English

Explore by product

REST API
English
Article version: GitHub.com
Article version: GitHub.com

Apps

In this article

The GitHub Apps API enables you to get high-level information about a GitHub App as well as specific information about installations of the app. To learn more about GitHub Apps, see "Authenticating as a GitHub App."

If you are using your app with GitHub Actions and want to modify workflow files, you must authenticate on behalf of the user with an OAuth token that includes the workflow scope. The user must have admin or write permission to the repository that contains the workflow file. For more information, see "Understanding scopes for OAuth apps."

This page lists endpoints that you can access while authenticated as a GitHub App. See "Authenticating as a GitHub App" to learn more.

When authenticated as a GitHub App, the GitHub Apps API enables you to get high-level information about a GitHub App as well as specific information about installations of an app.

You can access REST API v3 endpoints while authenticated as a GitHub App. These endpoints have a "Notes" section that contains a bullet point that says "Works with GitHub Apps." You can also access these endpoints while authenticated as a user.

A subset of REST API v3 endpoints requires authenticating as a GitHub App installation. See Installations for a list of these endpoints.

Get the authenticated app

Returns the GitHub App associated with the authentication credentials used. To see how many app installations are associated with this GitHub App, see the installations_count in the response. For more details about your app's installations, see the "List installations for the authenticated app" endpoint.

You must use a JWT to access this endpoint.

get /app

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app
JavaScript (@octokit/core.js)
await octokit.request('GET /app')

Response

Status: 200 OK
{
  "id": 1,
  "slug": "octoapp",
  "node_id": "MDExOkludGVncmF0aW9uMQ==",
  "owner": {
    "login": "github",
    "id": 1,
    "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
    "url": "https://api.github.com/orgs/github",
    "repos_url": "https://api.github.com/orgs/github/repos",
    "events_url": "https://api.github.com/orgs/github/events",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "User",
    "site_admin": true
  },
  "name": "Octocat App",
  "description": "",
  "external_url": "https://example.com",
  "html_url": "https://github.com/apps/octoapp",
  "created_at": "2017-07-08T16:18:44-04:00",
  "updated_at": "2017-07-08T16:18:44-04:00",
  "permissions": {
    "metadata": "read",
    "contents": "read",
    "issues": "write",
    "single_file": "write"
  },
  "events": [
    "push",
    "pull_request"
  ]
}

Notes

Create a GitHub App from a manifest

Use this endpoint to complete the handshake necessary when implementing the GitHub App Manifest flow. When you create a GitHub App with the manifest flow, you receive a temporary code used to retrieve the GitHub App's id, pem (private key), and webhook_secret.

post /app-manifests/{code}/conversions

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
code string path

Code samples

Shell
curl \
  -X POST \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app-manifests/CODE/conversions
JavaScript (@octokit/core.js)
await octokit.request('POST /app-manifests/{code}/conversions', {
  code: 'code'
})

Response

Status: 201 Created
{
  "id": 1,
  "slug": "octoapp",
  "node_id": "MDxOkludGVncmF0aW9uMQ==",
  "owner": {
    "login": "github",
    "id": 1,
    "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
    "url": "https://api.github.com/orgs/github",
    "repos_url": "https://api.github.com/orgs/github/repos",
    "events_url": "https://api.github.com/orgs/github/events",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "User",
    "site_admin": true
  },
  "name": "Octocat App",
  "description": "",
  "external_url": "https://example.com",
  "html_url": "https://github.com/apps/octoapp",
  "created_at": "2017-07-08T16:18:44-04:00",
  "updated_at": "2017-07-08T16:18:44-04:00",
  "permissions": {
    "metadata": "read",
    "contents": "read",
    "issues": "write",
    "single_file": "write"
  },
  "events": [
    "push",
    "pull_request"
  ],
  "client_id": "Iv1.8a61f9b3a7aba766",
  "client_secret": "1726be1638095a19edd134c77bde3aa2ece1e5d8",
  "webhook_secret": "e340154128314309424b7c8e90325147d99fdafa",
  "pem": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAuEPzOUE+kiEH1WLiMeBytTEF856j0hOVcSUSUkZxKvqczkWM\n9vo1gDyC7ZXhdH9fKh32aapba3RSsp4ke+giSmYTk2mGR538ShSDxh0OgpJmjiKP\nX0Bj4j5sFqfXuCtl9SkH4iueivv4R53ktqM+n6hk98l6hRwC39GVIblAh2lEM4L/\n6WvYwuQXPMM5OG2Ryh2tDZ1WS5RKfgq+9ksNJ5Q9UtqtqHkO+E63N5OK9sbzpUUm\noNaOl3udTlZD3A8iqwMPVxH4SxgATBPAc+bmjk6BMJ0qIzDcVGTrqrzUiywCTLma\nszdk8GjzXtPDmuBgNn+o6s02qVGpyydgEuqmTQIDAQABAoIBACL6AvkjQVVLn8kJ\ndBYznJJ4M8ECo+YEgaFwgAHODT0zRQCCgzd+Vxl4YwHmKV2Lr+y2s0drZt8GvYva\nKOK8NYYZyi15IlwFyRXmvvykF1UBpSXluYFDH7KaVroWMgRreHcIys5LqVSIb6Bo\ngDmK0yBLPp8qR29s2b7ScZRtLaqGJiX+j55rNzrZwxHkxFHyG9OG+u9IsBElcKCP\nkYCVE8ZdYexfnKOZbgn2kZB9qu0T/Mdvki8yk3I2bI6xYO24oQmhnT36qnqWoCBX\nNuCNsBQgpYZeZET8mEAUmo9d+ABmIHIvSs005agK8xRaP4+6jYgy6WwoejJRF5yd\nNBuF7aECgYEA50nZ4FiZYV0vcJDxFYeY3kYOvVuKn8OyW+2rg7JIQTremIjv8FkE\nZnwuF9ZRxgqLxUIfKKfzp/5l5LrycNoj2YKfHKnRejxRWXqG+ZETfxxlmlRns0QG\nJ4+BYL0CoanDSeA4fuyn4Bv7cy/03TDhfg/Uq0Aeg+hhcPE/vx3ebPsCgYEAy/Pv\neDLssOSdeyIxf0Brtocg6aPXIVaLdus+bXmLg77rJIFytAZmTTW8SkkSczWtucI3\nFI1I6sei/8FdPzAl62/JDdlf7Wd9K7JIotY4TzT7Tm7QU7xpfLLYIP1bOFjN81rk\n77oOD4LsXcosB/U6s1blPJMZ6AlO2EKs10UuR1cCgYBipzuJ2ADEaOz9RLWwi0AH\nPza2Sj+c2epQD9ZivD7Zo/Sid3ZwvGeGF13JyR7kLEdmAkgsHUdu1rI7mAolXMaB\n1pdrsHureeLxGbRM6za3tzMXWv1Il7FQWoPC8ZwXvMOR1VQDv4nzq7vbbA8z8c+c\n57+8tALQHOTDOgQIzwK61QKBgERGVc0EJy4Uag+VY8J4m1ZQKBluqo7TfP6DQ7O8\nM5MX73maB/7yAX8pVO39RjrhJlYACRZNMbK+v/ckEQYdJSSKmGCVe0JrGYDuPtic\nI9+IGfSorf7KHPoMmMN6bPYQ7Gjh7a++tgRFTMEc8956Hnt4xGahy9NcglNtBpVN\n6G8jAoGBAMCh028pdzJa/xeBHLLaVB2sc0Fe7993WlsPmnVE779dAz7qMscOtXJK\nfgtriltLSSD6rTA9hUAsL/X62rY0wdXuNdijjBb/qvrx7CAV6i37NK1CjABNjsfG\nZM372Ac6zc1EqSrid2IjET1YqyIW2KGLI1R2xbQc98UGlt48OdWu\n-----END RSA PRIVATE KEY-----\n"
}

Resource not found

Status: 404 Not Found

Validation failed

Status: 422 Unprocessable Entity

List installations for the authenticated app

You must use a JWT to access this endpoint.

The permissions the installation has are included under the permissions key.

get /app/installations

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
per_page integer query

Results per page (max 100)

Default: 30
page integer query

Page number of the results to fetch.

Default: 1
since string query

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
outdated string query

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/installations
JavaScript (@octokit/core.js)
await octokit.request('GET /app/installations')

The permissions the installation has are included under the `permissions` key.

Status: 200 OK
[
  {
    "id": 1,
    "account": {
      "login": "octocat",
      "id": 1,
      "node_id": "MDQ6VXNlcjE=",
      "avatar_url": "https://github.com/images/error/octocat_happy.gif",
      "gravatar_id": "",
      "url": "https://api.github.com/users/octocat",
      "html_url": "https://github.com/octocat",
      "followers_url": "https://api.github.com/users/octocat/followers",
      "following_url": "https://api.github.com/users/octocat/following{/other_user}",
      "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
      "organizations_url": "https://api.github.com/users/octocat/orgs",
      "repos_url": "https://api.github.com/users/octocat/repos",
      "events_url": "https://api.github.com/users/octocat/events{/privacy}",
      "received_events_url": "https://api.github.com/users/octocat/received_events",
      "type": "User",
      "site_admin": false
    },
    "access_tokens_url": "https://api.github.com/installations/1/access_tokens",
    "repositories_url": "https://api.github.com/installation/repositories",
    "html_url": "https://github.com/organizations/github/settings/installations/1",
    "app_id": 1,
    "target_id": 1,
    "target_type": "Organization",
    "permissions": {
      "checks": "write",
      "metadata": "read",
      "contents": "read"
    },
    "events": [
      "push",
      "pull_request"
    ],
    "single_file_name": "config.yaml",
    "has_multiple_single_files": true,
    "single_file_paths": [
      "config.yml",
      ".github/issue_TEMPLATE.md"
    ],
    "repository_selection": "selected",
    "created_at": "2017-07-08T16:18:44-04:00",
    "updated_at": "2017-07-08T16:18:44-04:00",
    "app_slug": "github-actions",
    "suspended_at": null,
    "suspended_by": null
  }
]

Notes

Get an installation for the authenticated app

Enables an authenticated GitHub App to find an installation's information using the installation id. The installation's account type (target_type) will be either an organization or a user account, depending which account the repository belongs to.

