We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
GitHub
GitHub REST API - Comprehensive programmatic access to GitHub resources including repositories, issues, pull requests, users, organizations, and more. ## Authentication GitHub supports multiple authentication methods: - **Bearer Token**: Personal Access Tokens (fine-grained or classic), GitHub App tokens, or OAuth tokens. Use `Authorization: Bearer YOUR-TOKEN` header. - **OAuth 2.0**: For GitHub Apps and OAuth Apps. Authorize users via `https://github.com/login/oauth/authorize`. - **Basic A...
Capabilities (1088)
Create configuration for a just-in-time runner for a repository
Generates a configuration that can be passed to the runner application at startup. The authenticated user must have admin access to the repository. OAuth tokens and personal access tokens (classic) need the`repo` scope to use this endpoint.
actions_generate_runner_jitconfig_for_repo(labels, name, owner, repo, runner_group_id, work_folder?)
Add custom labels to a self-hosted runner for a repository
Adds custom labels to a self-hosted runner configured in a repository. Authenticated users must have admin access to the organization to use this endpoint. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_add_custom_labels_to_self_hosted_runner_for_repo(labels, owner, repo, runner_id)
Get a repository variable
Gets a specific variable in a repository. The authenticated user must have collaborator access to the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_repo_variable(name, owner, repo) -> {created_at, name, updated_at, value}
Add a self-hosted runner to a group for an organization
Adds a self-hosted runner to a runner group configured in an organization. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_add_self_hosted_runner_to_group_for_org(org, runner_group_id, runner_id)
Create a self-hosted runner group for an organization
Creates a new self-hosted runner group for an organization. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_create_self_hosted_runner_group_for_org(name, org, allows_public_repositories?, network_configuration_id?, restricted_to_workflows?, runners?, selected_repository_ids?, selected_workflows?, visibility?) -> {allows_public_repositories, default, hosted_runners_url, id, ...}
Delete a workflow run
Deletes a specific workflow run. Anyone with write access to the repository can use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_workflow_run(owner, repo, run_id)
Get a repository webhook
Returns a webhook configured in a repository. To get only the webhook `config` properties, see "[Get a webhook configuration for a repository](/rest/webhooks/repo-config#get-a-webhook-configuration-for-a-repository)."
repos_get_webhook(hook_id, owner, repo) -> {active, config, created_at, deliveries_url, ...}
Cancel a workflow run
Cancels a workflow run using its `id`. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_cancel_workflow_run(owner, repo, run_id)
Delete a GitHub Actions cache for a repository (using a cache ID)
Deletes a GitHub Actions cache for a repository, using a cache ID. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_actions_cache_by_id(cache_id, owner, repo)
Remove a repository from the list of repositories allowed to use self-hosted runners in an organization
Removes a repository from the list of repositories that are allowed to use self-hosted runners in an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope or the "Actions policies" fine-grained permission to use this endpoint.
actions_disable_selected_repository_self_hosted_runners_organization(org, repository_id)
Enable a workflow
Enables a workflow and sets the `state` of the workflow to `active`. You can replace `workflow_id` with the workflow file name. For example, you could use `main.yaml`. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_enable_workflow(owner, repo, workflow_id)
Download an artifact
Gets a redirect URL to download an archive for a repository. This URL expires after 1 minute. Look for `Location:` in the response header to find the URL for the download. The `:archive_format` must be `zip`. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_download_artifact(archive_format, artifact_id, owner, repo)
Delete GitHub Actions caches for a repository (using a cache key)
Deletes one or more GitHub Actions caches for a repository, using a complete cache key. By default, all caches that match the provided key are deleted, but you can optionally provide a Git ref to restrict deletions to caches that match both the provided key and the Git ref. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_actions_cache_by_key(key, owner, repo, ref?) -> {actions_caches, total_count}
Disable a workflow
Disables a workflow and sets the `state` of the workflow to `disabled_manually`. You can replace `workflow_id` with the workflow file name. For example, you could use `main.yaml`. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_disable_workflow(owner, repo, workflow_id)
Get artifact and log retention settings for a repository
Gets artifact and log retention settings for a repository. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_artifact_and_log_retention_settings_repository(owner, repo) -> {days, maximum_allowed_days}
Add a repository to the list of repositories allowed to use self-hosted runners in an organization
Adds a repository to the list of repositories that are allowed to use self-hosted runners in an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope or the "Actions policies" fine-grained permission to use this endpoint.
actions_enable_selected_repository_self_hosted_runners_organization(org, repository_id)
Delete an environment secret
Deletes a secret in an environment using the secret name. Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_environment_secret(environment_name, owner, repo, secret_name)
List self-hosted runners in a group for an organization
Lists self-hosted runners that are in a specific organization group. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_list_self_hosted_runners_in_group_for_org(org, runner_group_id, page?, per_page?) -> {runners, total_count}
Get private repo fork PR workflow settings for a repository
Gets the settings for whether workflows from fork pull requests can run on a private repository. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_private_repo_fork_pr_workflows_settings_repository(owner, repo) -> {require_approval_for_fork_pr_workflows, run_workflows_from_fork_pull_requests, send_secrets_and_variables, send_write_tokens_to_workflows}
List repositories allowed to use self-hosted runners in an organization
Lists repositories that are allowed to use self-hosted runners in an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope or the "Actions policies" fine-grained permission to use this endpoint.
actions_list_selected_repositories_self_hosted_runners_organization(org, page?, per_page?) -> {repositories, total_count}
Get the level of access for workflows outside of the repository
Gets the level of access that workflows outside of the repository have to actions and reusable workflows in the repository. This endpoint only applies to private repositories. For more information, see "[Allowing access to components in a private repository](https://docs.github.com/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository)." OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_workflow_access_to_repository(owner, repo) -> {access_level}
Delete an organization secret
Deletes a secret in an organization using the secret name. Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth tokens and personal access tokens (classic) need the`admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_org_secret(org, secret_name)
Get fork PR contributor approval permissions for an organization
Gets the fork PR contributor approval policy for an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope or the "Actions policies" fine-grained permission to use this endpoint.
actions_get_fork_pr_contributor_approval_permissions_organization(org) -> {approval_policy}
Delete a repository secret
Deletes a secret in a repository using the secret name. Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_repo_secret(owner, repo, secret_name)
Get artifact and log retention settings for an organization
Gets artifact and log retention settings for an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope or the "Actions policies" fine-grained permission to use this endpoint.
actions_get_artifact_and_log_retention_settings_organization(org) -> {days, maximum_allowed_days}
Delete a repository variable
Deletes a repository variable using the variable name. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_repo_variable(name, owner, repo)
Get an organization variable
Gets a specific variable in an organization. The authenticated user must have collaborator access to a repository to create, update, or read variables. OAuth tokens and personal access tokens (classic) need the`admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_org_variable(name, org) -> {created_at, name, selected_repositories_url, updated_at, ...}
Get a job for a workflow run
Gets a specific job in a workflow run. Anyone with read access to the repository can use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_job_for_workflow_run(job_id, owner, repo) -> {check_run_url, completed_at, conclusion, created_at, ...}
Get fork PR contributor approval permissions for a repository
Gets the fork PR contributor approval policy for a repository. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_fork_pr_contributor_approval_permissions_repository(owner, repo) -> {approval_policy}
List artifacts for a repository
Lists all artifacts for a repository. Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
actions_list_artifacts_for_repo(owner, repo, name?, page?, per_page?) -> {artifacts, total_count}
Get GitHub Actions permissions for a repository
Gets the GitHub Actions permissions policy for a repository, including whether GitHub Actions is enabled and the actions and reusable workflows allowed to run in the repository. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_github_actions_permissions_repository(owner, repo) -> {allowed_actions, enabled, selected_actions_url, sha_pinning_required}
Get a repository public key
Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_repo_public_key(owner, repo) -> {created_at, id, key, key_id, ...}
Get workflow usage
> [!WARNING] > This endpoint is in the process of closing down. Refer to "[Actions Get workflow usage and Get workflow run usage endpoints closing down](https://github.blog/changelog/2025-02-02-actions-get-workflow-usage-and-get-workflow-run-usage-endpoints-closing-down/)" for more information. Gets the number of billable minutes used by a specific workflow during the current billing cycle. Billable minutes only apply to workflows in private repositories that use GitHub-hosted runners. Usage is listed for each GitHub-hosted runner operating system in milliseconds. Any job re-runs are also included in the usage. The usage does not include the multiplier for macOS and Windows runners and is not rounded up to the nearest whole minute. For more information, see "[Managing billing for GitHub Actions](https://docs.github.com/github/setting-up-and-managing-billing-and-payments-on-github/managing-billing-for-github-actions)". You can replace `workflow_id` with the workflow file name. For example, you could use `main.yaml`. Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
actions_get_workflow_usage(owner, repo, workflow_id) -> {billable}
Get pending deployments for a workflow run
Get all deployment environments for a workflow run that are waiting for protection rules to pass. Anyone with read access to the repository can use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_pending_deployments_for_run(owner, repo, run_id) -> [{}]
List notifications for the authenticated user
List all notifications for the current user, sorted by most recently updated.
activity_list_notifications_for_authenticated_user(all?, before?, page?, participating?, per_page?, since?) -> [{}]
Remove selected repository from an organization variable
Removes a repository from an organization variable that is available to selected repositories. Organization variables that are available to selected repositories have their `visibility` field set to `selected`. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_remove_selected_repo_from_org_variable(name, org, repository_id)
Set artifact and log retention settings for an organization
Sets artifact and log retention settings for an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope or the "Actions policies" fine-grained permission to use this endpoint.
actions_set_artifact_and_log_retention_settings_organization(days, org)
List selected repositories for an organization variable
Lists all repositories that can access an organization variable that is available to selected repositories. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_list_selected_repos_for_org_variable(name, org, page?, per_page?) -> {repositories, total_count}
Delete a repository subscription
This endpoint should only be used to stop watching a repository. To control whether or not you wish to receive notifications from a repository, [set the repository's subscription manually](https://docs.github.com/rest/activity/watching#set-a-repository-subscription).
activity_delete_repo_subscription(owner, repo)
Get a team (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the [Get a team by name](https://docs.github.com/rest/teams/teams#get-a-team-by-name) endpoint.
