Skip to main content
We publish frequent updates to our documentation, and translation of this page may still be in progress. For the most current information, please visit the English documentation.
� 

� 

This version of GitHub Enterprise was discontinued on 2023-01-18. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.

We've recently moved some of the REST API documentation. If you can't find what you're looking for, you might try the new Branches, Collaborators, Commits, Deploy Keys, Deployments, GitHub Pages, Releases, Metrics, Webhooks REST API pages.

Protected branches

Use the REST API to manage protected branches.

Get branch protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

Code samples

get/repos/{owner}/{repo}/branches/{branch}/protection
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection

Response

Status: 200
{ "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection", "required_status_checks": { "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/required_status_checks", "contexts": [ "continuous-integration/travis-ci" ], "contexts_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/required_status_checks/contexts", "enforcement_level": "non_admins" }, "enforce_admins": { "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/enforce_admins", "enabled": true }, "required_pull_request_reviews": { "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/required_pull_request_reviews", "dismissal_restrictions": { "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/dismissal_restrictions", "users_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/dismissal_restrictions/users", "teams_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/dismissal_restrictions/teams", "users": [ { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false } ], "teams": [ { "id": 1, "node_id": "MDQ6VGVhbTE=", "url": "https://api.github.com/teams/1", "html_url": "https://github.com/orgs/github/teams/justice-league", "name": "Justice League", "slug": "justice-league", "description": "A great team.", "privacy": "closed", "permission": "admin", "members_url": "https://api.github.com/teams/1/members{/member}", "repositories_url": "https://api.github.com/teams/1/repos", "parent": null } ], "apps": [ { "id": 1, "slug": "octoapp", "node_id": "MDExOkludGVncmF0aW9uMQ==", "owner": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "url": "https://api.github.com/orgs/github", "repos_url": "https://api.github.com/orgs/github/repos", "events_url": "https://api.github.com/orgs/github/events", "hooks_url": "https://api.github.com/orgs/github/hooks", "issues_url": "https://api.github.com/orgs/github/issues", "members_url": "https://api.github.com/orgs/github/members{/member}", "public_members_url": "https://api.github.com/orgs/github/public_members{/member}", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "description": "A great organization" }, "name": "Octocat App", "description": "", "external_url": "https://example.com", "html_url": "https://github.com/apps/octoapp", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "permissions": { "metadata": "read", "contents": "read", "issues": "write", "single_file": "write" }, "events": [ "push", "pull_request" ] } ] }, "dismiss_stale_reviews": true, "require_code_owner_reviews": true, "required_approving_review_count": 2 }, "restrictions": { "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/restrictions", "users_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/restrictions/users", "teams_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/restrictions/teams", "apps_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/restrictions/apps", "users": [ { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false } ], "teams": [ { "id": 1, "node_id": "MDQ6VGVhbTE=", "url": "https://api.github.com/teams/1", "html_url": "https://github.com/orgs/github/teams/justice-league", "name": "Justice League", "slug": "justice-league", "description": "A great team.", "privacy": "closed", "permission": "admin", "members_url": "https://api.github.com/teams/1/members{/member}", "repositories_url": "https://api.github.com/teams/1/repos", "parent": null } ], "apps": [ { "id": 1, "slug": "octoapp", "node_id": "MDExOkludGVncmF0aW9uMQ==", "owner": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "url": "https://api.github.com/orgs/github", "repos_url": "https://api.github.com/orgs/github/repos", "events_url": "https://api.github.com/orgs/github/events", "hooks_url": "https://api.github.com/orgs/github/hooks", "issues_url": "https://api.github.com/orgs/github/issues", "members_url": "https://api.github.com/orgs/github/members{/member}", "public_members_url": "https://api.github.com/orgs/github/public_members{/member}", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "description": "A great organization" }, "name": "Octocat App", "description": "", "external_url": "https://example.com", "html_url": "https://github.com/apps/octoapp", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "permissions": { "metadata": "read", "contents": "read", "issues": "write", "single_file": "write" }, "events": [ "push", "pull_request" ] } ] }, "required_linear_history": { "enabled": true }, "allow_force_pushes": { "enabled": true }, "allow_deletions": { "enabled": true }, "required_conversation_resolution": { "enabled": true } }

Update branch protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Protecting a branch requires admin or owner permissions to the repository.

Note: Passing new arrays of users and teams replaces their previous values.