You must use a JWT to access this endpoint.

get /app/installations/{installation_id}

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
installation_id integer path

installation_id parameter

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/installations/42
JavaScript (@octokit/core.js)
await octokit.request('GET /app/installations/{installation_id}', {
  installation_id: 42
})

Response

Status: 200 OK
{
  "id": 1,
  "account": {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "repos_url": "https://api.github.com/users/octocat/repos",
    "events_url": "https://api.github.com/users/octocat/events{/privacy}",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "User",
    "site_admin": false
  },
  "access_tokens_url": "https://api.github.com/installations/1/access_tokens",
  "repositories_url": "https://api.github.com/installation/repositories",
  "html_url": "https://github.com/organizations/github/settings/installations/1",
  "app_id": 1,
  "target_id": 1,
  "target_type": "Organization",
  "permissions": {
    "checks": "write",
    "metadata": "read",
    "contents": "read"
  },
  "events": [
    "push",
    "pull_request"
  ],
  "single_file_name": "config.yaml",
  "has_multiple_single_files": true,
  "single_file_paths": [
    "config.yml",
    ".github/issue_TEMPLATE.md"
  ],
  "repository_selection": "selected",
  "created_at": "2017-07-08T16:18:44-04:00",
  "updated_at": "2017-07-08T16:18:44-04:00",
  "app_slug": "github-actions",
  "suspended_at": null,
  "suspended_by": null
}

Resource not found

Status: 404 Not Found

Preview header missing

Status: 415 Unsupported Media Type

Notes

Delete an installation for the authenticated app

Uninstalls a GitHub App on a user, organization, or business account. If you prefer to temporarily suspend an app's access to your account's resources, then we recommend the "Suspend an app installation" endpoint.

You must use a JWT to access this endpoint.

delete /app/installations/{installation_id}

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
installation_id integer path

installation_id parameter

Code samples

Shell
curl \
  -X DELETE \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/installations/42
JavaScript (@octokit/core.js)
await octokit.request('DELETE /app/installations/{installation_id}', {
  installation_id: 42
})

Response

Status: 204 No Content

Resource not found

Status: 404 Not Found

Create an installation access token for an app

Creates an installation access token that enables a GitHub App to make authenticated API requests for the app's installation on an organization or individual account. Installation tokens expire one hour from the time you create them. Using an expired token produces a status code of 401 - Unauthorized, and requires creating a new installation token. By default the installation token has access to all repositories that the installation can access. To restrict the access to specific repositories, you can provide the repository_ids when creating the token. When you omit repository_ids, the response does not contain the repositories key.

You must use a JWT to access this endpoint.

post /app/installations/{installation_id}/access_tokens

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
installation_id integer path

installation_id parameter
repositories array of strings body

List of repository names that the token should have access to
repository_ids array of integers body

List of repository IDs that the token should have access to
permissions object body

The permissions granted to the user-to-server access token.
Properties of the permissions object
actions (string)

The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts. Can be one of: read or write.
administration (string)

The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation. Can be one of: read or write.
checks (string)

The level of permission to grant the access token for checks on code. Can be one of: read or write.
content_references (string)

The level of permission to grant the access token for notification of content references and creation content attachments. Can be one of: read or write.
contents (string)

The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges. Can be one of: read or write.
deployments (string)

The level of permission to grant the access token for deployments and deployment statuses. Can be one of: read or write.
environments (string)

The level of permission to grant the access token for managing repository environments. Can be one of: read or write.
issues (string)

The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones. Can be one of: read or write.
metadata (string)

The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata. Can be one of: read or write.
packages (string)

The level of permission to grant the access token for packages published to GitHub Packages. Can be one of: read or write.
pages (string)

The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds. Can be one of: read or write.
pull_requests (string)

The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges. Can be one of: read or write.
repository_hooks (string)

The level of permission to grant the access token to manage the post-receive hooks for a repository. Can be one of: read or write.
repository_projects (string)

The level of permission to grant the access token to manage repository projects, columns, and cards. Can be one of: read, write, or admin.
secret_scanning_alerts (string)

The level of permission to grant the access token to view and manage secret scanning alerts. Can be one of: read or write.
secrets (string)

The level of permission to grant the access token to manage repository secrets. Can be one of: read or write.
security_events (string)

The level of permission to grant the access token to view and manage security events like code scanning alerts. Can be one of: read or write.
single_file (string)

The level of permission to grant the access token to manage just a single file. Can be one of: read or write.
statuses (string)

The level of permission to grant the access token for commit statuses. Can be one of: read or write.
vulnerability_alerts (string)

The level of permission to grant the access token to retrieve Dependabot alerts. Can be one of: read.
workflows (string)

The level of permission to grant the access token to update GitHub Actions workflow files. Can be one of: write.
members (string)

The level of permission to grant the access token for organization teams and members. Can be one of: read or write.
organization_administration (string)

The level of permission to grant the access token to manage access to an organization. Can be one of: read or write.
organization_hooks (string)

The level of permission to grant the access token to manage the post-receive hooks for an organization. Can be one of: read or write.
organization_plan (string)

The level of permission to grant the access token for viewing an organization's plan. Can be one of: read.
organization_projects (string)

The level of permission to grant the access token to manage organization projects, columns, and cards. Can be one of: read, write, or admin.
organization_packages (string)

The level of permission to grant the access token for organization packages published to GitHub Packages. Can be one of: read or write.
organization_secrets (string)

The level of permission to grant the access token to manage organization secrets. Can be one of: read or write.
organization_self_hosted_runners (string)

The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization. Can be one of: read or write.
organization_user_blocking (string)

The level of permission to grant the access token to view and manage users blocked by the organization. Can be one of: read or write.
team_discussions (string)

The level of permission to grant the access token to manage team discussions and related comments. Can be one of: read or write.

Code samples

Shell
curl \
  -X POST \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/installations/42/access_tokens \
  -d '{"repositories":["repositories"]}'
JavaScript (@octokit/core.js)
await octokit.request('POST /app/installations/{installation_id}/access_tokens', {
  installation_id: 42,
  repositories: [
    'repositories'
  ]
})

Response

Status: 201 Created
{
  "token": "ghs_16C7e42F292c6912E7710c838347Ae178B4a",
  "expires_at": "2016-07-11T22:14:10Z",
  "permissions": {
    "issues": "write",
    "contents": "read"
  },
  "repository_selection": "selected",
  "repositories": [
    {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://api.github.com/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://api.github.com/users/octocat/followers",
        "following_url": "https://api.github.com/users/octocat/following{/other_user}",
        "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
        "organizations_url": "https://api.github.com/users/octocat/orgs",
        "repos_url": "https://api.github.com/users/octocat/repos",
        "events_url": "https://api.github.com/users/octocat/events{/privacy}",
        "received_events_url": "https://api.github.com/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://api.github.com/repos/octocat/Hello-World",
      "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
      "events_url": "https://api.github.com/repos/octocat/Hello-World/events",
      "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
      "git_url": "git:github.com/octocat/Hello-World.git",
      "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
      "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
      "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
      "ssh_url": "[email protected]:octocat/Hello-World.git",
      "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
      "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
      "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
      "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
      "clone_url": "https://github.com/octocat/Hello-World.git",
      "mirror_url": "git:git.example.com/octocat/Hello-World",
      "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks",
      "svn_url": "https://svn.github.com/octocat/Hello-World",
      "homepage": "https://github.com",
      "language": null,
      "forks_count": 9,
      "stargazers_count": 80,
      "watchers_count": 80,
      "size": 108,
      "default_branch": "master",
      "open_issues_count": 0,
      "is_template": true,
      "topics": [
        "octocat",
        "atom",
        "electron",
        "api"
      ],
      "has_issues": true,
      "has_projects": true,
      "has_wiki": true,
      "has_pages": false,
      "has_downloads": true,
      "archived": false,
      "disabled": false,
      "visibility": "public",
      "pushed_at": "2011-01-26T19:06:43Z",
      "created_at": "2011-01-26T19:01:12Z",
      "updated_at": "2011-01-26T19:14:43Z",
      "permissions": {
        "admin": false,
        "push": false,
        "pull": true
      },
      "allow_rebase_merge": true,
      "template_repository": null,
      "temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
      "allow_squash_merge": true,
      "allow_auto_merge": false,
      "delete_branch_on_merge": true,
      "allow_merge_commit": true,
      "subscribers_count": 42,
      "network_count": 0,
      "license": {
        "key": "mit",
        "name": "MIT License",
        "url": "https://api.github.com/licenses/mit",
        "spdx_id": "MIT",
        "node_id": "MDc6TGljZW5zZW1pdA==",
        "html_url": "https://github.com/licenses/mit"
      },
      "forks": 1,
      "open_issues": 1,
      "watchers": 1
    }
  ]
}

Requires authentication

Status: 401 Unauthorized

Forbidden

Status: 403 Forbidden

Resource not found

Status: 404 Not Found

Preview header missing

Status: 415 Unsupported Media Type

Validation failed

Status: 422 Unprocessable Entity

Notes

Suspend an app installation

Suspends a GitHub App on a user, organization, or business account, which blocks the app from accessing the account's resources. When a GitHub App is suspended, the app's access to the GitHub API or webhook events is blocked for that account.

You must use a JWT to access this endpoint.

put /app/installations/{installation_id}/suspended

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
installation_id integer path

installation_id parameter

Code samples

Shell
curl \
  -X PUT \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/installations/42/suspended
JavaScript (@octokit/core.js)
await octokit.request('PUT /app/installations/{installation_id}/suspended', {
  installation_id: 42
})

Response

Status: 204 No Content

Resource not found

Status: 404 Not Found

Unsuspend an app installation

Removes a GitHub App installation suspension.