teams_get_legacy(team_id) -> {created_at, description, enterprise_id, html_url, ...}
List repository variables
Lists all repository variables. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_list_repo_variables(owner, repo, page?, per_page?) -> {total_count, variables}
List workflow run artifacts
Lists artifacts for a workflow run. Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
actions_list_workflow_run_artifacts(owner, repo, run_id, name?, page?, per_page?) -> {artifacts, total_count}
Update a self-hosted runner group for an organization
Updates the `name` and `visibility` of a self-hosted runner group in an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_update_self_hosted_runner_group_for_org(name, org, runner_group_id, allows_public_repositories?, network_configuration_id?, restricted_to_workflows?, selected_workflows?, visibility?) -> {allows_public_repositories, default, hosted_runners_url, id, ...}
List repository organization variables
Lists all organization variables shared with a repository. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_list_repo_organization_variables(owner, repo, page?, per_page?) -> {total_count, variables}
List environment secrets
Lists all secrets available in an environment without revealing their encrypted values. Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_list_environment_secrets(environment_name, owner, repo, page?, per_page?) -> {secrets, total_count}
Get workflow run usage
> [!WARNING] > This endpoint is in the process of closing down. Refer to "[Actions Get workflow usage and Get workflow run usage endpoints closing down](https://github.blog/changelog/2025-02-02-actions-get-workflow-usage-and-get-workflow-run-usage-endpoints-closing-down/)" for more information. Gets the number of billable minutes and total run time for a specific workflow run. Billable minutes only apply to workflows in private repositories that use GitHub-hosted runners. Usage is listed for each GitHub-hosted runner operating system in milliseconds. Any job re-runs are also included in the usage. The usage does not include the multiplier for macOS and Windows runners and is not rounded up to the nearest whole minute. For more information, see "[Managing billing for GitHub Actions](https://docs.github.com/github/setting-up-and-managing-billing-and-payments-on-github/managing-billing-for-github-actions)". Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
actions_get_workflow_run_usage(owner, repo, run_id) -> {billable, run_duration_ms}
List repository workflows
Lists the workflows in a repository. Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
actions_list_repo_workflows(owner, repo, page?, per_page?) -> {total_count, workflows}
Set repositories allowed to use self-hosted runners in an organization
Sets repositories that are allowed to use self-hosted runners in an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope or the "Actions policies" fine-grained permission to use this endpoint.
actions_set_selected_repositories_self_hosted_runners_organization(org, selected_repository_ids)
List self-hosted runners for an organization
Lists all self-hosted runners configured in an organization. Authenticated users must have admin access to the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_list_self_hosted_runners_for_org(org, name?, page?, per_page?) -> {runners, total_count}
Remove all custom labels from a self-hosted runner for an organization
Remove all custom labels from a self-hosted runner configured in an organization. Returns the remaining read-only labels from the runner. Authenticated users must have admin access to the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_remove_all_custom_labels_from_self_hosted_runner_for_org(org, runner_id)
Delete a thread subscription
Mutes all future notifications for a conversation until you comment on the thread or get an **@mention**. If you are watching the repository of the thread, you will still receive notifications. To ignore future notifications for a repository you are watching, use the [Set a thread subscription](https://docs.github.com/rest/activity/notifications#set-a-thread-subscription) endpoint and set `ignore` to `true`.
activity_delete_thread_subscription(thread_id)
Set custom labels for a self-hosted runner for an organization
Remove all previous custom labels and set the new custom labels for a specific self-hosted runner configured in an organization. Authenticated users must have admin access to the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_set_custom_labels_for_self_hosted_runner_for_org(labels, org, runner_id)
Check if a repository is starred by the authenticated user
Whether the authenticated user has starred the repository.
activity_check_repo_is_starred_by_authenticated_user(owner, repo)
List workflow runs for a repository
Lists all workflow runs for a repository. You can use parameters to narrow the list of results. For more information about using parameters, see [Parameters](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#parameters). Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository. This endpoint will return up to 1,000 results for each search when using the following parameters: `actor`, `branch`, `check_suite_id`, `created`, `event`, `head_sha`, `status`.
actions_list_workflow_runs_for_repo(owner, repo, actor?, branch?, check_suite_id?, created?, event?, exclude_pull_requests?, head_sha?, page?, per_page?, status?) -> {total_count, workflow_runs}
Get GitHub Actions cache storage limit for an organization
Gets GitHub Actions cache storage limit for an organization. All repositories under this organization may not set a higher cache storage limit. OAuth tokens and personal access tokens (classic) need the `admin:organization` scope to use this endpoint.
actions_get_actions_cache_storage_limit_for_organization(org) -> {max_cache_size_gb}
Set custom labels for a self-hosted runner for a repository
Remove all previous custom labels and set the new custom labels for a specific self-hosted runner configured in a repository. Authenticated users must have admin access to the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_set_custom_labels_for_self_hosted_runner_for_repo(labels, owner, repo, runner_id)
Remove all custom labels from a self-hosted runner for a repository
Remove all custom labels from a self-hosted runner configured in a repository. Returns the remaining read-only labels from the runner. Authenticated users must have admin access to the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_remove_all_custom_labels_from_self_hosted_runner_for_repo(owner, repo, runner_id)
Remove selected repository from an organization secret
Removes a repository from an organization secret when the `visibility` for repository access is set to `selected`. The visibility is set when you [Create or update an organization secret](https://docs.github.com/rest/actions/secrets#create-or-update-an-organization-secret). Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_remove_selected_repo_from_org_secret(org, repository_id, secret_name)
Set fork PR contributor approval permissions for a repository
Sets the fork PR contributor approval policy for a repository. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_set_fork_pr_contributor_approval_permissions_repository(approval_policy, owner, repo)
Set repository access for a self-hosted runner group in an organization
Replaces the list of repositories that have access to a self-hosted runner group configured in an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_set_repo_access_to_self_hosted_runner_group_in_org(org, runner_group_id, selected_repository_ids)
Get route stats by actor
Get API request count statistics for an actor broken down by route within a specified time frame.
api_insights_get_route_stats_by_actor(actor_id, actor_type, min_timestamp, org, api_route_substring?, direction?, max_timestamp?, page?, per_page?, sort?) -> [{api_route, http_method, last_rate_limited_timestamp, last_request_timestamp, ...}]
Get subject stats
Get API request statistics for all subjects within an organization within a specified time frame. Subjects can be users or GitHub Apps.
api_insights_get_subject_stats(min_timestamp, org, direction?, max_timestamp?, page?, per_page?, sort?, subject_name_substring?) -> [{last_rate_limited_timestamp, last_request_timestamp, rate_limited_request_count, subject_id, ...}]
Get all budgets for an organization
> [!NOTE] > This endpoint is in public preview and is subject to change. Gets all budgets for an organization. The authenticated user must be an organization admin or billing manager.
billing_get_all_budgets_org(org)
Get billing premium request usage report for a user
Gets a report of premium request usage for a user. **Note:** Only data from the past 24 months is accessible via this endpoint.
billing_get_github_billing_premium_request_usage_report_user(username, day?, model?, month?, product?, year?)
Get a code scanning default setup configuration
Gets a code scanning default setup configuration. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_get_default_setup(owner, repo) -> {languages, query_suite, runner_label, runner_type, ...}
Delete a campaign for an organization
Deletes a campaign in an organization. The authenticated user must be an owner or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint.
campaigns_delete_campaign(campaign_number, org)
Get time stats
Get the number of API requests and rate-limited requests made within an organization over a specified time period.
api_insights_get_time_stats(min_timestamp, org, timestamp_increment, max_timestamp?) -> [{rate_limited_request_count, timestamp, total_request_count}]
Remove a repository from an app installation
Remove a single repository from an installation. The authenticated user must have admin access to the repository. The installation must have the `repository_selection` of `selected`. This endpoint only works for PATs (classic) with the `repo` scope.
apps_remove_repo_from_installation_for_authenticated_user(installation_id, repository_id)
Get summary stats
Get overall statistics of API requests made within an organization by all users and apps within a specified time frame.
api_insights_get_summary_stats(min_timestamp, org, max_timestamp?) -> {rate_limited_request_count, total_request_count}
Update a check run
Updates a check run for a specific commit in a repository. > [!NOTE] > The endpoints to manage checks only look for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty `pull_requests` array. OAuth apps and personal access tokens (classic) cannot use this endpoint.
checks_update(check_run_id, owner, repo, actions?, completed_at?, conclusion?, details_url?, external_id?, name?, output?, started_at?, status?) -> {app, check_suite, completed_at, conclusion, ...}
Add a selected repository to a user secret
Adds a repository to the selected repositories for a user's development environment secret. The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `codespace` or `codespace:secrets` scope to use this endpoint.
codespaces_add_repository_for_secret_for_authenticated_user(repository_id, secret_name)
Get a code security configuration
Gets a code security configuration available in an organization. The authenticated user must be an administrator or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `write:org` scope to use this endpoint.
code_security_get_configuration(configuration_id, org) -> {advanced_security, code_scanning_default_setup, code_scanning_default_setup_options, code_scanning_delegated_alert_dismissal, ...}
Get summary stats by actor
Get overall statistics of API requests within the organization made by a specific actor. Actors can be GitHub App installations, OAuth apps or other tokens on behalf of a user.
api_insights_get_summary_stats_by_actor(actor_id, actor_type, min_timestamp, org, max_timestamp?) -> {rate_limited_request_count, total_request_count}
Create a campaign for an organization
Create a campaign for an organization. The authenticated user must be an owner or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint. Fine-grained tokens must have the "Code scanning alerts" repository permissions (read) on all repositories included in the campaign.
campaigns_create_campaign(description, ends_at, name, org, code_scanning_alerts?, contact_link?, generate_issues?, managers?, team_managers?) -> {alert_stats, closed_at, contact_link, created_at, ...}
List organization migrations
Lists the most recent migrations, including both exports (which can be started through the REST API) and imports (which cannot be started using the REST API). A list of `repositories` is only returned for export migrations.
migrations_list_for_org(org, exclude?, page?, per_page?) -> [{}]
Update an import
An import can be updated with credentials or a project choice by passing in the appropriate parameters in this API request. If no parameters are provided, the import will be restarted. Some servers (e.g. TFS servers) can have several projects at a single URL. In those cases the import progress will have the status `detection_found_multiple` and the Import Progress response will include a `project_choices` array. You can select the project to import by providing one of the objects in the `project_choices` array in the update request. > [!WARNING] > **Endpoint closing down notice:** Due to very low levels of usage and available alternatives, this endpoint is closing down and will no longer be available from 00:00 UTC on April 12, 2024. For more details and alternatives, see the [changelog](https://gh.io/source-imports-api-deprecation).