Note: The list of users, apps, and teams in total is limited to 100 items.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
required_status_checksobject or nullRequired

Require status checks to pass before merging. Set to null to disable.

strictbooleanRequired

Require branches to be up to date before merging.

contextsarray of stringsRequired

Deprecated: The list of status checks to require in order to merge into this branch. If any of these checks have recently been set by a particular GitHub App, they will be required to come from that app in future for the branch to merge. Use checks instead of contexts for more fine-grained control.

checksarray of objects

The list of status checks to require in order to merge into this branch.

contextstringRequired

The name of the required check

app_idinteger

The ID of the GitHub App that must provide this check. Omit this field to automatically select the GitHub App that has recently provided this check, or any app if it was not set by a GitHub App. Pass -1 to explicitly allow any app to set the status.

enforce_adminsboolean or nullRequired

Enforce all configured restrictions for administrators. Set to true to enforce required status checks for repository administrators. Set to null to disable.

required_pull_request_reviewsobject or nullRequired

Require at least one approving review on a pull request, before merging. Set to null to disable.

dismissal_restrictionsobject

Specify which users, teams, and apps can dismiss pull request reviews. Pass an empty dismissal_restrictions object to disable. User and team dismissal_restrictions are only available for organization-owned repositories. Omit this parameter for personal repositories.

usersarray of strings

The list of user logins with dismissal access

teamsarray of strings

The list of team slugs with dismissal access

appsarray of strings

The list of app slugs with dismissal access

dismiss_stale_reviewsboolean

Set to true if you want to automatically dismiss approving reviews when someone pushes a new commit.

require_code_owner_reviewsboolean

Blocks merging pull requests until code owners review them.

required_approving_review_countinteger

Specify the number of reviewers required to approve pull requests. Use a number between 1 and 6.

restrictionsobject or nullRequired

Restrict who can push to the protected branch. User, app, and team restrictions are only available for organization-owned repositories. Set to null to disable.

usersarray of stringsRequired

The list of user logins with push access

teamsarray of stringsRequired

The list of team slugs with push access

appsarray of strings

The list of app slugs with push access

required_linear_historyboolean

Enforces a linear commit Git history, which prevents anyone from pushing merge commits to a branch. Set to true to enforce a linear commit history. Set to false to disable a linear commit Git history. Your repository must allow squash merging or rebase merging before you can enable a linear commit history. Default: false. For more information, see "Requiring a linear commit history" in the GitHub Help documentation.

allow_force_pushesboolean or null

Permits force pushes to the protected branch by anyone with write access to the repository. Set to true to allow force pushes. Set to false or null to block force pushes. Default: false. For more information, see "Enabling force pushes to a protected branch" in the GitHub Help documentation."

allow_deletionsboolean

Allows deletion of the protected branch by anyone with write access to the repository. Set to false to prevent deletion of the protected branch. Default: false. For more information, see "Enabling force pushes to a protected branch" in the GitHub Help documentation.

block_creationsboolean

If set to true, the restrictions branch protection settings which limits who can push will also block pushes which create new branches, unless the push is initiated by a user, team, or app which has the ability to push. Set to true to restrict new branch creation. Default: false.

required_conversation_resolutionboolean

Requires all conversations on code to be resolved before a pull request can be merged into a branch that matches this rule. Set to false to disable. Default: false.

contextsarray of strings

The list of status checks to require in order to merge into this branch.

HTTP response status codes

Status codeDescription
200

OK

403

Forbidden

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Code samples

put/repos/{owner}/{repo}/branches/{branch}/protection
curl \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection \ -d '{"required_status_checks":{"strict":true,"contexts":["continuous-integration/travis-ci"]},"enforce_admins":true,"required_pull_request_reviews":{"dismissal_restrictions":{"users":["octocat"],"teams":["justice-league"]},"dismiss_stale_reviews":true,"require_code_owner_reviews":true,"required_approving_review_count":2,"bypass_pull_request_allowances":{"users":["octocat"],"teams":["justice-league"]}},"restrictions":{"users":["octocat"],"teams":["justice-league"],"apps":["super-ci"]},"required_linear_history":true,"allow_force_pushes":true,"allow_deletions":true,"block_creations":true,"required_conversation_resolution":true}'