You must use a JWT to access this endpoint.

delete /app/installations/{installation_id}/suspended

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
installation_id integer path

installation_id parameter

Code samples

Shell
curl \
  -X DELETE \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/installations/42/suspended
JavaScript (@octokit/core.js)
await octokit.request('DELETE /app/installations/{installation_id}/suspended', {
  installation_id: 42
})

Response

Status: 204 No Content

Resource not found

Status: 404 Not Found

Get an app

Note: The :app_slug is just the URL-friendly name of your GitHub App. You can find this on the settings page for your GitHub App (e.g., https://github.com/settings/apps/:app_slug).

If the GitHub App you specify is public, you can access this endpoint without authenticating. If the GitHub App you specify is private, you must authenticate with a personal access token or an installation access token to access this endpoint.

get /apps/{app_slug}

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
app_slug string path

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/apps/APP_SLUG
JavaScript (@octokit/core.js)
await octokit.request('GET /apps/{app_slug}', {
  app_slug: 'app_slug'
})

Response

Status: 200 OK
{
  "id": 1,
  "slug": "octoapp",
  "node_id": "MDExOkludGVncmF0aW9uMQ==",
  "owner": {
    "login": "github",
    "id": 1,
    "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
    "url": "https://api.github.com/orgs/github",
    "repos_url": "https://api.github.com/orgs/github/repos",
    "events_url": "https://api.github.com/orgs/github/events",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "User",
    "site_admin": true
  },
  "name": "Octocat App",
  "description": "",
  "external_url": "https://example.com",
  "html_url": "https://github.com/apps/octoapp",
  "created_at": "2017-07-08T16:18:44-04:00",
  "updated_at": "2017-07-08T16:18:44-04:00",
  "permissions": {
    "metadata": "read",
    "contents": "read",
    "issues": "write",
    "single_file": "write"
  },
  "events": [
    "push",
    "pull_request"
  ]
}

Forbidden

Status: 403 Forbidden

Resource not found

Status: 404 Not Found

Preview header missing

Status: 415 Unsupported Media Type

Notes

Get an organization installation for the authenticated app

Enables an authenticated GitHub App to find the organization's installation information.

You must use a JWT to access this endpoint.

get /orgs/{org}/installation

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
org string path

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/orgs/ORG/installation
JavaScript (@octokit/core.js)
await octokit.request('GET /orgs/{org}/installation', {
  org: 'org'
})

Response

Status: 200 OK
{
  "id": 1,
  "account": {
    "login": "github",
    "id": 1,
    "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
    "avatar_url": "https://github.com/images/error/hubot_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/orgs/github",
    "html_url": "https://github.com/github",
    "followers_url": "https://api.github.com/users/github/followers",
    "following_url": "https://api.github.com/users/github/following{/other_user}",
    "gists_url": "https://api.github.com/users/github/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/github/subscriptions",
    "organizations_url": "https://api.github.com/users/github/orgs",
    "repos_url": "https://api.github.com/orgs/github/repos",
    "events_url": "https://api.github.com/orgs/github/events",
    "received_events_url": "https://api.github.com/users/github/received_events",
    "type": "Organization",
    "site_admin": false
  },
  "repository_selection": "all",
  "access_tokens_url": "https://api.github.com/installations/1/access_tokens",
  "repositories_url": "https://api.github.com/installation/repositories",
  "html_url": "https://github.com/organizations/github/settings/installations/1",
  "app_id": 1,
  "target_id": 1,
  "target_type": "Organization",
  "permissions": {
    "checks": "write",
    "metadata": "read",
    "contents": "read"
  },
  "events": [
    "push",
    "pull_request"
  ],
  "created_at": "2018-02-09T20:51:14Z",
  "updated_at": "2018-02-09T20:51:14Z",
  "single_file_name": "config.yml",
  "has_multiple_single_files": true,
  "single_file_paths": [
    "config.yml",
    ".github/issue_TEMPLATE.md"
  ],
  "app_slug": "github-actions",
  "suspended_at": null,
  "suspended_by": null
}

Get a repository installation for the authenticated app

Enables an authenticated GitHub App to find the repository's installation information. The installation's account type will be either an organization or a user account, depending which account the repository belongs to.

You must use a JWT to access this endpoint.

get /repos/{owner}/{repo}/installation

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
owner string path
repo string path

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/repos/octocat/hello-world/installation
JavaScript (@octokit/core.js)
await octokit.request('GET /repos/{owner}/{repo}/installation', {
  owner: 'octocat',
  repo: 'hello-world'
})

Response

Status: 200 OK
{
  "id": 1,
  "account": {
    "login": "github",
    "id": 1,
    "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
    "avatar_url": "https://github.com/images/error/hubot_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/orgs/github",
    "html_url": "https://github.com/github",
    "followers_url": "https://api.github.com/users/github/followers",
    "following_url": "https://api.github.com/users/github/following{/other_user}",
    "gists_url": "https://api.github.com/users/github/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/github/subscriptions",
    "organizations_url": "https://api.github.com/users/github/orgs",
    "repos_url": "https://api.github.com/orgs/github/repos",
    "events_url": "https://api.github.com/orgs/github/events",
    "received_events_url": "https://api.github.com/users/github/received_events",
    "type": "Organization",
    "site_admin": false
  },
  "repository_selection": "all",
  "access_tokens_url": "https://api.github.com/installations/1/access_tokens",
  "repositories_url": "https://api.github.com/installation/repositories",
  "html_url": "https://github.com/organizations/github/settings/installations/1",
  "app_id": 1,
  "target_id": 1,
  "target_type": "Organization",
  "permissions": {
    "checks": "write",
    "metadata": "read",
    "contents": "read"
  },
  "events": [
    "push",
    "pull_request"
  ],
  "created_at": "2018-02-09T20:51:14Z",
  "updated_at": "2018-02-09T20:51:14Z",
  "single_file_name": "config.yml",
  "has_multiple_single_files": true,
  "single_file_paths": [
    "config.yml",
    ".github/issue_TEMPLATE.md"
  ],
  "app_slug": "github-actions",
  "suspended_at": null,
  "suspended_by": null
}

Moved permanently

Status: 301 Moved Permanently

Resource not found

Status: 404 Not Found

Get a user installation for the authenticated app

Enables an authenticated GitHub App to find the user’s installation information.

You must use a JWT to access this endpoint.

get /users/{username}/installation

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
username string path

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/users/USERNAME/installation
JavaScript (@octokit/core.js)
await octokit.request('GET /users/{username}/installation', {
  username: 'username'
})

Response

Status: 200 OK
{
  "id": 1,
  "account": {
    "login": "github",
    "id": 1,
    "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
    "avatar_url": "https://github.com/images/error/hubot_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/orgs/github",
    "html_url": "https://github.com/github",
    "followers_url": "https://api.github.com/users/github/followers",
    "following_url": "https://api.github.com/users/github/following{/other_user}",
    "gists_url": "https://api.github.com/users/github/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/github/subscriptions",
    "organizations_url": "https://api.github.com/users/github/orgs",
    "repos_url": "https://api.github.com/orgs/github/repos",
    "events_url": "https://api.github.com/orgs/github/events",
    "received_events_url": "https://api.github.com/users/github/received_events",
    "type": "Organization",
    "site_admin": false
  },
  "repository_selection": "all",
  "access_tokens_url": "https://api.github.com/installations/1/access_tokens",
  "repositories_url": "https://api.github.com/installation/repositories",
  "html_url": "https://github.com/organizations/github/settings/installations/1",
  "app_id": 1,
  "target_id": 1,
  "target_type": "Organization",
  "permissions": {
    "checks": "write",
    "metadata": "read",
    "contents": "read"
  },
  "events": [
    "push",
    "pull_request"
  ],
  "created_at": "2018-02-09T20:51:14Z",
  "updated_at": "2018-02-09T20:51:14Z",
  "single_file_name": "config.yml",
  "has_multiple_single_files": true,
  "single_file_paths": [
    "config.yml",
    ".github/issue_TEMPLATE.md"
  ],
  "app_slug": "github-actions",
  "suspended_at": null,
  "suspended_by": null
}

OAuth Applications API

You can use this API to manage the OAuth tokens an OAuth application uses to access people's GitHub accounts.

Delete an app authorization

OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password. You must also provide a valid OAuth access_token as an input parameter and the grant for the token's owner will be deleted. Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on the application authorizations settings screen within GitHub.

delete /applications/{client_id}/grant

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
client_id string path

The client ID of your GitHub app.
access_token string body

The OAuth access token used to authenticate to the GitHub API.

Code samples

Shell
curl \
  -X DELETE \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/applications/CLIENT_ID/grant \
  -d '{"access_token":"access_token"}'
JavaScript (@octokit/core.js)
await octokit.request('DELETE /applications/{client_id}/grant', {
  client_id: 'client_id',
  access_token: 'access_token'
})

Response

Status: 204 No Content

Validation failed

Status: 422 Unprocessable Entity

Revoke a grant for an application

Deprecation Notice: GitHub will discontinue OAuth endpoints that contain access_token in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving access_token to the request body. For more information, see the blog post.

OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password. You must also provide a valid token as :access_token and the grant for the token's owner will be deleted.

Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on the Applications settings page under "Authorized OAuth Apps" on GitHub.

delete /applications/{client_id}/grants/{access_token}

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
client_id string path

The client ID of your GitHub app.
access_token string path

Code samples

Shell
curl \
  -X DELETE \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/applications/CLIENT_ID/grants/ACCESS_TOKEN
JavaScript (@octokit/core.js)
await octokit.request('DELETE /applications/{client_id}/grants/{access_token}', {
  client_id: 'client_id',
  access_token: 'access_token'
})

Response

Status: 204 No Content

Check a token

OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use Basic Authentication to use this endpoint, where the username is the OAuth application client_id and the password is its client_secret. Invalid tokens will return 404 NOT FOUND.

post /applications/{client_id}/token

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
client_id string path

The client ID of your GitHub app.
access_token string body

Required. The access_token of the OAuth application.