migrations_update_import(owner, repo, tfvc_project?, vcs?, vcs_password?, vcs_username?) -> {authors_count, authors_url, commit_count, error_message, ...}
Remove sub-issue
You can use the REST API to remove a sub-issue from an issue. Removing content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass a specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_remove_sub_issue(issue_number, owner, repo, sub_issue_id) -> {labels_url, title, comments, id, ...}
Get a budget by ID for an organization
> [!NOTE] > This endpoint is in public preview and is subject to change. Gets a budget by ID. The authenticated user must be an organization admin or billing manager.
billing_get_budget_org(budget_id, org)
Map a commit author
Update an author's identity for the import. Your application can continue updating authors any time before you push new commits to the repository. > [!WARNING] > **Endpoint closing down notice:** Due to very low levels of usage and available alternatives, this endpoint is closing down and will no longer be available from 00:00 UTC on April 12, 2024. For more details and alternatives, see the [changelog](https://gh.io/source-imports-api-deprecation).
migrations_map_commit_author(author_id, owner, repo, email?, name?) -> {email, id, import_url, name, ...}
Delete a code scanning analysis from a repository
Deletes a specified code scanning analysis from a repository. You can delete one analysis at a time. To delete a series of analyses, start with the most recent analysis and work backwards. Conceptually, the process is similar to the undo function in a text editor. When you list the analyses for a repository, one or more will be identified as deletable in the response: ``` "deletable": true ``` An analysis is deletable when it's the most recent in a set of analyses. Typically, a repository will have multiple sets of analyses for each enabled code scanning tool, where a set is determined by a unique combination of analysis values: * `ref` * `tool` * `category` If you attempt to delete an analysis that is not the most recent in a set, you'll get a 400 response with the message: ``` Analysis specified is not deletable. ``` The response from a successful `DELETE` operation provides you with two alternative URLs for deleting the next analysis in the set: `next_analysis_url` and `confirm_delete_url`. Use the `next_analysis_url` URL if you want to avoid accidentally deleting the final analysis in a set. This is a useful option if you want to preserve at least one analysis for the specified tool in your repository. Use the `confirm_delete_url` URL if you are content to remove all analyses for a tool. When you delete the last analysis in a set, the value of `next_analysis_url` and `confirm_delete_url` in the 200 response is `null`. As an example of the deletion process, let's imagine that you added a workflow that configured a particular code scanning tool to analyze the code in a repository. This tool has added 15 analyses: 10 on the default branch, and another 5 on a topic branch. You therefore have two separate sets of analyses for this tool. You've now decided that you want to remove all of the analyses for the tool. To do this you must make 15 separate deletion requests. To start, you must find an analysis that's identified as deletable. Each set of analyses always has one that's identified as deletable. Having found the deletable analysis for one of the two sets, delete this analysis and then continue deleting the next analysis in the set until they're all deleted. Then repeat the process for the second set. The procedure therefore consists of a nested loop: **Outer loop**: * List the analyses for the repository, filtered by tool. * Parse this list to find a deletable analysis. If found: **Inner loop**: * Delete the identified analysis. * Parse the response for the value of `confirm_delete_url` and, if found, use this in the next iteration. The above process assumes that you want to remove all trace of the tool's analyses from the GitHub user interface, for the specified repository, and it therefore uses the `confirm_delete_url` value. Alternatively, you could use the `next_analysis_url` value, which would leave the last analysis in each set undeleted to avoid removing a tool's analysis entirely. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_delete_analysis(analysis_id, owner, repo, confirm_delete?) -> {confirm_delete_url, next_analysis_url}
Delete a budget for an organization
> [!NOTE] > This endpoint is in public preview and is subject to change. Deletes a budget by ID for an organization. The authenticated user must be an organization admin or billing manager.
billing_delete_budget_org(budget_id, org)
Get the code security configuration associated with a repository
Get the code security configuration that manages a repository's code security settings. The authenticated user must be an administrator or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
code_security_get_configuration_for_repository(owner, repo) -> {configuration, status}
Search code
Search for code across GitHub repositories the user has access to (personal AND organization repos). Scope searches using org:{orgname} or repo:owner/name for best results. AVOID using user:{username} as it only searches repos owned by the user, missing organization repos. If you don't know the user's GitHub username or orgs, call get_user first. Can include qualifiers like repo:, path:, language:, extension:
search_code(q, order?, page?, per_page?, sort?) -> {incomplete_results, items, total_count}
List check run annotations
Lists annotations for a check run using the annotation `id`. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint on a private repository.
checks_list_annotations(check_run_id, owner, repo, page?, per_page?) -> [{}]
Get a user migration status
Fetches a single user migration. The response includes the `state` of the migration, which can be one of the following values: * `pending` - the migration hasn't started yet. * `exporting` - the migration is in progress. * `exported` - the migration finished successfully. * `failed` - the migration failed. Once the migration has been `exported` you can [download the migration archive](https://docs.github.com/rest/migrations/users#download-a-user-migration-archive).
migrations_get_status_for_authenticated_user(migration_id, exclude?) -> {archive_url, created_at, exclude, exclude_attachments, ...}
Delete an organization migration archive
Deletes a previous migration archive. Migration archives are automatically deleted after seven days.
migrations_delete_archive_for_org(migration_id, org)
Create or update an organization secret
Creates or updates an organization development environment secret with an encrypted value. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)." OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_create_or_update_org_secret(org, secret_name, visibility, encrypted_value?, key_id?, selected_repository_ids?) -> {}
List repositories in an organization migration
List all the repositories for this organization migration.
migrations_list_repos_for_org(migration_id, org, page?, per_page?) -> [{}]
Download a user migration archive
Fetches the URL to download the migration archive as a `tar.gz` file. Depending on the resources your repository uses, the migration archive can contain JSON files with data for these objects: * attachments * bases * commit\_comments * issue\_comments * issue\_events * issues * milestones * organizations * projects * protected\_branches * pull\_request\_reviews * pull\_requests * releases * repositories * review\_comments * schema * users The archive will also contain an `attachments` directory that includes all attachment files uploaded to GitHub.com and a `repositories` directory that contains the repository's Git data.
migrations_get_archive_for_authenticated_user(migration_id)
List machine types for a codespace
List the machine types a codespace can transition to use. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_codespace_machines_for_authenticated_user(codespace_name) -> {machines, total_count}
Delete an issue reaction
> [!NOTE] > You can also specify a repository by `repository_id` using the route `DELETE /repositories/:repository_id/issues/:issue_number/reactions/:reaction_id`. Delete a reaction to an [issue](https://docs.github.com/rest/issues/issues#get-an-issue).
reactions_delete_for_issue(issue_number, owner, reaction_id, repo)
Get repositories associated with a code security configuration
Lists the repositories associated with a code security configuration in an organization. The authenticated user must be an administrator or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `read:org` scope to use this endpoint.
code_security_get_repositories_for_configuration(configuration_id, org, after?, before?, per_page?, status?) -> [{}]
Commit an autofix for a code scanning alert
Commits an autofix for a code scanning alert. If an autofix is committed as a result of this request, then this endpoint will return a 201 Created response. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_commit_autofix(alert_number, owner, repo, message?, target_ref?) -> {sha, target_ref}
Update a code security configuration
Updates a code security configuration in an organization. The authenticated user must be an administrator or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `write:org` scope to use this endpoint.
code_security_update_configuration(configuration_id, org, advanced_security?, code_scanning_default_setup?, code_scanning_default_setup_options?, code_scanning_delegated_alert_dismissal?, code_scanning_options?, code_security?, dependabot_alerts?, dependabot_security_updates?, dependency_graph?, dependency_graph_autosubmit_action?, dependency_graph_autosubmit_action_options?, description?, enforcement?, name?, private_vulnerability_reporting?, secret_protection?, secret_scanning?, secret_scanning_delegated_alert_dismissal?, secret_scanning_delegated_bypass?, secret_scanning_delegated_bypass_options?, secret_scanning_generic_secrets?, secret_scanning_non_provider_patterns?, secret_scanning_push_protection?, secret_scanning_validity_checks?) -> {advanced_security, code_scanning_default_setup, code_scanning_default_setup_options, code_scanning_delegated_alert_dismissal, ...}
Get commit authors
Each type of source control system represents authors in a different way. For example, a Git commit author has a display name and an email address, but a Subversion commit author just has a username. The GitHub Importer will make the author information valid, but the author might not be correct. For example, it will change the bare Subversion username `hubot` into something like `hubot <hubot@12341234-abab-fefe-8787-fedcba987654>`. This endpoint and the [Map a commit author](https://docs.github.com/rest/migrations/source-imports#map-a-commit-author) endpoint allow you to provide correct Git author information. > [!WARNING] > **Endpoint closing down notice:** Due to very low levels of usage and available alternatives, this endpoint is closing down and will no longer be available from 00:00 UTC on April 12, 2024. For more details and alternatives, see the [changelog](https://gh.io/source-imports-api-deprecation).
migrations_get_commit_authors(owner, repo, since?) -> [{}]
Get details about a codespace export
Gets information about an export of a codespace. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_get_export_details_for_authenticated_user(codespace_name, export_id) -> {branch, completed_at, export_url, html_url, ...}
Set selected repositories for a user secret
Select the repositories that will use a user's development environment secret. The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `codespace` or `codespace:secrets` scope to use this endpoint.
codespaces_set_repositories_for_secret_for_authenticated_user(secret_name, selected_repository_ids)
List codespaces for the authenticated user
Lists the authenticated user's codespaces. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_list_for_authenticated_user(page?, per_page?, repository_id?) -> {codespaces, total_count}
Get a secret for the authenticated user
Gets a development environment secret available to a user's codespaces without revealing its encrypted value. The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `codespace` or `codespace:secrets` scope to use this endpoint.
codespaces_get_secret_for_authenticated_user(secret_name) -> {created_at, name, selected_repositories_url, updated_at, ...}
Bulk remove team members
Remove multiple team members from an enterprise team.