Response

Status: 200
{ "url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection", "required_status_checks": { "url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection/required_status_checks", "strict": true, "contexts": [ "continuous-integration/travis-ci" ], "contexts_url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection/required_status_checks/contexts", "checks": [ { "context": "continuous-integration/travis-ci", "app_id": null } ] }, "restrictions": { "url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection/restrictions", "users_url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection/restrictions/users", "teams_url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection/restrictions/teams", "apps_url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection/restrictions/apps", "users": [], "teams": [], "apps": [] }, "required_pull_request_reviews": { "url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection/required_pull_request_reviews", "dismiss_stale_reviews": true, "require_code_owner_reviews": true, "required_approving_review_count": 2, "dismissal_restrictions": { "url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection/dismissal_restrictions", "users_url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection/dismissal_restrictions/users", "teams_url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection/dismissal_restrictions/teams", "users": [], "teams": [], "apps": [] } }, "required_signatures": { "url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection/required_signatures", "enabled": false }, "enforce_admins": { "url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection/enforce_admins", "enabled": true }, "required_linear_history": { "enabled": true }, "allow_force_pushes": { "enabled": true }, "allow_deletions": { "enabled": true }, "block_creations": { "enabled": true }, "required_conversation_resolution": { "enabled": true } }

Delete branch protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
204

No Content

403

Forbidden

Code samples

delete/repos/{owner}/{repo}/branches/{branch}/protection
curl \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection

Response

Status: 204

Get admin branch protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
200

OK

Code samples

get/repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/enforce_admins

Response

Status: 200
{ "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/enforce_admins", "enabled": true }

Set admin branch protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Adding admin enforcement requires admin or owner permissions to the repository and branch protection to be enabled.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
200

OK

Code samples

post/repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins
curl \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/enforce_admins

Response

Status: 200
{ "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/enforce_admins", "enabled": true }

Delete admin branch protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Removing admin enforcement requires admin or owner permissions to the repository and branch protection to be enabled.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
204

No Content

404

Resource not found

Code samples

delete/repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins
curl \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/enforce_admins

Response

Status: 204

Get pull request review protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
200

OK

Code samples

get/repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_pull_request_reviews

Response

Status: 200
{ "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/required_pull_request_reviews", "dismissal_restrictions": { "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/dismissal_restrictions", "users_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/dismissal_restrictions/users", "teams_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/dismissal_restrictions/teams", "users": [ { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false } ], "teams": [ { "id": 1, "node_id": "MDQ6VGVhbTE=", "url": "https://api.github.com/teams/1", "html_url": "https://github.com/orgs/github/teams/justice-league", "name": "Justice League", "slug": "justice-league", "description": "A great team.", "privacy": "closed", "permission": "admin", "members_url": "https://api.github.com/teams/1/members{/member}", "repositories_url": "https://api.github.com/teams/1/repos", "parent": null } ], "apps": [ { "id": 1, "slug": "octoapp", "node_id": "MDExOkludGVncmF0aW9uMQ==", "owner": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "url": "https://api.github.com/orgs/github", "repos_url": "https://api.github.com/orgs/github/repos", "events_url": "https://api.github.com/orgs/github/events", "hooks_url": "https://api.github.com/orgs/github/hooks", "issues_url": "https://api.github.com/orgs/github/issues", "members_url": "https://api.github.com/orgs/github/members{/member}", "public_members_url": "https://api.github.com/orgs/github/public_members{/member}", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "description": "A great organization" }, "name": "Octocat App", "description": "", "external_url": "https://example.com", "html_url": "https://github.com/apps/octoapp", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "permissions": { "metadata": "read", "contents": "read", "issues": "write", "single_file": "write" }, "events": [ "push", "pull_request" ] } ] }, "dismiss_stale_reviews": true, "require_code_owner_reviews": true, "required_approving_review_count": 2 }

Update pull request review protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Updating pull request review enforcement requires admin or owner permissions to the repository and branch protection to be enabled.

Note: Passing new arrays of users and teams replaces their previous values.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
dismissal_restrictionsobject

Specify which users, teams, and apps can dismiss pull request reviews. Pass an empty dismissal_restrictions object to disable. User and team dismissal_restrictions are only available for organization-owned repositories. Omit this parameter for personal repositories.

usersarray of strings

The list of user logins with dismissal access

teamsarray of strings

The list of team slugs with dismissal access

appsarray of strings

The list of app slugs with dismissal access

dismiss_stale_reviewsboolean

Set to true if you want to automatically dismiss approving reviews when someone pushes a new commit.

require_code_owner_reviewsboolean

Blocks merging pull requests until code owners have reviewed.

required_approving_review_countinteger

Specifies the number of reviewers required to approve pull requests. Use a number between 1 and 6.