Code samples

Shell
curl \
  -X POST \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/applications/CLIENT_ID/token \
  -d '{"access_token":"access_token"}'
JavaScript (@octokit/core.js)
await octokit.request('POST /applications/{client_id}/token', {
  client_id: 'client_id',
  access_token: 'access_token'
})

Response

Status: 200 OK
{
  "id": 1,
  "url": "https://api.github.com/authorizations/1",
  "scopes": [
    "public_repo",
    "user"
  ],
  "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
  "token_last_eight": "Ae178B4a",
  "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
  "app": {
    "url": "http://my-github-app.com",
    "name": "my github app",
    "client_id": "abcde12345fghij67890"
  },
  "note": "optional note",
  "note_url": "http://optional/note/url",
  "updated_at": "2011-09-06T20:39:23Z",
  "created_at": "2011-09-06T17:26:27Z",
  "fingerprint": "jklmnop12345678",
  "user": {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "repos_url": "https://api.github.com/users/octocat/repos",
    "events_url": "https://api.github.com/users/octocat/events{/privacy}",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "User",
    "site_admin": false
  }
}

Resource not found

Status: 404 Not Found

Validation failed

Status: 422 Unprocessable Entity

Reset a token

OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the "token" property in the response because changes take effect immediately. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password. Invalid tokens will return 404 NOT FOUND.

patch /applications/{client_id}/token

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
client_id string path

The client ID of your GitHub app.
access_token string body

Required. The access_token of the OAuth application.

Code samples

Shell
curl \
  -X PATCH \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/applications/CLIENT_ID/token \
  -d '{"access_token":"access_token"}'
JavaScript (@octokit/core.js)
await octokit.request('PATCH /applications/{client_id}/token', {
  client_id: 'client_id',
  access_token: 'access_token'
})

Response

Status: 200 OK
{
  "id": 1,
  "url": "https://api.github.com/authorizations/1",
  "scopes": [
    "public_repo",
    "user"
  ],
  "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
  "token_last_eight": "Ae178B4a",
  "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
  "app": {
    "url": "http://my-github-app.com",
    "name": "my github app",
    "client_id": "abcde12345fghij67890"
  },
  "note": "optional note",
  "note_url": "http://optional/note/url",
  "updated_at": "2011-09-06T20:39:23Z",
  "created_at": "2011-09-06T17:26:27Z",
  "fingerprint": "jklmnop12345678",
  "user": {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "repos_url": "https://api.github.com/users/octocat/repos",
    "events_url": "https://api.github.com/users/octocat/events{/privacy}",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "User",
    "site_admin": false
  }
}

Validation failed

Status: 422 Unprocessable Entity

Delete an app token

OAuth application owners can revoke a single token for an OAuth application. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password.

delete /applications/{client_id}/token

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
client_id string path

The client ID of your GitHub app.
access_token string body

Required. The OAuth access token used to authenticate to the GitHub API.

Code samples

Shell
curl \
  -X DELETE \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/applications/CLIENT_ID/token \
  -d '{"access_token":"access_token"}'
JavaScript (@octokit/core.js)
await octokit.request('DELETE /applications/{client_id}/token', {
  client_id: 'client_id',
  access_token: 'access_token'
})

Response

Status: 204 No Content

Validation failed

Status: 422 Unprocessable Entity

Create a scoped access token

Use a non-scoped user-to-server OAuth access token to create a repository scoped and/or permission scoped user-to-server OAuth access token. You can specify which repositories the token can access and which permissions are granted to the token. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password. Invalid tokens will return 404 NOT FOUND.

post /applications/{client_id}/token/scoped

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
client_id string path

The client ID of your GitHub app.
access_token string body

Required. The OAuth access token used to authenticate to the GitHub API.
target string body

The name of the user or organization to scope the user-to-server access token to. Required unless target_id is specified.
target_id integer body

The ID of the user or organization to scope the user-to-server access token to. Required unless target is specified.
repositories array of strings body

The list of repository names to scope the user-to-server access token to. repositories may not be specified if repository_ids is specified.
repository_ids array of integers body

The list of repository IDs to scope the user-to-server access token to. repository_ids may not be specified if repositories is specified.
permissions object body

The permissions granted to the user-to-server access token.
Properties of the permissions object
actions (string)

The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts. Can be one of: read or write.
administration (string)

The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation. Can be one of: read or write.
checks (string)

The level of permission to grant the access token for checks on code. Can be one of: read or write.
content_references (string)

The level of permission to grant the access token for notification of content references and creation content attachments. Can be one of: read or write.
contents (string)

The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges. Can be one of: read or write.
deployments (string)

The level of permission to grant the access token for deployments and deployment statuses. Can be one of: read or write.
environments (string)

The level of permission to grant the access token for managing repository environments. Can be one of: read or write.
issues (string)

The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones. Can be one of: read or write.
metadata (string)

The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata. Can be one of: read or write.
packages (string)

The level of permission to grant the access token for packages published to GitHub Packages. Can be one of: read or write.
pages (string)

The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds. Can be one of: read or write.
pull_requests (string)

The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges. Can be one of: read or write.
repository_hooks (string)

The level of permission to grant the access token to manage the post-receive hooks for a repository. Can be one of: read or write.
repository_projects (string)

The level of permission to grant the access token to manage repository projects, columns, and cards. Can be one of: read, write, or admin.
secret_scanning_alerts (string)

The level of permission to grant the access token to view and manage secret scanning alerts. Can be one of: read or write.
secrets (string)

The level of permission to grant the access token to manage repository secrets. Can be one of: read or write.
security_events (string)

The level of permission to grant the access token to view and manage security events like code scanning alerts. Can be one of: read or write.
single_file (string)

The level of permission to grant the access token to manage just a single file. Can be one of: read or write.
statuses (string)

The level of permission to grant the access token for commit statuses. Can be one of: read or write.
vulnerability_alerts (string)

The level of permission to grant the access token to retrieve Dependabot alerts. Can be one of: read.
workflows (string)

The level of permission to grant the access token to update GitHub Actions workflow files. Can be one of: write.
members (string)

The level of permission to grant the access token for organization teams and members. Can be one of: read or write.
organization_administration (string)

The level of permission to grant the access token to manage access to an organization. Can be one of: read or write.
organization_hooks (string)

The level of permission to grant the access token to manage the post-receive hooks for an organization. Can be one of: read or write.
organization_plan (string)

The level of permission to grant the access token for viewing an organization's plan. Can be one of: read.
organization_projects (string)

The level of permission to grant the access token to manage organization projects, columns, and cards. Can be one of: read, write, or admin.
organization_packages (string)

The level of permission to grant the access token for organization packages published to GitHub Packages. Can be one of: read or write.
organization_secrets (string)

The level of permission to grant the access token to manage organization secrets. Can be one of: read or write.
organization_self_hosted_runners (string)

The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization. Can be one of: read or write.
organization_user_blocking (string)

The level of permission to grant the access token to view and manage users blocked by the organization. Can be one of: read or write.
team_discussions (string)

The level of permission to grant the access token to manage team discussions and related comments. Can be one of: read or write.

Code samples

Shell
curl \
  -X POST \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/applications/CLIENT_ID/token/scoped \
  -d '{"access_token":"access_token"}'
JavaScript (@octokit/core.js)
await octokit.request('POST /applications/{client_id}/token/scoped', {
  client_id: 'client_id',
  access_token: 'access_token'
})

Response

Status: 200 OK
{
  "id": 1,
  "url": "https://api.github.com/authorizations/1",
  "scopes": [],
  "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
  "token_last_eight": "Ae178B4a",
  "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
  "app": {
    "url": "http://my-github-app.com",
    "name": "my github app",
    "client_id": "abcde12345fghij67890"
  },
  "note": "optional note",
  "note_url": "http://optional/note/url",
  "updated_at": "2011-09-06T20:39:23Z",
  "created_at": "2011-09-06T17:26:27Z",
  "fingerprint": "jklmnop12345678",
  "user": {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "repos_url": "https://api.github.com/users/octocat/repos",
    "events_url": "https://api.github.com/users/octocat/events{/privacy}",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "User",
    "site_admin": false
  },
  "installation": {
    "permissions": {
      "metadata": "read",
      "issues": "write",
      "contents": "read"
    },
    "repository_selection": "selected",
    "single_file_name": ".github/workflow.yml",
    "repositories_url": "https://api.github.com/user/repos",
    "account": {
      "login": "octocat",
      "id": 1,
      "node_id": "MDQ6VXNlcjE=",
      "avatar_url": "https://github.com/images/error/octocat_happy.gif",
      "gravatar_id": "",
      "url": "https://api.github.com/users/octocat",
      "html_url": "https://github.com/octocat",
      "followers_url": "https://api.github.com/users/octocat/followers",
      "following_url": "https://api.github.com/users/octocat/following{/other_user}",
      "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
      "organizations_url": "https://api.github.com/users/octocat/orgs",
      "repos_url": "https://api.github.com/users/octocat/repos",
      "events_url": "https://api.github.com/users/octocat/events{/privacy}",
      "received_events_url": "https://api.github.com/users/octocat/received_events",
      "type": "User",
      "site_admin": false
    },
    "has_multiple_single_files": false,
    "single_file_paths": []
  }
}

Requires authentication

Status: 401 Unauthorized

Forbidden

Status: 403 Forbidden

Resource not found

Status: 404 Not Found

Validation failed

Status: 422 Unprocessable Entity

Check an authorization

Deprecation Notice: GitHub will discontinue OAuth endpoints that contain access_token in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving access_token to the request body. For more information, see the blog post.

OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password. Invalid tokens will return 404 NOT FOUND.

get /applications/{client_id}/tokens/{access_token}

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
client_id string path

The client ID of your GitHub app.
access_token string path

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/applications/CLIENT_ID/tokens/ACCESS_TOKEN
JavaScript (@octokit/core.js)
await octokit.request('GET /applications/{client_id}/tokens/{access_token}', {
  client_id: 'client_id',
  access_token: 'access_token'
})

Response

Status: 200 OK
{
  "id": 1,
  "url": "https://api.github.com/authorizations/1",
  "scopes": [
    "public_repo",
    "user"
  ],
  "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
  "token_last_eight": "Ae178B4a",
  "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
  "app": {
    "url": "http://my-github-app.com",
    "name": "my github app",
    "client_id": "abcde12345fghij67890"
  },
  "note": "optional note",
  "note_url": "http://optional/note/url",
  "updated_at": "2011-09-06T20:39:23Z",
  "created_at": "2011-09-06T17:26:27Z",
  "fingerprint": "jklmnop12345678",
  "user": {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "repos_url": "https://api.github.com/users/octocat/repos",
    "events_url": "https://api.github.com/users/octocat/events{/privacy}",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "User",
    "site_admin": false
  }
}

Resource not found

Status: 404 Not Found

Reset an authorization

Deprecation Notice: GitHub will discontinue OAuth endpoints that contain access_token in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving access_token to the request body. For more information, see the blog post.

OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the "token" property in the response because changes take effect immediately. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password. Invalid tokens will return 404 NOT FOUND.

post /applications/{client_id}/tokens/{access_token}

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
client_id string path

The client ID of your GitHub app.
access_token string path

Code samples

Shell
curl \
  -X POST \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/applications/CLIENT_ID/tokens/ACCESS_TOKEN
JavaScript (@octokit/core.js)
await octokit.request('POST /applications/{client_id}/tokens/{access_token}', {
  client_id: 'client_id',
  access_token: 'access_token'
})

Response

Status: 200 OK
{
  "id": 1,
  "url": "https://api.github.com/authorizations/1",
  "scopes": [
    "public_repo",
    "user"
  ],
  "token": "ghu_16C7e42F292c6912E7710c838347Ae178B4a",
  "token_last_eight": "Ae178B4a",
  "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
  "app": {
    "url": "http://my-github-app.com",
    "name": "my github app",
    "client_id": "abcde12345fghij67890"
  },
  "note": "optional note",
  "note_url": "http://optional/note/url",
  "updated_at": "2011-09-06T20:39:23Z",
  "created_at": "2011-09-06T17:26:27Z",
  "fingerprint": "jklmnop12345678",
  "user": {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "repos_url": "https://api.github.com/users/octocat/repos",
    "events_url": "https://api.github.com/users/octocat/events{/privacy}",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "User",
    "site_admin": false
  }
}

Revoke an authorization for an application

Deprecation Notice: GitHub will discontinue OAuth endpoints that contain access_token in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving access_token to the request body. For more information, see the blog post.

OAuth application owners can revoke a single token for an OAuth application. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password.

delete /applications/{client_id}/tokens/{access_token}

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
client_id string path

The client ID of your GitHub app.
access_token string path

Code samples

Shell
curl \
  -X DELETE \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/applications/CLIENT_ID/tokens/ACCESS_TOKEN
JavaScript (@octokit/core.js)
await octokit.request('DELETE /applications/{client_id}/tokens/{access_token}', {
  client_id: 'client_id',
  access_token: 'access_token'
})

Response

Status: 204 No Content

Installations

The Installations API enables you to get information about installations of your GitHub App and perform actions within those installations. An installation refers to any user or organization account that has installed the app. For information on how to authenticate as an installation and limit access to specific repositories, see "Authenticating as an installation."

To list all GitHub App installations for an organization, see "List app installations for an organization."

List repositories accessible to the app installation

List repositories that an app installation can access.

You must use an installation access token to access this endpoint.

get /installation/repositories

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.See preview notice
per_page integer query

Results per page (max 100)

Default: 30
page integer query

Page number of the results to fetch.

Default: 1

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/installation/repositories
JavaScript (@octokit/core.js)
await octokit.request('GET /installation/repositories')

Response

Status: 200 OK
{
  "total_count": 1,
  "repositories": [
    {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://api.github.com/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://api.github.com/users/octocat/followers",
        "following_url": "https://api.github.com/users/octocat/following{/other_user}",
        "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
        "organizations_url": "https://api.github.com/users/octocat/orgs",
        "repos_url": "https://api.github.com/users/octocat/repos",
        "events_url": "https://api.github.com/users/octocat/events{/privacy}",
        "received_events_url": "https://api.github.com/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://api.github.com/repos/octocat/Hello-World",
      "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
      "events_url": "https://api.github.com/repos/octocat/Hello-World/events",
      "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
      "git_url": "git:github.com/octocat/Hello-World.git",
      "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
      "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
      "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
      "ssh_url": "[email protected]:octocat/Hello-World.git",
      "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
      "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
      "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
      "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
      "clone_url": "https://github.com/octocat/Hello-World.git",
      "mirror_url": "git:git.example.com/octocat/Hello-World",
      "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks",
      "svn_url": "https://svn.github.com/octocat/Hello-World",
      "homepage": "https://github.com",
      "language": null,
      "forks_count": 9,
      "stargazers_count": 80,
      "watchers_count": 80,
      "size": 108,
      "default_branch": "master",
      "open_issues_count": 0,
      "is_template": true,
      "topics": [
        "octocat",
        "atom",
        "electron",
        "api"
      ],
      "has_issues": true,
      "has_projects": true,
      "has_wiki": true,
      "has_pages": false,
      "has_downloads": true,
      "archived": false,
      "disabled": false,
      "visibility": "public",
      "pushed_at": "2011-01-26T19:06:43Z",
      "created_at": "2011-01-26T19:01:12Z",
      "updated_at": "2011-01-26T19:14:43Z",
      "allow_rebase_merge": true,
      "template_repository": null,
      "temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
      "allow_squash_merge": true,
      "allow_auto_merge": false,
      "delete_branch_on_merge": true,
      "allow_merge_commit": true,
      "subscribers_count": 42,
      "network_count": 0,
      "license": {
        "key": "mit",
        "name": "MIT License",
        "url": "https://api.github.com/licenses/mit",
        "spdx_id": "MIT",
        "node_id": "MDc6TGljZW5zZW1pdA==",
        "html_url": "https://github.com/licenses/mit"
      },
      "forks": 1,
      "open_issues": 1,
      "watchers": 1
    }
  ]
}

Not modified

Status: 304 Not Modified

Requires authentication

Status: 401 Unauthorized

Forbidden

Status: 403 Forbidden

Notes

Preview notice

The topics property for repositories on GitHub is currently available for developers to preview. To view the topics property in calls that return repository results, you must provide a custom media type in the Accept header:

application/vnd.github.mercy-preview+json

Revoke an installation access token

Revokes the installation token you're using to authenticate as an installation and access this endpoint.

Once an installation token is revoked, the token is invalidated and cannot be used. Other endpoints that require the revoked installation token must have a new installation token to work. You can create a new token using the "Create an installation access token for an app" endpoint.

You must use an installation access token to access this endpoint.

delete /installation/token

Code samples

Shell
curl \
  -X DELETE \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/installation/token
JavaScript (@octokit/core.js)
await octokit.request('DELETE /installation/token')

Response

Status: 204 No Content

Notes

Create a content attachment

Creates an attachment under a content reference URL in the body or comment of an issue or pull request. Use the id and repository full_name of the content reference from the content_reference event to create an attachment.

The app must create a content attachment within six hours of the content reference URL being posted. See "Using content attachments" for details about content attachments.

You must use an installation access token to access this endpoint.

post /repos/{owner}/{repo}/content_references/{content_reference_id}/attachments

Parameters

Name Type In Description
accept string header

This API is under preview and subject to change.See preview notice
owner string path

The owner of the repository. Determined from the repository full_name of the content_reference event.
repo string path

The name of the repository. Determined from the repository full_name of the content_reference event.
content_reference_id integer path

The id of the content_reference event.
title string body

Required. The title of the attachment
body string body

Required. The body of the attachment

Code samples

Shell
curl \
  -X POST \
  -H "Accept: application/vnd.github.corsair-preview+json" \
  https://api.github.com/repos/octocat/hello-world/content_references/42/attachments \
  -d '{"title":"title","body":"body"}'
JavaScript (@octokit/core.js)
await octokit.request('POST /repos/{owner}/{repo}/content_references/{content_reference_id}/attachments', {
  owner: 'octocat',
  repo: 'hello-world',
  content_reference_id: 42,
  title: 'title',
  body: 'body',
  mediaType: {
    previews: [
      'corsair'
    ]
  }
})

Response

Status: 200 OK
{
  "id": 101,
  "title": "[A-1234] Error found in core/models.py file'",
  "body": "You have used an email that already exists for the user_email_uniq field.\n ## DETAILS:\n\nThe (email)=([email protected]) already exists.\n\n The error was found in core/models.py in get_or_create_user at line 62.\n\n self.save()"
}

Not modified

Status: 304 Not Modified

Forbidden

Status: 403 Forbidden

Resource not found

Status: 404 Not Found

Gone

Status: 410 Gone

Preview header missing

Status: 415 Unsupported Media Type

Validation failed

Status: 422 Unprocessable Entity

Notes

Preview notice

To access the Content Attachments API during the preview period, you must provide a custom media type in the Accept header:

application/vnd.github.corsair-preview+json
☝️This header is required.

List app installations accessible to the user access token

Lists installations of your GitHub App that the authenticated user has explicit permission (:read, :write, or :admin) to access.

You must use a user-to-server OAuth access token, created for a user who has authorized your GitHub App, to access this endpoint.

The authenticated user has explicit permission to access repositories they own, repositories where they are a collaborator, and repositories that they can access through an organization membership.

You can find the permissions for the installation under the permissions key.

get /user/installations

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
per_page integer query

Results per page (max 100)

Default: 30
page integer query

Page number of the results to fetch.

Default: 1

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/user/installations
JavaScript (@octokit/core.js)
await octokit.request('GET /user/installations')

You can find the permissions for the installation under the `permissions` key.