enterprise_team_memberships_bulk_remove(enterprise, enterprise-team, usernames) -> [{}]
Export a codespace for the authenticated user
Triggers an export of the specified codespace and returns a URL and ID where the status of the export can be monitored. If changes cannot be pushed to the codespace's repository, they will be pushed to a new or previously-existing fork instead. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_export_for_authenticated_user(codespace_name)
List devcontainer configurations in a repository for the authenticated user
Lists the devcontainer.json files associated with a specified repository and the authenticated user. These files specify launchpoint configurations for codespaces created within the repository. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_list_devcontainers_in_repository_for_authenticated_user(owner, repo, page?, per_page?) -> {devcontainers, total_count}
List codespaces for a user in organization
Lists the codespaces that a member of an organization has for repositories in that organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_get_codespaces_for_user_in_org(org, username, page?, per_page?) -> {codespaces, total_count}
Get public key for the authenticated user
Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `codespace` or `codespace:secrets` scope to use this endpoint.
codespaces_get_public_key_for_authenticated_user() -> {key, key_id}
Get a tag
**Signature verification object** The response will include a `verification` object that describes the result of verifying the commit's signature. The following fields are included in the `verification` object: | Name | Type | Description | | ---- | ---- | ----------- | | `verified` | `boolean` | Indicates whether GitHub considers the signature in this commit to be verified. | | `reason` | `string` | The reason for verified value. Possible values and their meanings are enumerated in table below. | | `signature` | `string` | The signature that was extracted from the commit. | | `payload` | `string` | The value that was signed. | | `verified_at` | `string` | The date the signature was verified by GitHub. | These are the possible values for `reason` in the `verification` object: | Value | Description | | ----- | ----------- | | `expired_key` | The key that made the signature is expired. | | `not_signing_key` | The "signing" flag is not among the usage flags in the GPG key that made the signature. | | `gpgverify_error` | There was an error communicating with the signature verification service. | | `gpgverify_unavailable` | The signature verification service is currently unavailable. | | `unsigned` | The object does not include a signature. | | `unknown_signature_type` | A non-PGP signature was found in the commit. | | `no_user` | No user was associated with the `committer` email address in the commit. | | `unverified_email` | The `committer` email address in the commit was associated with a user, but the email address is not verified on their account. | | `bad_email` | The `committer` email address in the commit is not included in the identities of the PGP key that made the signature. | | `unknown_key` | The key that made the signature has not been registered with any user's account. | | `malformed_signature` | There was an error parsing the signature. | | `invalid` | The signature could not be cryptographically verified using the key whose key-id was found in the signature. | | `valid` | None of the above errors applied, so the signature is considered to be verified. |
git_get_tag(owner, repo, tag_sha) -> {message, node_id, object, sha, ...}
Export a software bill of materials (SBOM) for a repository.
Exports the software bill of materials (SBOM) for a repository in SPDX JSON format.
dependency_graph_export_sbom(owner, repo) -> {sbom}
List gist commits
gists_list_commits(gist_id, page?, per_page?) -> [{}]
Manage access control for organization codespaces
Sets which users can access codespaces in an organization. This is synonymous with granting or revoking codespaces access permissions for users according to the visibility. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_set_codespaces_access(org, visibility, selected_usernames?)
Get a repository secret
Gets a single repository development environment secret without revealing its encrypted value. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
codespaces_get_repo_secret(owner, repo, secret_name) -> {created_at, name, updated_at}
Get interaction restrictions for your public repositories
Shows which type of GitHub user can interact with your public repositories and when the restriction expires.
interactions_get_restrictions_for_authenticated_user()
Delete a gist
gists_delete(gist_id)
List codespaces for the organization
Lists the codespaces associated to a specified organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_list_in_organization(org, page?, per_page?) -> {codespaces, total_count}
Remove a selected repository from a user secret
Removes a repository from the selected repositories for a user's development environment secret. The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `codespace` or `codespace:secrets` scope to use this endpoint.
codespaces_remove_repository_for_secret_for_authenticated_user(repository_id, secret_name)
Get repository clones
Get the total number of clones and breakdown per day or week for the last 14 days. Timestamps are aligned to UTC midnight of the beginning of the day or week. Week begins on Monday.
repos_get_clones(owner, repo, per?) -> {clones, count, uniques}
Delete a repository secret
Deletes a secret in a repository using the secret name. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
dependabot_delete_repo_secret(owner, repo, secret_name)
List organization secrets
Lists all Codespaces development environment secrets available at the organization-level without revealing their encrypted values. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_list_org_secrets(org, page?, per_page?) -> {secrets, total_count}
List secrets for the authenticated user
Lists all development environment secrets available for a user's codespaces without revealing their encrypted values. The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `codespace` or `codespace:secrets` scope to use this endpoint.
codespaces_list_secrets_for_authenticated_user(page?, per_page?) -> {secrets, total_count}
Get a repository secret
Gets a single repository secret without revealing its encrypted value. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
dependabot_get_repo_secret(owner, repo, secret_name) -> {created_at, name, updated_at}
Get interaction restrictions for an organization
Shows which type of GitHub user can interact with this organization and when the restriction expires. If there is no restrictions, you will see an empty response.
interactions_get_restrictions_for_org(org)
Get an import status
View the progress of an import. > [!WARNING] > **Endpoint closing down notice:** Due to very low levels of usage and available alternatives, this endpoint is closing down and will no longer be available from 00:00 UTC on April 12, 2024. For more details and alternatives, see the [changelog](https://gh.io/source-imports-api-deprecation). **Import status** This section includes details about the possible values of the `status` field of the Import Progress response. An import that does not have errors will progress through these steps: * `detecting` - the "detection" step of the import is in progress because the request did not include a `vcs` parameter. The import is identifying the type of source control present at the URL. * `importing` - the "raw" step of the import is in progress. This is where commit data is fetched from the original repository. The import progress response will include `commit_count` (the total number of raw commits that will be imported) and `percent` (0 - 100, the current progress through the import). * `mapping` - the "rewrite" step of the import is in progress. This is where SVN branches are converted to Git branches, and where author updates are applied. The import progress response does not include progress information. * `pushing` - the "push" step of the import is in progress. This is where the importer updates the repository on GitHub. The import progress response will include `push_percent`, which is the percent value reported by `git push` when it is "Writing objects". * `complete` - the import is complete, and the repository is ready on GitHub. If there are problems, you will see one of these in the `status` field: * `auth_failed` - the import requires authentication in order to connect to the original repository. To update authentication for the import, please see the [Update an import](https://docs.github.com/rest/migrations/source-imports#update-an-import) section. * `error` - the import encountered an error. The import progress response will include the `failed_step` and an error message. Contact [GitHub Support](https://support.github.com/contact?tags=dotcom-rest-api) for more information. * `detection_needs_auth` - the importer requires authentication for the originating repository to continue detection. To update authentication for the import, please see the [Update an import](https://docs.github.com/rest/migrations/source-imports#update-an-import) section. * `detection_found_nothing` - the importer didn't recognize any source control at the URL. To resolve, [Cancel the import](https://docs.github.com/rest/migrations/source-imports#cancel-an-import) and [retry](https://docs.github.com/rest/migrations/source-imports#start-an-import) with the correct URL. * `detection_found_multiple` - the importer found several projects or repositories at the provided URL. When this is the case, the Import Progress response will also include a `project_choices` field with the possible project choices as values. To update project choice, please see the [Update an import](https://docs.github.com/rest/migrations/source-imports#update-an-import) section. **The project_choices field** When multiple projects are found at the provided URL, the response hash will include a `project_choices` field, the value of which is an array of hashes each representing a project choice. The exact key/value pairs of the project hashes will differ depending on the version control type. **Git LFS related fields** This section includes details about Git LFS related fields that may be present in the Import Progress response. * `use_lfs` - describes whether the import has been opted in or out of using Git LFS. The value can be `opt_in`, `opt_out`, or `undecided` if no action has been taken. * `has_large_files` - the boolean value describing whether files larger than 100MB were found during the `importing` step. * `large_files_size` - the total size in gigabytes of files larger than 100MB found in the originating repository. * `large_files_count` - the total number of files larger than 100MB found in the originating repository. To see a list of these files, make a "Get Large Files" request.
migrations_get_import_status(owner, repo) -> {authors_count, authors_url, commit_count, error_message, ...}
Remove selected repository from an organization secret
Removes a repository from an organization development environment secret when the `visibility` for repository access is set to `selected`. The visibility is set when you [Create or update an organization secret](https://docs.github.com/rest/codespaces/organization-secrets#create-or-update-an-organization-secret). OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_remove_selected_repo_from_org_secret(org, repository_id, secret_name)
Bulk add team members
Add multiple team members to an enterprise team.
enterprise_team_memberships_bulk_add(enterprise, enterprise-team, usernames) -> [{}]
Check if a user can be assigned to a issue
Checks if a user has permission to be assigned to a specific issue. If the `assignee` can be assigned to this issue, a `204` status code with no content is returned. Otherwise a `404` status code is returned.
issues_check_user_can_be_assigned_to_issue(assignee, issue_number, owner, repo)
Create a blob
git_create_blob(content, owner, repo, encoding?) -> {sha, url}
List enterprise teams
List all teams in the enterprise for the authenticated user
enterprise_teams_list(enterprise, page?, per_page?) -> [{}]
List members in an enterprise team
Lists all team members in an enterprise team.
enterprise_team_memberships_list(enterprise, enterprise-team, page?, per_page?) -> [{}]
Set the customization template for an OIDC subject claim for an organization
Creates or updates the customization template for an OpenID Connect (OIDC) subject claim. OAuth app tokens and personal access tokens (classic) need the `write:org` scope to use this endpoint.
oidc_update_oidc_custom_sub_template_for_org(include_claim_keys, org) -> {}
Get a custom property for an organization
Gets a custom property that is defined for an organization. Organization members can read these properties.
orgs_custom_properties_for_repos_get_organization_definition(custom_property_name, org) -> {allowed_values, default_value, description, property_name, ...}
Delete an organization webhook
Delete a webhook for an organization. The authenticated user must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need `admin:org_hook` scope. OAuth apps cannot list, view, or edit webhooks that they did not create and users cannot list, view, or edit webhooks that were created by OAuth apps.
orgs_delete_webhook(hook_id, org)
Create an enterprise team
To create an enterprise team, the authenticated user must be an owner of the enterprise.