HTTP response status codes

Status codeDescription
200

OK

422

Validation failed, or the endpoint has been spammed.

Code samples

patch/repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews
curl \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_pull_request_reviews \ -d '{"dismissal_restrictions":{"users":["octocat"],"teams":["justice-league"],"apps":["octoapp"]},"bypass_pull_request_allowances":{"users":["octocat"],"teams":["justice-league"],"apps":["octoapp"]},"dismiss_stale_reviews":true,"require_code_owner_reviews":true,"required_approving_review_count":2}'

Response

Status: 200
{ "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/required_pull_request_reviews", "dismissal_restrictions": { "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/dismissal_restrictions", "users_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/dismissal_restrictions/users", "teams_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/dismissal_restrictions/teams", "users": [ { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false } ], "teams": [ { "id": 1, "node_id": "MDQ6VGVhbTE=", "url": "https://api.github.com/teams/1", "html_url": "https://github.com/orgs/github/teams/justice-league", "name": "Justice League", "slug": "justice-league", "description": "A great team.", "privacy": "closed", "permission": "admin", "members_url": "https://api.github.com/teams/1/members{/member}", "repositories_url": "https://api.github.com/teams/1/repos", "parent": null } ], "apps": [ { "id": 1, "slug": "octoapp", "node_id": "MDExOkludGVncmF0aW9uMQ==", "owner": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "url": "https://api.github.com/orgs/github", "repos_url": "https://api.github.com/orgs/github/repos", "events_url": "https://api.github.com/orgs/github/events", "hooks_url": "https://api.github.com/orgs/github/hooks", "issues_url": "https://api.github.com/orgs/github/issues", "members_url": "https://api.github.com/orgs/github/members{/member}", "public_members_url": "https://api.github.com/orgs/github/public_members{/member}", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "description": "A great organization" }, "name": "Octocat App", "description": "", "external_url": "https://example.com", "html_url": "https://github.com/apps/octoapp", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "permissions": { "metadata": "read", "contents": "read", "issues": "write", "single_file": "write" }, "events": [ "push", "pull_request" ] } ] }, "dismiss_stale_reviews": true, "require_code_owner_reviews": true, "required_approving_review_count": 2 }

Delete pull request review protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
204

No Content

404

Resource not found

Code samples

delete/repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews
curl \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_pull_request_reviews

Response

Status: 204

Get commit signature protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

When authenticated with admin or owner permissions to the repository, you can use this endpoint to check whether a branch requires signed commits. An enabled status of true indicates you must sign commits on this branch. For more information, see Signing commits with GPG in GitHub Help.

Note: You must enable branch protection to require signed commits.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

Code samples

get/repos/{owner}/{repo}/branches/{branch}/protection/required_signatures
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_signatures

Response

Status: 200
{ "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/required_signatures", "enabled": true }

Create commit signature protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

When authenticated with admin or owner permissions to the repository, you can use this endpoint to require signed commits on a branch. You must enable branch protection to require signed commits.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

Code samples

post/repos/{owner}/{repo}/branches/{branch}/protection/required_signatures
curl \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_signatures

Response

Status: 200
{ "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/required_signatures", "enabled": true }

Delete commit signature protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

When authenticated with admin or owner permissions to the repository, you can use this endpoint to disable required signed commits on a branch. You must enable branch protection to require signed commits.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
204

No Content

404

Resource not found

Code samples

delete/repos/{owner}/{repo}/branches/{branch}/protection/required_signatures
curl \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_signatures

Response

Status: 204

Get status checks protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

Code samples

get/repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_status_checks

Response

Status: 200
{ "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/required_status_checks", "strict": true, "contexts": [ "continuous-integration/travis-ci" ], "contexts_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/required_status_checks/contexts" }

Update status check protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Updating required status checks requires admin or owner permissions to the repository and branch protection to be enabled.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
strictboolean

Require branches to be up to date before merging.

contextsarray of strings

The list of status checks to require in order to merge into this branch

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Code samples

patch/repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks
curl \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_status_checks \ -d '{"strict":true,"contexts":["continuous-integration/travis-ci"]}'

Response

Status: 200
{ "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/required_status_checks", "strict": true, "contexts": [ "continuous-integration/travis-ci" ], "contexts_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/required_status_checks/contexts" }