Status: 200 OK
{
  "total_count": 2,
  "installations": [
    {
      "id": 1,
      "account": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://api.github.com/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://api.github.com/users/octocat/followers",
        "following_url": "https://api.github.com/users/octocat/following{/other_user}",
        "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
        "organizations_url": "https://api.github.com/users/octocat/orgs",
        "repos_url": "https://api.github.com/users/octocat/repos",
        "events_url": "https://api.github.com/users/octocat/events{/privacy}",
        "received_events_url": "https://api.github.com/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "access_tokens_url": "https://api.github.com/installations/1/access_tokens",
      "repositories_url": "https://api.github.com/installation/repositories",
      "html_url": "https://github.com/organizations/github/settings/installations/1",
      "app_id": 1,
      "target_id": 1,
      "target_type": "Organization",
      "permissions": {
        "checks": "write",
        "metadata": "read",
        "contents": "read"
      },
      "events": [
        "push",
        "pull_request"
      ],
      "single_file_name": "config.yaml",
      "has_multiple_single_files": true,
      "single_file_paths": [
        "config.yml",
        ".github/issue_TEMPLATE.md"
      ],
      "repository_selection": "all",
      "created_at": "2017-07-08T16:18:44-04:00",
      "updated_at": "2017-07-08T16:18:44-04:00",
      "app_slug": "github-actions",
      "suspended_at": null,
      "suspended_by": null
    },
    {
      "id": 3,
      "account": {
        "login": "octocat",
        "id": 2,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://api.github.com/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://api.github.com/users/octocat/followers",
        "following_url": "https://api.github.com/users/octocat/following{/other_user}",
        "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
        "organizations_url": "https://api.github.com/users/octocat/orgs",
        "repos_url": "https://api.github.com/users/octocat/repos",
        "events_url": "https://api.github.com/users/octocat/events{/privacy}",
        "received_events_url": "https://api.github.com/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "access_tokens_url": "https://api.github.com/installations/1/access_tokens",
      "repositories_url": "https://api.github.com/installation/repositories",
      "html_url": "https://github.com/organizations/github/settings/installations/1",
      "app_id": 1,
      "target_id": 1,
      "target_type": "Organization",
      "permissions": {
        "checks": "write",
        "metadata": "read",
        "contents": "read"
      },
      "events": [
        "push",
        "pull_request"
      ],
      "single_file_name": "config.yaml",
      "has_multiple_single_files": true,
      "single_file_paths": [
        "config.yml",
        ".github/issue_TEMPLATE.md"
      ],
      "repository_selection": "all",
      "created_at": "2017-07-08T16:18:44-04:00",
      "updated_at": "2017-07-08T16:18:44-04:00",
      "app_slug": "github-actions",
      "suspended_at": null,
      "suspended_by": null
    }
  ]
}

Not modified

Status: 304 Not Modified

Requires authentication

Status: 401 Unauthorized

Forbidden

Status: 403 Forbidden

Preview header missing

Status: 415 Unsupported Media Type

List repositories accessible to the user access token

List repositories that the authenticated user has explicit permission (:read, :write, or :admin) to access for an installation.

The authenticated user has explicit permission to access repositories they own, repositories where they are a collaborator, and repositories that they can access through an organization membership.

You must use a user-to-server OAuth access token, created for a user who has authorized your GitHub App, to access this endpoint.

The access the user has to each repository is included in the hash under the permissions key.

get /user/installations/{installation_id}/repositories

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.See preview notice
installation_id integer path

installation_id parameter
per_page integer query

Results per page (max 100)

Default: 30
page integer query

Page number of the results to fetch.

Default: 1

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/user/installations/42/repositories
JavaScript (@octokit/core.js)
await octokit.request('GET /user/installations/{installation_id}/repositories', {
  installation_id: 42
})

The access the user has to each repository is included in the hash under the `permissions` key.

Status: 200 OK
{
  "total_count": 1,
  "repositories": [
    {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://api.github.com/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://api.github.com/users/octocat/followers",
        "following_url": "https://api.github.com/users/octocat/following{/other_user}",
        "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
        "organizations_url": "https://api.github.com/users/octocat/orgs",
        "repos_url": "https://api.github.com/users/octocat/repos",
        "events_url": "https://api.github.com/users/octocat/events{/privacy}",
        "received_events_url": "https://api.github.com/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://api.github.com/repos/octocat/Hello-World",
      "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
      "events_url": "https://api.github.com/repos/octocat/Hello-World/events",
      "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
      "git_url": "git:github.com/octocat/Hello-World.git",
      "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
      "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
      "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
      "ssh_url": "[email protected]:octocat/Hello-World.git",
      "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
      "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
      "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
      "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
      "clone_url": "https://github.com/octocat/Hello-World.git",
      "mirror_url": "git:git.example.com/octocat/Hello-World",
      "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks",
      "svn_url": "https://svn.github.com/octocat/Hello-World",
      "homepage": "https://github.com",
      "language": null,
      "forks_count": 9,
      "stargazers_count": 80,
      "watchers_count": 80,
      "size": 108,
      "default_branch": "master",
      "open_issues_count": 0,
      "is_template": true,
      "topics": [
        "octocat",
        "atom",
        "electron",
        "api"
      ],
      "has_issues": true,
      "has_projects": true,
      "has_wiki": true,
      "has_pages": false,
      "has_downloads": true,
      "archived": false,
      "disabled": false,
      "visibility": "public",
      "pushed_at": "2011-01-26T19:06:43Z",
      "created_at": "2011-01-26T19:01:12Z",
      "updated_at": "2011-01-26T19:14:43Z",
      "permissions": {
        "admin": false,
        "push": false,
        "pull": true
      },
      "allow_rebase_merge": true,
      "template_repository": null,
      "temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
      "allow_squash_merge": true,
      "allow_auto_merge": false,
      "delete_branch_on_merge": true,
      "allow_merge_commit": true,
      "subscribers_count": 42,
      "network_count": 0,
      "license": {
        "key": "mit",
        "name": "MIT License",
        "url": "https://api.github.com/licenses/mit",
        "spdx_id": "MIT",
        "node_id": "MDc6TGljZW5zZW1pdA==",
        "html_url": "https://github.com/licenses/mit"
      },
      "forks": 1,
      "open_issues": 1,
      "watchers": 1
    }
  ]
}

Not modified

Status: 304 Not Modified

Forbidden

Status: 403 Forbidden

Resource not found

Status: 404 Not Found

Preview notice

The topics property for repositories on GitHub is currently available for developers to preview. To view the topics property in calls that return repository results, you must provide a custom media type in the Accept header:

application/vnd.github.mercy-preview+json

Add a repository to an app installation

Add a single repository to an installation. The authenticated user must have admin access to the repository.

You must use a personal access token (which you can create via the command line or Basic Authentication) to access this endpoint.

put /user/installations/{installation_id}/repositories/{repository_id}

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
installation_id integer path

installation_id parameter
repository_id integer path

Code samples

Shell
curl \
  -X PUT \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/user/installations/42/repositories/42
JavaScript (@octokit/core.js)
await octokit.request('PUT /user/installations/{installation_id}/repositories/{repository_id}', {
  installation_id: 42,
  repository_id: 42
})

Response

Status: 204 No Content

Not modified

Status: 304 Not Modified

Forbidden

Status: 403 Forbidden

Resource not found

Status: 404 Not Found

Remove a repository from an app installation

Remove a single repository from an installation. The authenticated user must have admin access to the repository.

You must use a personal access token (which you can create via the command line or Basic Authentication) to access this endpoint.

delete /user/installations/{installation_id}/repositories/{repository_id}

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
installation_id integer path

installation_id parameter
repository_id integer path

Code samples

Shell
curl \
  -X DELETE \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/user/installations/42/repositories/42
JavaScript (@octokit/core.js)
await octokit.request('DELETE /user/installations/{installation_id}/repositories/{repository_id}', {
  installation_id: 42,
  repository_id: 42
})

Response

Status: 204 No Content

Not modified

Status: 304 Not Modified

Forbidden

Status: 403 Forbidden

Resource not found

Status: 404 Not Found

Marketplace

For more information about GitHub Marketplace, see "GitHub Marketplace."

The GitHub Marketplace API allows you to see which customers are using a pricing plan, see a customer's purchases, and see if an account has an active subscription.

Testing with stubbed endpoints

This API includes endpoints that allow you to test your GitHub App with stubbed data. Stubbed data is hard-coded, fake data that will not change based on actual subscriptions.

To test with stubbed data, use a stubbed endpoint in place of its production counterpart. This allows you to test whether API logic succeeds before listing GitHub Apps on GitHub Marketplace.

Be sure to replace stubbed endpoints with production endpoints before deploying your GitHub App.

Get a subscription plan for an account

Shows whether the user or organization account actively subscribes to a plan listed by the authenticated GitHub App. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth Apps must use basic authentication with their client ID and client secret to access this endpoint.

get /marketplace_listing/accounts/{account_id}

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
account_id integer path

account_id parameter

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/marketplace_listing/accounts/42
JavaScript (@octokit/core.js)
await octokit.request('GET /marketplace_listing/accounts/{account_id}', {
  account_id: 42
})

Response

Status: 200 OK
{
  "url": "https://api.github.com/orgs/github",
  "type": "Organization",
  "id": 4,
  "login": "github",
  "organization_billing_email": "[email protected]",
  "email": "[email protected]",
  "marketplace_pending_change": {
    "effective_date": "2017-11-11T00:00:00Z",
    "unit_count": null,
    "id": 77,
    "plan": {
      "url": "https://api.github.com/marketplace_listing/plans/1111",
      "accounts_url": "https://api.github.com/marketplace_listing/plans/1111/accounts",
      "id": 1111,
      "number": 2,
      "name": "Startup",
      "description": "A professional-grade CI solution",
      "monthly_price_in_cents": 699,
      "yearly_price_in_cents": 7870,
      "price_model": "flat-rate",
      "has_free_trial": true,
      "state": "published",
      "unit_name": null,
      "bullets": [
        "Up to 10 private repositories",
        "3 concurrent builds"
      ]
    }
  },
  "marketplace_purchase": {
    "billing_cycle": "monthly",
    "next_billing_date": "2017-11-11T00:00:00Z",
    "unit_count": null,
    "on_free_trial": true,
    "free_trial_ends_on": "2017-11-11T00:00:00Z",
    "updated_at": "2017-11-02T01:12:12Z",
    "plan": {
      "url": "https://api.github.com/marketplace_listing/plans/1313",
      "accounts_url": "https://api.github.com/marketplace_listing/plans/1313/accounts",
      "id": 1313,
      "number": 3,
      "name": "Pro",
      "description": "A professional-grade CI solution",
      "monthly_price_in_cents": 1099,
      "yearly_price_in_cents": 11870,
      "price_model": "flat-rate",
      "has_free_trial": true,
      "unit_name": null,
      "state": "published",
      "bullets": [
        "Up to 25 private repositories",
        "11 concurrent builds"
      ]
    }
  }
}

Requires authentication

Status: 401 Unauthorized

Not Found when the account has not purchased the listing

Status: 404 Not Found

List plans

Lists all plans that are part of your GitHub Marketplace listing.