enterprise_teams_create(enterprise, name, description?, group_id?, organization_selection_type?, sync_to_organizations?) -> {created_at, description, group_id, group_name, ...}
Get a tree
Returns a single tree using the SHA1 value or ref name for that tree. If `truncated` is `true` in the response then the number of items in the `tree` array exceeded our maximum limit. If you need to fetch more items, use the non-recursive method of fetching trees, and fetch one sub-tree at a time. > [!NOTE] > The limit for the `tree` array is 100,000 entries with a maximum size of 7 MB when using the `recursive` parameter.
git_get_tree(owner, repo, tree_sha, recursive?) -> {sha, tree, truncated, url}
Create a tag object
Note that creating a tag object does not create the reference that makes a tag in Git. If you want to create an annotated tag in Git, you have to do this call to create the tag object, and then [create](https://docs.github.com/rest/git/refs#create-a-reference) the `refs/tags/[tag]` reference. If you want to create a lightweight tag, you only have to [create](https://docs.github.com/rest/git/refs#create-a-reference) the tag reference - this call would be unnecessary. **Signature verification object** The response will include a `verification` object that describes the result of verifying the commit's signature. The following fields are included in the `verification` object: | Name | Type | Description | | ---- | ---- | ----------- | | `verified` | `boolean` | Indicates whether GitHub considers the signature in this commit to be verified. | | `reason` | `string` | The reason for verified value. Possible values and their meanings are enumerated in table below. | | `signature` | `string` | The signature that was extracted from the commit. | | `payload` | `string` | The value that was signed. | | `verified_at` | `string` | The date the signature was verified by GitHub. | These are the possible values for `reason` in the `verification` object: | Value | Description | | ----- | ----------- | | `expired_key` | The key that made the signature is expired. | | `not_signing_key` | The "signing" flag is not among the usage flags in the GPG key that made the signature. | | `gpgverify_error` | There was an error communicating with the signature verification service. | | `gpgverify_unavailable` | The signature verification service is currently unavailable. | | `unsigned` | The object does not include a signature. | | `unknown_signature_type` | A non-PGP signature was found in the commit. | | `no_user` | No user was associated with the `committer` email address in the commit. | | `unverified_email` | The `committer` email address in the commit was associated with a user, but the email address is not verified on their account. | | `bad_email` | The `committer` email address in the commit is not included in the identities of the PGP key that made the signature. | | `unknown_key` | The key that made the signature has not been registered with any user's account. | | `malformed_signature` | There was an error parsing the signature. | | `invalid` | The signature could not be cryptographically verified using the key whose key-id was found in the signature. | | `valid` | None of the above errors applied, so the signature is considered to be verified. |
git_create_tag(message, object, owner, repo, tag, type, tagger?) -> {message, node_id, object, sha, ...}
Add sub-issue
You can use the REST API to add sub-issues to issues. Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_add_sub_issue(issue_number, owner, repo, sub_issue_id, replace_parent?) -> {labels_url, title, comments, id, ...}
Get a blob
The `content` in the response will always be Base64 encoded. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw blob data. - **`application/vnd.github+json`**: Returns a JSON representation of the blob with `content` as a base64 encoded string. This is the default if no media type is specified. **Note** This endpoint supports blobs up to 100 megabytes in size.
git_get_blob(file_sha, owner, repo) -> {content, encoding, highlighted_content, node_id, ...}
List assignees
Lists the [available assignees](https://docs.github.com/articles/assigning-issues-and-pull-requests-to-other-github-users/) for issues in a repository.
issues_list_assignees(owner, repo, page?, per_page?) -> [{}]
Get an issue event
Gets a single event by the event id.
issues_get_event(event_id, owner, repo) -> {actor, assignee, assigner, author_association, ...}
Get a reference
Returns a single reference from your Git database. The `:ref` in the URL must be formatted as `heads/<branch name>` for branches and `tags/<tag name>` for tags. If the `:ref` doesn't match an existing ref, a `404` is returned. > [!NOTE] > You need to explicitly [request a pull request](https://docs.github.com/rest/pulls/pulls#get-a-pull-request) to trigger a test merge commit, which checks the mergeability of pull requests. For more information, see "[Checking mergeability of pull requests](https://docs.github.com/rest/guides/getting-started-with-the-git-database-api#checking-mergeability-of-pull-requests)".
git_get_ref(owner, ref, repo) -> {node_id, object, ref, url}
Set interaction restrictions for your public repositories
Temporarily restricts which type of GitHub user can interact with your public repositories. Setting the interaction limit at the user level will overwrite any interaction limits that are set for individual repositories owned by the user.
interactions_set_restrictions_for_authenticated_user(limit, expiry?) -> {expires_at, limit, origin}
Delete an issue comment
You can use the REST API to delete comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request.
issues_delete_comment(comment_id, owner, repo)
List custom property values for organization repositories
Lists organization repositories with all of their custom property values. Organization members can read these properties.
orgs_custom_properties_for_repos_get_organization_values(org, page?, per_page?, repository_query?) -> [{}]
Get an organization
Gets information about an organization. When the value of `two_factor_requirement_enabled` is `true`, the organization requires all members, billing managers, outside collaborators, guest collaborators, repository collaborators, or everyone with access to any repository within the organization to enable [two-factor authentication](https://docs.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/). To see the full details about an organization, the authenticated user must be an organization owner. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to see the full details about an organization. To see information about an organization's GitHub plan, GitHub Apps need the `Organization plan` permission.
orgs_get(org) -> {plan, two_factor_requirement_enabled, members_can_view_dependency_insights, members_can_create_teams, ...}
Get immutable releases settings for an organization
Gets the immutable releases policy for repositories in an organization. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_get_immutable_releases_settings(org) -> {enforced_repositories, selected_repositories_url}
List issues assigned to the authenticated user
List issues assigned to the authenticated user across all visible repositories including owned repositories, member repositories, and organization repositories. You can use the `filter` query parameter to fetch issues that are not necessarily assigned to you. > [!NOTE] > GitHub's REST API considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the `pull_request` key. Be aware that the `id` of a pull request returned from "Issues" endpoints will be an _issue id_. To find out the pull request id, use the "[List pull requests](https://docs.github.com/rest/pulls/pulls#list-pull-requests)" endpoint. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_list(collab?, direction?, filter?, labels?, orgs?, owned?, page?, per_page?, pulls?, since?, sort?, state?) -> [{}]
Delete a team (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [Delete a team](https://docs.github.com/rest/teams/teams#delete-a-team) endpoint. To delete a team, the authenticated user must be an organization owner or team maintainer. If you are an organization owner, deleting a parent team will delete all of its child teams as well.
teams_delete_legacy(team_id)
Update a discussion (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [Update a discussion](https://docs.github.com/rest/teams/discussions#update-a-discussion) endpoint. Edits the title and body text of a discussion post. Only the parameters you provide are updated. OAuth app tokens and personal access tokens (classic) need the `write:discussion` scope to use this endpoint.
teams_update_discussion_legacy(discussion_number, team_id, body?, title?) -> {author, body, body_html, body_version, ...}
List deliveries for a repository webhook
Returns a list of webhook deliveries for a webhook configured in a repository.
repos_list_webhook_deliveries(hook_id, owner, repo, cursor?, per_page?) -> [{}]
Get access restrictions
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Lists who has access to this protected branch. > [!NOTE] > Users, apps, and teams `restrictions` are only available for organization-owned repositories.
repos_get_access_restrictions(branch, owner, repo) -> {apps, apps_url, teams, teams_url, ...}
Merge a branch
repos_merge(base, head, owner, repo, commit_message?) -> {author, comments_url, commit, committer, ...}
List issue comments
You can use the REST API to list comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request. Issue comments are ordered by ascending ID. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_list_comments(issue_number, owner, repo, page?, per_page?, since?) -> [{}]
List repository security advisories for an organization
Lists repository security advisories for an organization. The authenticated user must be an owner or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` or `repository_advisories:write` scope to use this endpoint.
security_advisories_list_org_repository_advisories(org, after?, before?, direction?, per_page?, sort?, state?) -> [{}]
List users that are assigned to an organization role
Lists organization members that are assigned to an organization role. For more information on organization roles, see "[Using organization roles](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)." To use this endpoint, you must be an administrator for the organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_list_org_role_users(org, role_id, page?, per_page?) -> [{}]
Update a repository invitation
repos_update_invitation(invitation_id, owner, repo, permissions?) -> {created_at, expired, html_url, id, ...}
List pending organization invitations
The return hash contains a `role` field which refers to the Organization Invitation role and will be one of the following values: `direct_member`, `admin`, `billing_manager`, or `hiring_manager`. If the invitee is not a GitHub member, the `login` field in the return hash will be `null`.
orgs_list_pending_invitations(org, invitation_source?, page?, per_page?, role?) -> [{}]
Transfer a repository
A transfer request will need to be accepted by the new owner when transferring a personal repository to another user. The response will contain the original `owner`, and the transfer will continue asynchronously. For more details on the requirements to transfer personal and organization-owned repositories, see [about repository transfers](https://docs.github.com/articles/about-repository-transfers/).
repos_transfer(new_owner, owner, repo, new_name?, team_ids?)
Remove organization membership for a user
In order to remove a user's membership with an organization, the authenticated user must be an organization owner. If the specified user is an active member of the organization, this will remove them from the organization. If the specified user has been invited to the organization, this will cancel their invitation. The specified user will receive an email notification in both cases. > [!NOTE] > If a user has both direct membership in the organization as well as indirect membership via an enterprise team, only their direct membership will be removed. Their indirect membership via an enterprise team remains until the user is removed from the enterprise team.
orgs_remove_membership_for_user(org, username)
Add a repository collaborator
Add a user to a repository with a specified level of access. If the repository is owned by an organization, this API does not add the user to the organization - a user that has repository access without being an organization member is called an "outside collaborator" (if they are not an Enterprise Managed User) or a "repository collaborator" if they are an Enterprise Managed User. These users are exempt from some organization policies - see "[Adding outside collaborators to repositories](https://docs.github.com/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)" to learn more about these collaborator types. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Adding an outside collaborator may be restricted by enterprise and organization administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)" and "[Setting permissions for adding outside collaborators](https://docs.github.com/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)" for organization settings. For more information on permission levels, see "[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the role being given must be equal to or higher than the org base permission. Otherwise, the request will fail with: ``` Cannot assign {member} permission of {role name} ``` Note that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see "[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method)." The invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the [API](https://docs.github.com/rest/collaborators/invitations). For Enterprise Managed Users, this endpoint does not send invitations - these users are automatically added to organizations and repositories. Enterprise Managed Users can only be added to organizations and repositories within their enterprise. **Updating an existing collaborator's permission level** The endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different `permission` parameter. The response will be a `204`, with no other indication that the permission level changed. **Rate limits** You are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.
repos_add_collaborator(owner, repo, username, permission?) -> {created_at, expired, html_url, id, ...}
Delete a release reaction
> [!NOTE] > You can also specify a repository by `repository_id` using the route `DELETE delete /repositories/:repository_id/releases/:release_id/reactions/:reaction_id`. Delete a reaction to a [release](https://docs.github.com/rest/releases/releases#get-a-release).
reactions_delete_for_release(owner, reaction_id, release_id, repo)
Remove an organization role from a user
Remove an organization role from a user. For more information on organization roles, see "[Using organization roles](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)." The authenticated user must be an administrator for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_revoke_org_role_user(org, role_id, username)
Add a field to an organization-owned project.