Remove status check protection

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
204

No Content

Code samples

delete/repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks
curl \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_status_checks

Response

Status: 204

Get all status check contexts

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

Code samples

get/repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_status_checks/contexts

Response

Status: 200
[ "continuous-integration/travis-ci" ]

Add status check contexts

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
contextsarray of stringsRequired

The name of the status checks

HTTP response status codes

Status codeDescription
200

OK

403

Forbidden

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Code samples

post/repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts
curl \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_status_checks/contexts \ -d '{"contexts":["continuous-integration/travis-ci","continuous-integration/jenkins"]}'

Response

Status: 200
[ "continuous-integration/travis-ci", "continuous-integration/jenkins" ]

Set status check contexts

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
contextsarray of stringsRequired

The name of the status checks

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Code samples

put/repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts
curl \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_status_checks/contexts \ -d '{"contexts":["continuous-integration/travis-ci"]}'

Response

Status: 200
[ "continuous-integration/travis-ci" ]

Remove status check contexts

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
contextsarray of stringsRequired

The name of the status checks

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Code samples

delete/repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts
curl \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/required_status_checks/contexts \ -d '{"contexts":["continuous-integration/travis-ci"]}'

Response

Status: 200
[ "continuous-integration/travis-ci" ]

Get access restrictions

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Lists who has access to this protected branch.

Note: Users, apps, and teams restrictions are only available for organization-owned repositories.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

Code samples

get/repos/{owner}/{repo}/branches/{branch}/protection/restrictions
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions

Response

Status: 200
{ "url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/restrictions", "users_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/restrictions/users", "teams_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/restrictions/teams", "apps_url": "https://api.github.com/repos/octocat/Hello-World/branches/master/protection/restrictions/apps", "users": [ { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false } ], "teams": [ { "id": 1, "node_id": "MDQ6VGVhbTE=", "url": "https://api.github.com/teams/1", "html_url": "https://github.com/orgs/github/teams/justice-league", "name": "Justice League", "slug": "justice-league", "description": "A great team.", "privacy": "closed", "permission": "admin", "members_url": "https://api.github.com/teams/1/members{/member}", "repositories_url": "https://api.github.com/teams/1/repos", "parent": null } ], "apps": [ { "id": 1, "slug": "octoapp", "node_id": "MDExOkludGVncmF0aW9uMQ==", "owner": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "url": "https://api.github.com/orgs/github", "repos_url": "https://api.github.com/orgs/github/repos", "events_url": "https://api.github.com/orgs/github/events", "hooks_url": "https://api.github.com/orgs/github/hooks", "issues_url": "https://api.github.com/orgs/github/issues", "members_url": "https://api.github.com/orgs/github/members{/member}", "public_members_url": "https://api.github.com/orgs/github/public_members{/member}", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "description": "A great organization" }, "name": "Octocat App", "description": "", "external_url": "https://example.com", "html_url": "https://github.com/apps/octoapp", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "permissions": { "metadata": "read", "contents": "read", "issues": "write", "single_file": "write" }, "events": [ "push", "pull_request" ] } ] }

Delete access restrictions

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Disables the ability to restrict who can push to this branch.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
204

No Content

Code samples

delete/repos/{owner}/{repo}/branches/{branch}/protection/restrictions
curl \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions

Response

Status: 204

Get apps with access to the protected branch

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Lists the GitHub Apps that have push access to this branch. Only installed GitHub Apps with write access to the contents permission can be added as authorized actors on a protected branch.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

Code samples

get/repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions/apps

Response

Status: 200
[ { "id": 1, "slug": "octoapp", "node_id": "MDExOkludGVncmF0aW9uMQ==", "owner": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "url": "https://api.github.com/orgs/github", "repos_url": "https://api.github.com/orgs/github/repos", "events_url": "https://api.github.com/orgs/github/events", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": true }, "name": "Octocat App", "description": "", "external_url": "https://example.com", "html_url": "https://github.com/apps/octoapp", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "permissions": { "metadata": "read", "contents": "read", "issues": "write", "single_file": "write" }, "events": [ "push", "pull_request" ] } ]

Add app access restrictions

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Grants the specified apps push access for this branch. Only installed GitHub Apps with write access to the contents permission can be added as authorized actors on a protected branch.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
appsarray of stringsRequired

The GitHub Apps that have push access to this branch. Use the slugified version of the app name. Note: The list of users, apps, and teams in total is limited to 100 items.