GitHub Apps must use a JWT to access this endpoint. OAuth Apps must use basic authentication with their client ID and client secret to access this endpoint.

get /marketplace_listing/plans

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
per_page integer query

Results per page (max 100)

Default: 30
page integer query

Page number of the results to fetch.

Default: 1

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/marketplace_listing/plans
JavaScript (@octokit/core.js)
await octokit.request('GET /marketplace_listing/plans')

Response

Status: 200 OK
[
  {
    "url": "https://api.github.com/marketplace_listing/plans/1313",
    "accounts_url": "https://api.github.com/marketplace_listing/plans/1313/accounts",
    "id": 1313,
    "number": 3,
    "name": "Pro",
    "description": "A professional-grade CI solution",
    "monthly_price_in_cents": 1099,
    "yearly_price_in_cents": 11870,
    "price_model": "flat-rate",
    "has_free_trial": true,
    "unit_name": null,
    "state": "published",
    "bullets": [
      "Up to 25 private repositories",
      "11 concurrent builds"
    ]
  }
]

Requires authentication

Status: 401 Unauthorized

Resource not found

Status: 404 Not Found

List accounts for a plan

Returns user and organization accounts associated with the specified plan, including free plans. For per-seat pricing, you see the list of accounts that have purchased the plan, including the number of seats purchased. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth Apps must use basic authentication with their client ID and client secret to access this endpoint.

get /marketplace_listing/plans/{plan_id}/accounts

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
plan_id integer path

plan_id parameter
sort string query

One of created (when the repository was starred) or updated (when it was last pushed to).

Default: created
direction string query

To return the oldest accounts first, set to asc. Can be one of asc or desc. Ignored without the sort parameter.
per_page integer query

Results per page (max 100)

Default: 30
page integer query

Page number of the results to fetch.

Default: 1

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/marketplace_listing/plans/42/accounts
JavaScript (@octokit/core.js)
await octokit.request('GET /marketplace_listing/plans/{plan_id}/accounts', {
  plan_id: 42
})

Response

Status: 200 OK
[
  {
    "url": "https://api.github.com/orgs/github",
    "type": "Organization",
    "id": 4,
    "login": "github",
    "organization_billing_email": "[email protected]",
    "marketplace_pending_change": {
      "effective_date": "2017-11-11T00:00:00Z",
      "unit_count": null,
      "id": 77,
      "plan": {
        "url": "https://api.github.com/marketplace_listing/plans/1111",
        "accounts_url": "https://api.github.com/marketplace_listing/plans/1111/accounts",
        "id": 1111,
        "number": 2,
        "name": "Startup",
        "description": "A professional-grade CI solution",
        "monthly_price_in_cents": 699,
        "yearly_price_in_cents": 7870,
        "price_model": "flat-rate",
        "has_free_trial": true,
        "state": "published",
        "unit_name": null,
        "bullets": [
          "Up to 10 private repositories",
          "3 concurrent builds"
        ]
      }
    },
    "marketplace_purchase": {
      "billing_cycle": "monthly",
      "next_billing_date": "2017-11-11T00:00:00Z",
      "unit_count": null,
      "on_free_trial": true,
      "free_trial_ends_on": "2017-11-11T00:00:00Z",
      "updated_at": "2017-11-02T01:12:12Z",
      "plan": {
        "url": "https://api.github.com/marketplace_listing/plans/1313",
        "accounts_url": "https://api.github.com/marketplace_listing/plans/1313/accounts",
        "id": 1313,
        "number": 3,
        "name": "Pro",
        "description": "A professional-grade CI solution",
        "monthly_price_in_cents": 1099,
        "yearly_price_in_cents": 11870,
        "price_model": "flat-rate",
        "has_free_trial": true,
        "unit_name": null,
        "state": "published",
        "bullets": [
          "Up to 25 private repositories",
          "11 concurrent builds"
        ]
      }
    }
  }
]

Requires authentication

Status: 401 Unauthorized

Resource not found

Status: 404 Not Found

Validation failed

Status: 422 Unprocessable Entity

Get a subscription plan for an account (stubbed)

Shows whether the user or organization account actively subscribes to a plan listed by the authenticated GitHub App. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth Apps must use basic authentication with their client ID and client secret to access this endpoint.

get /marketplace_listing/stubbed/accounts/{account_id}

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
account_id integer path

account_id parameter

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/marketplace_listing/stubbed/accounts/42
JavaScript (@octokit/core.js)
await octokit.request('GET /marketplace_listing/stubbed/accounts/{account_id}', {
  account_id: 42
})

Response

Status: 200 OK
{
  "url": "https://api.github.com/orgs/github",
  "type": "Organization",
  "id": 4,
  "login": "github",
  "organization_billing_email": "[email protected]",
  "email": "[email protected]",
  "marketplace_pending_change": {
    "effective_date": "2017-11-11T00:00:00Z",
    "unit_count": null,
    "id": 77,
    "plan": {
      "url": "https://api.github.com/marketplace_listing/plans/1111",
      "accounts_url": "https://api.github.com/marketplace_listing/plans/1111/accounts",
      "id": 1111,
      "number": 2,
      "name": "Startup",
      "description": "A professional-grade CI solution",
      "monthly_price_in_cents": 699,
      "yearly_price_in_cents": 7870,
      "price_model": "flat-rate",
      "has_free_trial": true,
      "state": "published",
      "unit_name": null,
      "bullets": [
        "Up to 10 private repositories",
        "3 concurrent builds"
      ]
    }
  },
  "marketplace_purchase": {
    "billing_cycle": "monthly",
    "next_billing_date": "2017-11-11T00:00:00Z",
    "unit_count": null,
    "on_free_trial": true,
    "free_trial_ends_on": "2017-11-11T00:00:00Z",
    "updated_at": "2017-11-02T01:12:12Z",
    "plan": {
      "url": "https://api.github.com/marketplace_listing/plans/1313",
      "accounts_url": "https://api.github.com/marketplace_listing/plans/1313/accounts",
      "id": 1313,
      "number": 3,
      "name": "Pro",
      "description": "A professional-grade CI solution",
      "monthly_price_in_cents": 1099,
      "yearly_price_in_cents": 11870,
      "price_model": "flat-rate",
      "has_free_trial": true,
      "unit_name": null,
      "state": "published",
      "bullets": [
        "Up to 25 private repositories",
        "11 concurrent builds"
      ]
    }
  }
}

Requires authentication

Status: 401 Unauthorized

Not Found when the account has not purchased the listing

Status: 404 Not Found

List plans (stubbed)

Lists all plans that are part of your GitHub Marketplace listing.

GitHub Apps must use a JWT to access this endpoint. OAuth Apps must use basic authentication with their client ID and client secret to access this endpoint.

get /marketplace_listing/stubbed/plans

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
per_page integer query

Results per page (max 100)

Default: 30
page integer query

Page number of the results to fetch.

Default: 1

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/marketplace_listing/stubbed/plans
JavaScript (@octokit/core.js)
await octokit.request('GET /marketplace_listing/stubbed/plans')

Response

Status: 200 OK
[
  {
    "url": "https://api.github.com/marketplace_listing/plans/1313",
    "accounts_url": "https://api.github.com/marketplace_listing/plans/1313/accounts",
    "id": 1313,
    "number": 3,
    "name": "Pro",
    "description": "A professional-grade CI solution",
    "monthly_price_in_cents": 1099,
    "yearly_price_in_cents": 11870,
    "price_model": "flat-rate",
    "has_free_trial": true,
    "unit_name": null,
    "state": "published",
    "bullets": [
      "Up to 25 private repositories",
      "11 concurrent builds"
    ]
  }
]

Requires authentication

Status: 401 Unauthorized

List accounts for a plan (stubbed)

Returns repository and organization accounts associated with the specified plan, including free plans. For per-seat pricing, you see the list of accounts that have purchased the plan, including the number of seats purchased. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth Apps must use basic authentication with their client ID and client secret to access this endpoint.

get /marketplace_listing/stubbed/plans/{plan_id}/accounts

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
plan_id integer path

plan_id parameter
sort string query

One of created (when the repository was starred) or updated (when it was last pushed to).

Default: created
direction string query

To return the oldest accounts first, set to asc. Can be one of asc or desc. Ignored without the sort parameter.
per_page integer query

Results per page (max 100)

Default: 30
page integer query

Page number of the results to fetch.

Default: 1

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/marketplace_listing/stubbed/plans/42/accounts
JavaScript (@octokit/core.js)
await octokit.request('GET /marketplace_listing/stubbed/plans/{plan_id}/accounts', {
  plan_id: 42
})

Response

Status: 200 OK
[
  {
    "url": "https://api.github.com/orgs/github",
    "type": "Organization",
    "id": 4,
    "login": "github",
    "organization_billing_email": "[email protected]",
    "marketplace_pending_change": {
      "effective_date": "2017-11-11T00:00:00Z",
      "unit_count": null,
      "id": 77,
      "plan": {
        "url": "https://api.github.com/marketplace_listing/plans/1111",
        "accounts_url": "https://api.github.com/marketplace_listing/plans/1111/accounts",
        "id": 1111,
        "number": 2,
        "name": "Startup",
        "description": "A professional-grade CI solution",
        "monthly_price_in_cents": 699,
        "yearly_price_in_cents": 7870,
        "price_model": "flat-rate",
        "has_free_trial": true,
        "state": "published",
        "unit_name": null,
        "bullets": [
          "Up to 10 private repositories",
          "3 concurrent builds"
        ]
      }
    },
    "marketplace_purchase": {
      "billing_cycle": "monthly",
      "next_billing_date": "2017-11-11T00:00:00Z",
      "unit_count": null,
      "on_free_trial": true,
      "free_trial_ends_on": "2017-11-11T00:00:00Z",
      "updated_at": "2017-11-02T01:12:12Z",
      "plan": {
        "url": "https://api.github.com/marketplace_listing/plans/1313",
        "accounts_url": "https://api.github.com/marketplace_listing/plans/1313/accounts",
        "id": 1313,
        "number": 3,
        "name": "Pro",
        "description": "A professional-grade CI solution",
        "monthly_price_in_cents": 1099,
        "yearly_price_in_cents": 11870,
        "price_model": "flat-rate",
        "has_free_trial": true,
        "unit_name": null,
        "state": "published",
        "bullets": [
          "Up to 25 private repositories",
          "11 concurrent builds"
        ]
      }
    }
  }
]

Requires authentication

Status: 401 Unauthorized

List subscriptions for the authenticated user

Lists the active subscriptions for the authenticated user. You must use a user-to-server OAuth access token, created for a user who has authorized your GitHub App, to access this endpoint. . OAuth Apps must authenticate using an OAuth token.

get /user/marketplace_purchases

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
per_page integer query

Results per page (max 100)

Default: 30
page integer query

Page number of the results to fetch.