Add a field to an organization-owned project.
projects_add_field_for_org(org, project_number) -> {configuration, created_at, data_type, id, ...}
List items for an organization project view
List items in an organization project with the saved view's filter applied.
projects_list_view_items_for_org(org, project_number, view_number, after?, before?, fields?, per_page?) -> [{}]
Get list of conflicting packages during Docker migration for user
Lists all packages that are in a specific user's namespace, that the requesting user has access to, and that encountered a conflict during Docker migration. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint.
packages_list_docker_migration_conflicting_packages_for_user(username) -> [{}]
Set immutable releases settings for an organization
Sets the immutable releases policy for repositories in an organization. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_set_immutable_releases_settings(enforced_repositories, org, selected_repository_ids?)
Merge a pull request
Merges a pull request into the base branch. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)."
pulls_merge(owner, pull_number, repo, commit_message?, commit_title?, merge_method?, sha?) -> {merged, message, sha}
List items for a user owned project
List all items for a specific user-owned project accessible by the authenticated user.
projects_list_items_for_user(project_number, username, after?, before?, fields?, per_page?, q?) -> [{}]
Update a webhook configuration for an organization
Updates the webhook configuration for an organization. To update more information about the webhook, including the `active` state and `events`, use "[Update an organization webhook ](/rest/orgs/webhooks#update-an-organization-webhook)." You must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need `admin:org_hook` scope. OAuth apps cannot list, view, or edit webhooks that they did not create and users cannot list, view, or edit webhooks that were created by OAuth apps.
orgs_update_webhook_config_for_org(hook_id, org, content_type?, insecure_ssl?, secret?, url?) -> {content_type, insecure_ssl, secret, url}
Restore a package version for the authenticated user
Restores a package version owned by the authenticated user. You can restore a deleted package version under the following conditions: - The package was deleted within the last 30 days. - The same package namespace and version is still available and not reused for a new package. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first. OAuth app tokens and personal access tokens (classic) need the `read:packages` and `write:packages` scopes to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_restore_package_version_for_authenticated_user(package_name, package_type, package_version_id)
Get a commit comment
Gets a specified commit comment. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
repos_get_commit_comment(comment_id, owner, repo) -> {author_association, body, commit_id, created_at, ...}
Delete a package for an organization
Deletes an entire package in an organization. You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact GitHub support for further assistance. The authenticated user must have admin permissions in the organization to use this endpoint. If the `package_type` belongs to a GitHub Packages registry that supports granular permissions, the authenticated user must also have admin permissions to the package. For the list of these registries, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#granular-permissions-for-userorganization-scoped-packages)." OAuth app tokens and personal access tokens (classic) need the `read:packages` and `delete:packages` scopes to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_delete_package_for_org(org, package_name, package_type)
Get project field for user
Get a specific field for a user-owned project.
projects_get_field_for_user(field_id, project_number, username) -> {configuration, created_at, data_type, id, ...}
Create a custom deployment protection rule on an environment
Enable a custom deployment protection rule for an environment. The authenticated user must have admin or owner permissions to the repository to use this endpoint. For more information about the app that is providing this custom deployment rule, see the [documentation for the `GET /apps/{app_slug}` endpoint](https://docs.github.com/rest/apps/apps#get-an-app), as well as the [guide to creating custom deployment protection rules](https://docs.github.com/actions/managing-workflow-runs-and-deployments/managing-deployments/creating-custom-deployment-protection-rules). OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_create_deployment_protection_rule(environment_name, owner, repo, integration_id?) -> {app, enabled, id, node_id}
Delete an autolink reference from a repository
This deletes a single autolink reference by ID that was configured for the given repository. Information about autolinks are only available to repository administrators.
repos_delete_autolink(autolink_id, owner, repo)
Get a branch
repos_get_branch(branch, owner, repo) -> {_links, commit, name, pattern, ...}
Delete a private registry for an organization
Delete a private registry configuration at the organization-level. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
private_registries_delete_org_private_registry(org, secret_name)
Update a release
Users with push access to the repository can edit a release.
repos_update_release(owner, release_id, repo, body?, discussion_category_name?, draft?, make_latest?, name?, prerelease?, tag_name?, target_commitish?) -> {assets, assets_url, author, body, ...}
Get large files
List files larger than 100MB found during the import > [!WARNING] > **Endpoint closing down notice:** Due to very low levels of usage and available alternatives, this endpoint is closing down and will no longer be available from 00:00 UTC on April 12, 2024. For more details and alternatives, see the [changelog](https://gh.io/source-imports-api-deprecation).
migrations_get_large_files(owner, repo) -> [{}]
Stop a codespace for the authenticated user
Stops a user's codespace. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_stop_for_authenticated_user(codespace_name) -> {billable_owner, created_at, devcontainer_path, display_name, ...}
Get a code scanning alert
Gets a single code scanning alert. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_get_alert(alert_number, owner, repo) -> {assignees, created_at, dismissal_approved_by, dismissed_at, ...}
List review comments on a pull request
Lists all review comments for a specified pull request. By default, review comments are in ascending order by ID. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_list_review_comments(owner, pull_number, repo, direction?, page?, per_page?, since?, sort?) -> [{}]
Create a review for a pull request
Creates a review on a specified pull request. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." Pull request reviews created in the `PENDING` state are not submitted and therefore do not include the `submitted_at` property in the response. To create a pending review for a pull request, leave the `event` parameter blank. For more information about submitting a `PENDING` review, see "[Submit a review for a pull request](https://docs.github.com/rest/pulls/reviews#submit-a-review-for-a-pull-request)." > [!NOTE] > To comment on a specific line in a file, you need to first determine the position of that line in the diff. To see a pull request diff, add the `application/vnd.github.v3.diff` media type to the `Accept` header of a call to the [Get a pull request](https://docs.github.com/rest/pulls/pulls#get-a-pull-request) endpoint. The `position` value equals the number of lines down from the first "@@" hunk header in the file you want to add a comment. The line just below the "@@" line is position 1, the next line is position 2, and so on. The position in the diff continues to increase through lines of whitespace and additional hunks until the beginning of a new file. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_create_review(owner, pull_number, repo, body?, comments?, commit_id?, event?) -> {_links, author_association, body, body_html, ...}
Set cluster deployment records
Set deployment records for a given cluster. If proposed records in the 'deployments' field have identical 'cluster', 'logical_environment', 'physical_environment', and 'deployment_name' values as existing records, the existing records will be updated. If no existing records match, new records will be created.
orgs_set_cluster_deployment_records(cluster, deployments, logical_environment, org, physical_environment?) -> {deployment_records, total_count}
Update a secret scanning alert
Updates the status of a secret scanning alert in an eligible repository. You can also use this endpoint to assign or unassign an alert to a user who has write access to the repository. The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` or `security_events` scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the `public_repo` scope instead.
secret_scanning_update_alert(alert_number, owner, repo, assignee?, resolution?, resolution_comment?, state?) -> {assigned_to, created_at, first_location_detected, has_more_locations, ...}
Assign an organization role to a user
Assigns an organization role to a member of an organization. For more information on organization roles, see "[Using organization roles](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)." The authenticated user must be an administrator for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_assign_user_to_org_role(org, role_id, username)
Delete attestations in bulk
Delete artifact attestations in bulk by either subject digests or unique ID.
orgs_delete_attestations_bulk(org)
Stop a codespace for an organization user
Stops a user's codespace. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_stop_in_organization(codespace_name, org, username) -> {billable_owner, created_at, devcontainer_path, display_name, ...}
Get a team by name
Gets a team using the team's `slug`. To create the `slug`, GitHub replaces special characters in the `name` string, changes all words to lowercase, and replaces spaces with a `-` separator. For example, `"My TEam Näme"` would become `my-team-name`. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `GET /organizations/{org_id}/team/{team_id}`.
teams_get_by_name(org, team_slug) -> {created_at, description, enterprise_id, html_url, ...}
Get a package for the authenticated user
Gets a specific package for a package owned by the authenticated user. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_get_package_for_authenticated_user(package_name, package_type) -> {created_at, html_url, id, name, ...}
Restore package version for an organization
Restores a specific package version in an organization. You can restore a deleted package under the following conditions: - The package was deleted within the last 30 days. - The same package namespace and version is still available and not reused for a new package. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first. The authenticated user must have admin permissions in the organization to use this endpoint. If the `package_type` belongs to a GitHub Packages registry that supports granular permissions, the authenticated user must also have admin permissions to the package. For the list of these registries, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#granular-permissions-for-userorganization-scoped-packages)." OAuth app tokens and personal access tokens (classic) need the `read:packages` and `write:packages` scopes to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_restore_package_version_for_org(org, package_name, package_type, package_version_id)
Create a gist comment
Creates a comment on a gist. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown. This is the default if you do not pass any specific media type. - **`application/vnd.github.base64+json`**: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
gists_create_comment(body, gist_id) -> {author_association, body, created_at, id, ...}
List followers of a user
Lists the people following the specified user.