HTTP response status codes

Status codeDescription
200

OK

422

Validation failed, or the endpoint has been spammed.

Code samples

post/repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
curl \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions/apps \ -d '{"apps":["octoapp"]}'

Response

Status: 200
[ { "id": 1, "slug": "octoapp", "node_id": "MDExOkludGVncmF0aW9uMQ==", "owner": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "url": "https://api.github.com/orgs/github", "repos_url": "https://api.github.com/orgs/github/repos", "events_url": "https://api.github.com/orgs/github/events", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": true }, "name": "Octocat App", "description": "", "external_url": "https://example.com", "html_url": "https://github.com/apps/octoapp", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "permissions": { "metadata": "read", "contents": "read", "issues": "write", "single_file": "write" }, "events": [ "push", "pull_request" ] } ]

Set app access restrictions

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Replaces the list of apps that have push access to this branch. This removes all apps that previously had push access and grants push access to the new list of apps. Only installed GitHub Apps with write access to the contents permission can be added as authorized actors on a protected branch.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
appsarray of stringsRequired

The GitHub Apps that have push access to this branch. Use the slugified version of the app name. Note: The list of users, apps, and teams in total is limited to 100 items.

HTTP response status codes

Status codeDescription
200

OK

422

Validation failed, or the endpoint has been spammed.

Code samples

put/repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
curl \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions/apps \ -d '{"apps":["octoapp"]}'

Response

Status: 200
[ { "id": 1, "slug": "octoapp", "node_id": "MDExOkludGVncmF0aW9uMQ==", "owner": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "url": "https://api.github.com/orgs/github", "repos_url": "https://api.github.com/orgs/github/repos", "events_url": "https://api.github.com/orgs/github/events", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": true }, "name": "Octocat App", "description": "", "external_url": "https://example.com", "html_url": "https://github.com/apps/octoapp", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "permissions": { "metadata": "read", "contents": "read", "issues": "write", "single_file": "write" }, "events": [ "push", "pull_request" ] } ]

Remove app access restrictions

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Removes the ability of an app to push to this branch. Only installed GitHub Apps with write access to the contents permission can be added as authorized actors on a protected branch.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
appsarray of stringsRequired

The GitHub Apps that have push access to this branch. Use the slugified version of the app name. Note: The list of users, apps, and teams in total is limited to 100 items.

HTTP response status codes

Status codeDescription
200

OK

422

Validation failed, or the endpoint has been spammed.

Code samples

delete/repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
curl \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions/apps \ -d '{"apps":["my-app"]}'

Response

Status: 200
[ { "id": 1, "slug": "octoapp", "node_id": "MDExOkludGVncmF0aW9uMQ==", "owner": { "login": "github", "id": 1, "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", "url": "https://api.github.com/orgs/github", "repos_url": "https://api.github.com/orgs/github/repos", "events_url": "https://api.github.com/orgs/github/events", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": true }, "name": "Octocat App", "description": "", "external_url": "https://example.com", "html_url": "https://github.com/apps/octoapp", "created_at": "2017-07-08T16:18:44-04:00", "updated_at": "2017-07-08T16:18:44-04:00", "permissions": { "metadata": "read", "contents": "read", "issues": "write", "single_file": "write" }, "events": [ "push", "pull_request" ] } ]

Get teams with access to the protected branch

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Lists the teams who have push access to this branch. The list includes child teams.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

Code samples

get/repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions/teams

Response

Status: 200
[ { "id": 1, "node_id": "MDQ6VGVhbTE=", "url": "https://api.github.com/teams/1", "html_url": "https://github.com/orgs/github/teams/justice-league", "name": "Justice League", "slug": "justice-league", "description": "A great team.", "privacy": "closed", "permission": "admin", "members_url": "https://api.github.com/teams/1/members{/member}", "repositories_url": "https://api.github.com/teams/1/repos", "parent": null } ]

Add team access restrictions

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Grants the specified teams push access for this branch. You can also give push access to child teams.

TypeDescription
arrayThe teams that can have push access. Use the team's slug. Note: The list of users, apps, and teams in total is limited to 100 items.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
teamsarray of stringsRequired

The slug values for teams

HTTP response status codes

Status codeDescription
200

OK

422

Validation failed, or the endpoint has been spammed.

