html_url": "https://github.com/organizations/github/settings/installations/1", "app_id": 1, "target_id": 1, "target_type": "Organization", "permissions": { "checks": "write", "metadata": "read", "contents": "read" }, "events": [ "push", "pull_request" ], "created_at": "2018-02-09T20:51:14Z", "updated_at": "2018-02-09T20:51:14Z", "single_file_name": "config.yml", "has_multiple_single_files": true, "single_file_paths": [ "config.yml", ".github/issue_TEMPLATE.md" ], "app_slug": "github-actions", "suspended_at": null, "suspended_by": null }

Get a repository installation for the authenticated app

Enables an authenticated GitHub App to find the repository's installation information. The installation's account type will be either an organization or a user account, depending which account the repository belongs to.

You must use a JWT to access this endpoint.

Parameters for "Get a repository installation for the authenticated app"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
owner string Required

The account owner of the repository. The name is not case sensitive.

repo string Required

The name of the repository without the .git extension. The name is not case sensitive.

HTTP response status codes for "Get a repository installation for the authenticated app"

Status codeDescription
200

OK

301

Moved permanently

404

Resource not found

Code samples for "Get a repository installation for the authenticated app"

get/repos/{owner}/{repo}/installation
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/installation

Response

Status: 200
{ "id": 1, "account": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "avatar_url": "https://github.com/images/error/hubot_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/orgs/github", "html_url": "https://github.com/github", "followers_url": "https://HOSTNAME/users/github/followers", "following_url": "https://HOSTNAME/users/github/following{/other_user}", "gists_url": "https://HOSTNAME/users/github/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/github/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/github/subscriptions", "organizations_url": "https://HOSTNAME/users/github/orgs", "repos_url": "https://HOSTNAME/orgs/github/repos", "events_url": "https://HOSTNAME/orgs/github/events", "received_events_url": "https://HOSTNAME/users/github/received_events", "type": "Organization", "site_admin": false }, "repository_selection": "all", "access_tokens_url": "https://HOSTNAME/installations/1/access_tokens", "repositories_url": "https://HOSTNAME/installation/repositories", "html_url": "https://github.com/organizations/github/settings/installations/1", "app_id": 1, "target_id": 1, "target_type": "Organization", "permissions": { "checks": "write", "metadata": "read", "contents": "read" }, "events": [ "push", "pull_request" ], "created_at": "2018-02-09T20:51:14Z", "updated_at": "2018-02-09T20:51:14Z", "single_file_name": "config.yml", "has_multiple_single_files": true, "single_file_paths": [ "config.yml", ".github/issue_TEMPLATE.md" ], "app_slug": "github-actions", "suspended_at": null, "suspended_by": null }

Get a user installation for the authenticated app

Enables an authenticated GitHub App to find the user’s installation information.

You must use a JWT to access this endpoint.

Parameters for "Get a user installation for the authenticated app"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
username string Required

The handle for the GitHub user account.

HTTP response status codes for "Get a user installation for the authenticated app"

Status codeDescription
200

OK

Code samples for "Get a user installation for the authenticated app"

get/users/{username}/installation
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/users/USERNAME/installation

Response

Status: 200
{ "id": 1, "account": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "avatar_url": "https://github.com/images/error/hubot_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/orgs/github", "html_url": "https://github.com/github", "followers_url": "https://HOSTNAME/users/github/followers", "following_url": "https://HOSTNAME/users/github/following{/other_user}", "gists_url": "https://HOSTNAME/users/github/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/github/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/github/subscriptions", "organizations_url": "https://HOSTNAME/users/github/orgs", "repos_url": "https://HOSTNAME/orgs/github/repos", "events_url": "https://HOSTNAME/orgs/github/events", "received_events_url": "https://HOSTNAME/users/github/received_events", "type": "Organization", "site_admin": false }, "repository_selection": "all", "access_tokens_url": "https://HOSTNAME/installations/1/access_tokens", "repositories_url": "https://HOSTNAME/installation/repositories", "html_url": "https://github.com/organizations/github/settings/installations/1", "app_id": 1, "target_id": 1, "target_type": "Organization", "permissions": { "checks": "write", "metadata": "read", "contents": "read" }, "events": [ "push", "pull_request" ], "created_at": "2018-02-09T20:51:14Z", "updated_at": "2018-02-09T20:51:14Z", "single_file_name": "config.yml", "has_multiple_single_files": true, "single_file_paths": [ "config.yml", ".github/issue_TEMPLATE.md" ], "app_slug": "github-actions", "suspended_at": null, "suspended_by": null }