users_list_followers_for_user(username, page?, per_page?) -> [{}]
List packages for an organization
Lists packages in an organization readable by the user. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_list_packages_for_organization(org, package_type, page?, per_page?, visibility?) -> [{}]
Get default workflow permissions for a repository
Gets the default workflow permissions granted to the `GITHUB_TOKEN` when running workflows in a repository, as well as if GitHub Actions can submit approving pull request reviews. For more information, see "[Setting the permissions of the GITHUB_TOKEN for your repository](https://docs.github.com/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository)." OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_github_actions_default_workflow_permissions_repository(owner, repo) -> {can_approve_pull_request_reviews, default_workflow_permissions}
Get default code security configurations
Lists the default code security configurations for an organization. The authenticated user must be an administrator or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `read:org` scope to use this endpoint.
code_security_get_default_configurations(org) -> [{configuration, default_for_new_repos}]
Restore package version for a user
Restores a specific package version for a user. You can restore a deleted package under the following conditions: - The package was deleted within the last 30 days. - The same package namespace and version is still available and not reused for a new package. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first. If the `package_type` belongs to a GitHub Packages registry that supports granular permissions, the authenticated user must have admin permissions to the package. For the list of these registries, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#granular-permissions-for-userorganization-scoped-packages)." OAuth app tokens and personal access tokens (classic) need the `read:packages` and `write:packages` scopes to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_restore_package_version_for_user(package_name, package_type, package_version_id, username)
Get the customization template for an OIDC subject claim for an organization
Gets the customization template for an OpenID Connect (OIDC) subject claim. OAuth app tokens and personal access tokens (classic) need the `read:org` scope to use this endpoint.
oidc_get_oidc_custom_sub_template_for_org(org) -> {include_claim_keys}
Delete an environment
OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_delete_an_environment(environment_name, owner, repo)
List deliveries for an app webhook
Returns a list of webhook deliveries for the webhook configured for a GitHub App. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_list_webhook_deliveries(cursor?, per_page?) -> [{}]
Get an environment
> [!NOTE] > To get information about name patterns that branches must match in order to deploy to this environment, see "[Get a deployment branch policy](/rest/deployments/branch-policies#get-a-deployment-branch-policy)." Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
repos_get_environment(environment_name, owner, repo) -> {created_at, deployment_branch_policy, html_url, id, ...}
Ping an organization webhook
This will trigger a [ping event](https://docs.github.com/webhooks/#ping-event) to be sent to the hook. You must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need `admin:org_hook` scope. OAuth apps cannot list, view, or edit webhooks that they did not create and users cannot list, view, or edit webhooks that were created by OAuth apps.
orgs_ping_webhook(hook_id, org)
List public organization members
Members of an organization can choose to have their membership publicized or not.
orgs_list_public_members(org, page?, per_page?) -> [{}]
Create a gist
Allows you to add a new gist with one or more files. > [!NOTE] > Don't name your files "gistfile" with a numerical suffix. This is the format of the automatic naming scheme that Gist uses internally.
gists_create(files, description?, public?) -> {comments, comments_enabled, comments_url, commits_url, ...}
List gists for the authenticated user
Lists the authenticated user's gists or if called anonymously, this endpoint returns all public gists:
gists_list(page?, per_page?, since?) -> [{}]
Get a code of conduct
Returns information about the specified GitHub code of conduct.
codes_of_conduct_get_conduct_code(key) -> {body, html_url, key, name, ...}
Attach an enterprise configuration to repositories
Attaches an enterprise code security configuration to repositories. If the repositories specified are already attached to a configuration, they will be re-attached to the provided configuration. If insufficient GHAS licenses are available to attach the configuration to a repository, only free features will be enabled. The authenticated user must be an administrator for the enterprise to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:enterprise` scope to use this endpoint.
code_security_attach_enterprise_configuration(configuration_id, enterprise, scope)
Get an item for an organization owned project
Get a specific item from an organization-owned project.
projects_get_org_item(item_id, org, project_number, fields?) -> {archived_at, content, content_type, created_at, ...}
List secret scanning alerts for an organization
Lists secret scanning alerts for eligible repositories in an organization, from newest to oldest. The authenticated user must be an administrator or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` or `security_events` scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the `public_repo` scope instead.
secret_scanning_list_alerts_for_org(org, after?, assignee?, before?, direction?, hide_secret?, is_multi_repo?, is_publicly_leaked?, page?, per_page?, resolution?, secret_type?, sort?, state?, validity?) -> [{}]
List public organization events
> [!NOTE] > This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.
activity_list_public_org_events(org, page?, per_page?) -> [{}]
List code scanning analyses for a repository
Lists the details of all code scanning analyses for a repository, starting with the most recent. The response is paginated and you can use the `page` and `per_page` parameters to list the analyses you're interested in. By default 30 analyses are listed per page. The `rules_count` field in the response give the number of rules that were run in the analysis. For very old analyses this data is not available, and `0` is returned in this field. > [!WARNING] > **Closing down notice:** The `tool_name` field is closing down and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_list_recent_analyses(owner, repo, direction?, page?, per_page?, pr?, ref?, sarif_id?, sort?, tool_guid?, tool_name?) -> [{}]
List packages for a user
Lists all packages in a user's namespace for which the requesting user has access. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_list_packages_for_user(package_type, username, page?, per_page?, visibility?) -> [{}]
Get a GitHub Pages site
Gets information about a GitHub Pages site. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_get_pages(owner, repo) -> {build_type, cname, custom_404, html_url, ...}
Mark a thread as read
Marks a thread as "read." Marking a thread as "read" is equivalent to clicking a notification in your notification inbox on GitHub: https://github.com/notifications.
activity_mark_thread_as_read(thread_id)
Render a Markdown document
Depending on what is rendered in the Markdown, you may need to provide additional token scopes for labels, such as `issues:read` or `pull_requests:read`.
markdown_render(text, context?, mode?)
Remove all organization roles for a user
Revokes all assigned organization roles from a user. For more information on organization roles, see "[Using organization roles](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)." The authenticated user must be an administrator for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_revoke_all_org_roles_user(org, username)
Assign an organization role to a team
Assigns an organization role to a team in an organization. For more information on organization roles, see "[Using organization roles](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)." The authenticated user must be an administrator for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_assign_team_to_org_role(org, role_id, team_slug)
Create a deployment
Deployments offer a few configurable parameters with certain defaults. The `ref` parameter can be any named branch, tag, or SHA. At GitHub we often deploy branches and verify them before we merge a pull request. The `environment` parameter allows deployments to be issued to different runtime environments. Teams often have multiple environments for verifying their applications, such as `production`, `staging`, and `qa`. This parameter makes it easier to track which environments have requested deployments. The default environment is `production`. The `auto_merge` parameter is used to ensure that the requested ref is not behind the repository's default branch. If the ref _is_ behind the default branch for the repository, we will attempt to merge it for you. If the merge succeeds, the API will return a successful merge commit. If merge conflicts prevent the merge from succeeding, the API will return a failure response. By default, [commit statuses](https://docs.github.com/rest/commits/statuses) for every submitted context must be in a `success` state. The `required_contexts` parameter allows you to specify a subset of contexts that must be `success`, or to specify contexts that have not yet been submitted. You are not required to use commit statuses to deploy. If you do not require any contexts or create any commit statuses, the deployment will always succeed. The `payload` parameter is available for any extra information that a deployment system might need. It is a JSON text field that will be passed on when a deployment event is dispatched. The `task` parameter is used by the deployment system to allow different execution paths. In the web world this might be `deploy:migrations` to run schema changes on the system. In the compiled world this could be a flag to compile an application with debugging enabled. Merged branch response: You will see this response when GitHub automatically merges the base branch into the topic branch instead of creating a deployment. This auto-merge happens when: * Auto-merge option is enabled in the repository * Topic branch does not include the latest changes on the base branch, which is `master` in the response example * There are no merge conflicts If there are no new commits in the base branch, a new request to create a deployment should give a successful response. Merge conflict response: This error happens when the `auto_merge` option is enabled and when the default branch (in this case `master`), can't be merged into the branch that's being deployed (in this case `topic-branch`), due to merge conflicts. Failed commit status checks: This error happens when the `required_contexts` parameter indicates that one or more contexts need to have a `success` status for the commit to be deployed, but one or more of the required contexts do not have a state of `success`. OAuth app tokens and personal access tokens (classic) need the `repo` or `repo_deployment` scope to use this endpoint.
repos_create_deployment(owner, ref, repo, auto_merge?, description?, environment?, payload?, production_environment?, required_contexts?, task?, transient_environment?) -> {created_at, creator, description, environment, ...}
Add item to organization owned project
Add an issue or pull request item to the specified organization owned project.
projects_add_item_for_org(org, project_number, type, id?, number?, owner?, repo?) -> {archived_at, content, content_type, created_at, ...}
Revoke a list of credentials
Submit a list of credentials to be revoked. This endpoint is intended to revoke credentials the caller does not own and may have found exposed on GitHub.com or elsewhere. It can also be used for credentials associated with an old user account that you no longer have access to. Credential owners will be notified of the revocation. This endpoint currently accepts the following credential types: - Personal access tokens (classic) - Fine-grained personal access tokens Revoked credentials may impact users on GitHub Free, Pro, & Team and GitHub Enterprise Cloud, and GitHub Enterprise Cloud with Enterprise Managed Users. GitHub cannot reactivate any credentials that have been revoked; new credentials will need to be generated. To prevent abuse, this API is limited to only 60 unauthenticated requests per hour and a max of 1000 tokens per API request. > [!NOTE] > Any authenticated requests will return a 403.
credentials_revoke(credentials)
Update a repository variable
Updates a repository variable that you can reference in a GitHub Actions workflow. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_update_repo_variable(name, owner, repo, name?, value?)
Remove outside collaborator from an organization
Removing a user from this list will remove them from all the organization's repositories.
orgs_remove_outside_collaborator(org, username)
Convert an organization member to outside collaborator
When an organization member is converted to an outside collaborator, they'll only have access to the repositories that their current team membership allows. The user will no longer be a member of the organization. For more information, see "[Converting an organization member to an outside collaborator](https://docs.github.com/articles/converting-an-organization-member-to-an-outside-collaborator/)". Converting an organization member to an outside collaborator may be restricted by enterprise administrators. For more information, see "[Enforcing repository management policies in your enterprise](https://docs.github.com/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)."
orgs_convert_member_to_outside_collaborator(org, username, async?)
List stargazers
Lists the people that have starred the repository. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.star+json`**: Includes a timestamp of when the star was created.
activity_list_stargazers_for_repo(owner, repo, page?, per_page?)