Code samples

post/repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams
curl \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions/teams \ -d '{"teams":["justice-league"]}'

Response

Status: 200
[ { "id": 1, "node_id": "MDQ6VGVhbTE=", "url": "https://api.github.com/teams/1", "html_url": "https://github.com/orgs/github/teams/justice-league", "name": "Justice League", "slug": "justice-league", "description": "A great team.", "privacy": "closed", "permission": "admin", "members_url": "https://api.github.com/teams/1/members{/member}", "repositories_url": "https://api.github.com/teams/1/repos", "parent": null } ]

Set team access restrictions

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Replaces the list of teams that have push access to this branch. This removes all teams that previously had push access and grants push access to the new list of teams. Team restrictions include child teams.

TypeDescription
arrayThe teams that can have push access. Use the team's slug. Note: The list of users, apps, and teams in total is limited to 100 items.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
teamsarray of stringsRequired

The slug values for teams

HTTP response status codes

Status codeDescription
200

OK

422

Validation failed, or the endpoint has been spammed.

Code samples

put/repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams
curl \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions/teams \ -d '{"teams":["justice-league"]}'

Response

Status: 200
[ { "id": 1, "node_id": "MDQ6VGVhbTE=", "url": "https://api.github.com/teams/1", "html_url": "https://github.com/orgs/github/teams/justice-league", "name": "Justice League", "slug": "justice-league", "description": "A great team.", "privacy": "closed", "permission": "admin", "members_url": "https://api.github.com/teams/1/members{/member}", "repositories_url": "https://api.github.com/teams/1/repos", "parent": null } ]

Remove team access restrictions

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Removes the ability of a team to push to this branch. You can also remove push access for child teams.

TypeDescription
arrayTeams that should no longer have push access. Use the team's slug. Note: The list of users, apps, and teams in total is limited to 100 items.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
teamsarray of stringsRequired

The slug values for teams

HTTP response status codes

Status codeDescription
200

OK

422

Validation failed, or the endpoint has been spammed.

Code samples

delete/repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams
curl \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions/teams \ -d '{"teams":["justice-league"]}'

Response

Status: 200
[ { "id": 1, "node_id": "MDQ6VGVhbTE=", "url": "https://api.github.com/teams/1", "html_url": "https://github.com/orgs/github/teams/justice-league", "name": "Justice League", "slug": "justice-league", "description": "A great team.", "privacy": "closed", "permission": "admin", "members_url": "https://api.github.com/teams/1/members{/member}", "repositories_url": "https://api.github.com/teams/1/repos", "parent": null } ]

Get users with access to the protected branch

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Lists the people who have push access to this branch.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

HTTP response status codes

Status codeDescription
200

OK

404

Resource not found

Code samples

get/repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions/users

Response

Status: 200
[ { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false } ]

Add user access restrictions

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Grants the specified people push access for this branch.

TypeDescription
arrayUsernames for people who can have push access. Note: The list of users, apps, and teams in total is limited to 100 items.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
usersarray of stringsRequired

The username for users

HTTP response status codes

Status codeDescription
200

OK

422

Validation failed, or the endpoint has been spammed.

Code samples

post/repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users
curl \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions/users \ -d '{"users":["octocat"]}'

Response

Status: 200
[ { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false } ]

Set user access restrictions

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Replaces the list of people that have push access to this branch. This removes all people that previously had push access and grants push access to the new list of people.

TypeDescription
arrayUsernames for people who can have push access. Note: The list of users, apps, and teams in total is limited to 100 items.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
usersarray of stringsRequired

The username for users

HTTP response status codes

Status codeDescription
200

OK

422

Validation failed, or the endpoint has been spammed.

Code samples

put/repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users
curl \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions/users \ -d '{"users":["octocat"]}'

Response

Status: 200
[ { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false } ]

Remove user access restrictions

Works with GitHub Apps

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Removes the ability of a user to push to this branch.

TypeDescription
arrayUsernames of the people who should no longer have push access. Note: The list of users, apps, and teams in total is limited to 100 items.

Parameters

Headers
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

branchstringRequired

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Body parameters
usersarray of stringsRequired

The username for users

HTTP response status codes

Status codeDescription
200

OK

422

Validation failed, or the endpoint has been spammed.

Code samples

delete/repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users
curl \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/branches/BRANCH/protection/restrictions/users \ -d '{"users":["octocat"]}'

Response

Status: 200
[ { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false } ]