Default: 1

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/user/marketplace_purchases
JavaScript (@octokit/core.js)
await octokit.request('GET /user/marketplace_purchases')

Response

Status: 200 OK
[
  {
    "billing_cycle": "monthly",
    "next_billing_date": "2017-11-11T00:00:00Z",
    "unit_count": null,
    "on_free_trial": true,
    "free_trial_ends_on": "2017-11-11T00:00:00Z",
    "updated_at": "2017-11-02T01:12:12Z",
    "account": {
      "login": "github",
      "id": 4,
      "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
      "url": "https://api.github.com/orgs/github",
      "email": null,
      "organization_billing_email": "[email protected]",
      "type": "Organization"
    },
    "plan": {
      "url": "https://api.github.com/marketplace_listing/plans/1313",
      "accounts_url": "https://api.github.com/marketplace_listing/plans/1313/accounts",
      "id": 1313,
      "number": 3,
      "name": "Pro",
      "description": "A professional-grade CI solution",
      "monthly_price_in_cents": 1099,
      "yearly_price_in_cents": 11870,
      "price_model": "flat-rate",
      "has_free_trial": true,
      "unit_name": null,
      "state": "published",
      "bullets": [
        "Up to 25 private repositories",
        "11 concurrent builds"
      ]
    }
  }
]

Not modified

Status: 304 Not Modified

Requires authentication

Status: 401 Unauthorized

Resource not found

Status: 404 Not Found

List subscriptions for the authenticated user (stubbed)

Lists the active subscriptions for the authenticated user. You must use a user-to-server OAuth access token, created for a user who has authorized your GitHub App, to access this endpoint. . OAuth Apps must authenticate using an OAuth token.

get /user/marketplace_purchases/stubbed

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
per_page integer query

Results per page (max 100)

Default: 30
page integer query

Page number of the results to fetch.

Default: 1

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/user/marketplace_purchases/stubbed
JavaScript (@octokit/core.js)
await octokit.request('GET /user/marketplace_purchases/stubbed')

Response

Status: 200 OK
[
  {
    "billing_cycle": "monthly",
    "next_billing_date": "2017-11-11T00:00:00Z",
    "unit_count": null,
    "on_free_trial": true,
    "free_trial_ends_on": "2017-11-11T00:00:00Z",
    "updated_at": "2017-11-02T01:12:12Z",
    "account": {
      "login": "github",
      "id": 4,
      "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
      "url": "https://api.github.com/orgs/github",
      "email": null,
      "organization_billing_email": "[email protected]",
      "type": "Organization"
    },
    "plan": {
      "url": "https://api.github.com/marketplace_listing/plans/1313",
      "accounts_url": "https://api.github.com/marketplace_listing/plans/1313/accounts",
      "id": 1313,
      "number": 3,
      "name": "Pro",
      "description": "A professional-grade CI solution",
      "monthly_price_in_cents": 1099,
      "yearly_price_in_cents": 11870,
      "price_model": "flat-rate",
      "has_free_trial": true,
      "unit_name": null,
      "state": "published",
      "bullets": [
        "Up to 25 private repositories",
        "11 concurrent builds"
      ]
    }
  }
]

Not modified

Status: 304 Not Modified

Requires authentication

Status: 401 Unauthorized

Webhooks

A GitHub App's webhook allows you to receive HTTP POST payloads whenever certain events happen for an app. The webhook REST APIs enable you to manage repository, organization, and app webhooks. You can use this API to list webhook deliveries for a webhook, or get and redeliver an individual delivery for a webhook, which can be integrated into an external app or service. You can also use the REST API to change the configuration of the webhook. For example, you can modify the payload URL, content type, SSL verification, and secret. For more information, see:

Get a webhook configuration for an app

Returns the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see "Creating a GitHub App."

You must use a JWT to access this endpoint.

get /app/hook/config

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/hook/config
JavaScript (@octokit/core.js)
await octokit.request('GET /app/hook/config')

Response

Status: 200 OK
{
  "content_type": "json",
  "insecure_ssl": "0",
  "secret": "********",
  "url": "https://example.com/webhook"
}

Update a webhook configuration for an app

Updates the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see "Creating a GitHub App."

You must use a JWT to access this endpoint.

patch /app/hook/config

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
url string body

The URL to which the payloads will be delivered.
content_type string body

The media type used to serialize the payloads. Supported values include json and form. The default is form.
secret string body

If provided, the secret will be used as the key to generate the HMAC hex digest value for delivery signature headers.
insecure_ssl string or number body

Determines whether the SSL certificate of the host for url will be verified when delivering payloads. Supported values include 0 (verification is performed) and 1 (verification is not performed). The default is 0. We strongly recommend not setting this to 1 as you are subject to man-in-the-middle and other attacks.

Code samples

Shell
curl \
  -X PATCH \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/hook/config \
  -d '{"url":"url"}'
JavaScript (@octokit/core.js)
await octokit.request('PATCH /app/hook/config', {
  url: 'url'
})

Response

Status: 200 OK
{
  "content_type": "json",
  "insecure_ssl": "0",
  "secret": "********",
  "url": "https://example.com/webhook"
}

List deliveries for an app webhook

Returns a list of webhook deliveries for the webhook configured for a GitHub App.

You must use a JWT to access this endpoint.

get /app/hook/deliveries

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
per_page integer query

Results per page (max 100)

Default: 30
cursor string query

Used for pagination: the starting delivery from which the page of deliveries is fetched. Refer to the link header for the next and previous page cursors.

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/hook/deliveries
JavaScript (@octokit/core.js)
await octokit.request('GET /app/hook/deliveries')

Response

Status: 200 OK
[
  {
    "id": 12345678,
    "guid": "0b989ba4-242f-11e5-81e1-c7b6966d2516",
    "delivered_at": "2019-06-03T00:57:16Z",
    "redelivery": false,
    "duration": 0.27,
    "status": "OK",
    "status_code": 200,
    "event": "issues",
    "action": "opened",
    "installation_id": 123,
    "repository_id": 456
  },
  {
    "id": 123456789,
    "guid": "0b989ba4-242f-11e5-81e1-c7b6966d2516",
    "delivered_at": "2019-06-04T00:57:16Z",
    "redelivery": true,
    "duration": 0.28,
    "status": "OK",
    "status_code": 200,
    "event": "issues",
    "action": "opened",
    "installation_id": 123,
    "repository_id": 456
  }
]

Bad Request

Status: 400 Bad Request

Validation failed

Status: 422 Unprocessable Entity

Get a delivery for an app webhook

Returns a delivery for the webhook configured for a GitHub App.

You must use a JWT to access this endpoint.

get /app/hook/deliveries/{delivery_id}

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
delivery_id integer path

Code samples

Shell
curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/hook/deliveries/42
JavaScript (@octokit/core.js)
await octokit.request('GET /app/hook/deliveries/{delivery_id}', {
  delivery_id: 42
})

Response

Status: 200 OK
{
  "id": 12345678,
  "guid": "0b989ba4-242f-11e5-81e1-c7b6966d2516",
  "delivered_at": "2019-06-03T00:57:16Z",
  "redelivery": false,
  "duration": 0.27,
  "status": "OK",
  "status_code": 200,
  "event": "issues",
  "action": "opened",
  "installation_id": 123,
  "repository_id": 456,
  "request": {
    "headers": {
      "X-GitHub-Delivery": "0b989ba4-242f-11e5-81e1-c7b6966d2516",
      "X-Hub-Signature-256": "sha256=6dcb09b5b57875f334f61aebed695e2e4193db5e",
      "Accept": "*/*",
      "X-GitHub-Hook-ID": "42",
      "User-Agent": "GitHub-Hookshot/b8c71d8",
      "X-GitHub-Event": "issues",
      "X-GitHub-Hook-Installation-Target-ID": "123",
      "X-GitHub-Hook-Installation-Target-Type": "repository",
      "content-type": "application/json",
      "X-Hub-Signature": "sha1=a84d88e7554fc1fa21bcbc4efae3c782a70d2b9d"
    },
    "payload": {
      "action": "opened",
      "issue": {
        "body": "foo"
      },
      "repository": {
        "id": 123
      }
    }
  },
  "response": {
    "headers": {
      "Content-Type": "text/html;charset=utf-8"
    },
    "payload": "ok"
  }
}

Bad Request

Status: 400 Bad Request

Validation failed

Status: 422 Unprocessable Entity

Redeliver a delivery for an app webhook

Redeliver a delivery for the webhook configured for a GitHub App.

You must use a JWT to access this endpoint.

post /app/hook/deliveries/{delivery_id}/attempts

Parameters

Name Type In Description
accept string header

Setting to application/vnd.github.v3+json is recommended.
delivery_id integer path

Code samples

Shell
curl \
  -X POST \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/hook/deliveries/42/attempts
JavaScript (@octokit/core.js)
await octokit.request('POST /app/hook/deliveries/{delivery_id}/attempts', {
  delivery_id: 42
})

Accepted

Status: 202 Accepted

Bad Request

Status: 400 Bad Request

Validation failed

Status: 422 Unprocessable Entity

Did this doc help you?Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.