Delete an organization variable
Deletes an organization variable using the variable name. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth tokens and personal access tokens (classic) need the`admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_org_variable(name, org)
List repositories watched by the authenticated user
Lists repositories the authenticated user is watching.
activity_list_watched_repos_for_authenticated_user(page?, per_page?) -> [{}]
Add item to user owned project
Add an issue or pull request item to the specified user owned project.
projects_add_item_for_user(project_number, type, username, id?, number?, owner?, repo?) -> {archived_at, content, content_type, created_at, ...}
List team members
Team members will include the members of child teams. To list members in a team, the team must be visible to the authenticated user.
teams_list_members_in_org(org, team_slug, page?, per_page?, role?) -> [{}]
List events for the authenticated user
If you are authenticated as the given user, you will see your private events. Otherwise, you'll only see public events. _Optional_: use the fine-grained token with following permission set to view private events: "Events" user permissions (read). > [!NOTE] > This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.
activity_list_events_for_authenticated_user(username, page?, per_page?) -> [{}]
Get project for organization
Get a specific organization-owned project.
projects_get_for_org(org, project_number) -> {closed_at, created_at, creator, deleted_at, ...}
Delete a hosted compute network configuration from an organization
Deletes a hosted compute network configuration from an organization. OAuth app tokens and personal access tokens (classic) need the `write:network_configurations` scope to use this endpoint.
hosted_compute_delete_network_configuration_from_org(network_configuration_id, org)
Request reviewers for a pull request
Requests reviews for a pull request from a given set of users and/or teams. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)."
pulls_request_reviewers(owner, pull_number, repo, reviewers?, team_reviewers?) -> {title, id, locked, number, ...}
Get billing usage report for a user
Gets a report of the total usage for a user. **Note:** This endpoint is only available to users with access to the enhanced billing platform.
billing_get_github_billing_usage_report_user(username, day?, month?, year?)
List repositories for a user
Lists public repositories for the specified user.
repos_list_for_user(username, direction?, page?, per_page?, sort?, type?) -> [{}]
List global security advisories
Lists all global security advisories that match the specified parameters. If no other parameters are defined, the request will return only GitHub-reviewed advisories that are not malware. By default, all responses will exclude advisories for malware, because malware are not standard vulnerabilities. To list advisories for malware, you must include the `type` parameter in your request, with the value `malware`. For more information about the different types of security advisories, see "[About the GitHub Advisory database](https://docs.github.com/code-security/security-advisories/global-security-advisories/about-the-github-advisory-database#about-types-of-security-advisories)."
security_advisories_list_global_advisories(affects?, after?, before?, cve_id?, cwes?, direction?, ecosystem?, epss_percentage?, epss_percentile?, ghsa_id?, is_withdrawn?, modified?, per_page?, published?, severity?, sort?, type?, updated?) -> [{}]
Get an organization secret
Gets a single organization secret without revealing its encrypted value. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
dependabot_get_org_secret(org, secret_name) -> {created_at, name, selected_repositories_url, updated_at, ...}
Create reaction for a commit comment
Create a reaction to a [commit comment](https://docs.github.com/rest/commits/comments#get-a-commit-comment). A response with an HTTP `200` status means that you already added the reaction type to this commit comment.
reactions_create_for_commit_comment(comment_id, content, owner, repo) -> {content, created_at, id, node_id, ...}
List GPG keys for a user
Lists the GPG keys for a user. This information is accessible by anyone.
users_list_gpg_keys_for_user(username, page?, per_page?) -> [{}]
Check public organization membership for a user
Check if the provided user is a public member of the organization.
orgs_check_public_membership_for_user(org, username)
Create a CodeQL variant analysis
Creates a new CodeQL variant analysis, which will run a CodeQL query against one or more repositories. Get started by learning more about [running CodeQL queries at scale with Multi-Repository Variant Analysis](https://docs.github.com/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/running-codeql-queries-at-scale-with-multi-repository-variant-analysis). Use the `owner` and `repo` parameters in the URL to specify the controller repository that will be used for running GitHub Actions workflows and storing the results of the CodeQL variant analysis. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
code_scanning_create_variant_analysis(language, owner, query_pack, repo, repositories?, repository_lists?, repository_owners?) -> {actions_workflow_run_id, actor, completed_at, controller_repo, ...}
Get billing premium request usage report for an organization
Gets a report of premium request usage for an organization. To use this endpoint, you must be an administrator of an organization within an enterprise or an organization account. **Note:** Only data from the past 24 months is accessible via this endpoint.
billing_get_github_billing_premium_request_usage_report_org(org, day?, model?, month?, product?, user?, year?)
Add or update team membership for a user (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [Add or update team membership for a user](https://docs.github.com/rest/teams/members#add-or-update-team-membership-for-a-user) endpoint. Team synchronization is available for organizations using GitHub Enterprise Cloud. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. If the user is already a member of the team's organization, this endpoint will add the user to the team. To add a membership between an organization member and a team, the authenticated user must be an organization owner or a team maintainer. > [!NOTE] > When you have team synchronization set up for a team with your organization's identity provider (IdP), you will see an error if you attempt to use the API for making changes to the team's membership. If you have access to manage group membership in your IdP, you can manage GitHub team membership through your identity provider, which automatically adds and removes team members in an organization. For more information, see "[Synchronizing teams between your identity provider and GitHub](https://docs.github.com/articles/synchronizing-teams-between-your-identity-provider-and-github/)." If the user is unaffiliated with the team's organization, this endpoint will send an invitation to the user via email. This newly-created membership will be in the "pending" state until the user accepts the invitation, at which point the membership will transition to the "active" state and the user will be added as a member of the team. To add a membership between an unaffiliated user and a team, the authenticated user must be an organization owner. If the user is already a member of the team, this endpoint will update the role of the team member's role. To update the membership of a team member, the authenticated user must be an organization owner or a team maintainer.
teams_add_or_update_membership_for_user_legacy(team_id, username, role?) -> {role, state, url}
Set admin branch protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Adding admin enforcement requires admin or owner permissions to the repository and branch protection to be enabled.
repos_set_admin_branch_protection(branch, owner, repo) -> {enabled, url}
Get the weekly commit activity
Returns a weekly aggregate of the number of additions and deletions pushed to a repository. > [!NOTE] > This endpoint can only be used for repositories with fewer than 10,000 commits. If the repository contains 10,000 or more commits, a 422 status code will be returned.
repos_get_code_frequency_stats(owner, repo) -> [{}]
List commits on a pull request
Lists a maximum of 250 commits for a pull request. To receive a complete commit list for pull requests with more than 250 commits, use the [List commits](https://docs.github.com/rest/commits/commits#list-commits) endpoint. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_list_commits(owner, pull_number, repo, page?, per_page?) -> [{}]
Create or update custom property values for organization repositories
Create new or update existing custom property values for repositories in a batch that belong to an organization. Each target repository will have its custom property values updated to match the values provided in the request. A maximum of 30 repositories can be updated in a single request. Using a value of `null` for a custom property will remove or 'unset' the property value from the repository. To use this endpoint, the authenticated user must be one of: - An administrator for the organization. - A user, or a user on a team, with the fine-grained permission of `custom_properties_org_values_editor` in the organization.
orgs_custom_properties_for_repos_create_or_update_organization_values(org, properties, repository_names)
Remove team member (Legacy)
The "Remove team member" endpoint (described below) is closing down. We recommend using the [Remove team membership for a user](https://docs.github.com/rest/teams/members#remove-team-membership-for-a-user) endpoint instead. It allows you to remove both active and pending memberships. Team synchronization is available for organizations using GitHub Enterprise Cloud. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. To remove a team member, the authenticated user must have 'admin' permissions to the team or be an owner of the org that the team is associated with. Removing a team member does not delete the user, it just removes them from the team. > [!NOTE] > When you have team synchronization set up for a team with your organization's identity provider (IdP), you will see an error if you attempt to use the API for making changes to the team's membership. If you have access to manage group membership in your IdP, you can manage GitHub team membership through your identity provider, which automatically adds and removes team members in an organization. For more information, see "[Synchronizing teams between your identity provider and GitHub](https://docs.github.com/articles/synchronizing-teams-between-your-identity-provider-and-github/)."
teams_remove_member_legacy(team_id, username)
Get interaction restrictions for a repository
Shows which type of GitHub user can interact with this repository and when the restriction expires. If there are no restrictions, you will see an empty response.
interactions_get_restrictions_for_repo(owner, repo)
Set interaction restrictions for a repository
Temporarily restricts interactions to a certain type of GitHub user within the given repository. You must have owner or admin access to set these restrictions. If an interaction limit is set for the user or organization that owns this repository, you will receive a `409 Conflict` response and will not be able to use this endpoint to change the interaction limit for a single repository.
interactions_set_restrictions_for_repo(limit, owner, repo, expiry?) -> {expires_at, limit, origin}
List reactions for an issue comment
List the reactions to an [issue comment](https://docs.github.com/rest/issues/comments#get-an-issue-comment).
reactions_list_for_issue_comment(comment_id, owner, repo, content?, page?, per_page?) -> [{}]
Create reaction for an issue comment
Create a reaction to an [issue comment](https://docs.github.com/rest/issues/comments#get-an-issue-comment). A response with an HTTP `200` status means that you already added the reaction type to this issue comment.
reactions_create_for_issue_comment(comment_id, content, owner, repo) -> {content, created_at, id, node_id, ...}
Remove selected repository from an organization secret
Removes a repository from an organization secret when the `visibility` for repository access is set to `selected`. The visibility is set when you [Create or update an organization secret](https://docs.github.com/rest/dependabot/secrets#create-or-update-an-organization-secret). OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
dependabot_remove_selected_repo_from_org_secret(org, repository_id, secret_name)
Delete a gist comment
gists_delete_comment(comment_id, gist_id)
Download workflow run attempt logs
Gets a redirect URL to download an archive of log files for a specific workflow run attempt. This link expires after 1 minute. Look for `Location:` in the response header to find the URL for the download. Anyone with read access to the repository can use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_download_workflow_run_attempt_logs(attempt_number, owner, repo, run_id)
Delete a self-hosted runner from a repository
Forces the removal of a self-hosted runner from a repository. You can use this endpoint to completely remove the runner when the machine you were using no longer exists. Authenticated users must have admin access to the repository to use this endpoint. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_self_hosted_runner_from_repo(owner, repo, runner_id)
Update a gist comment
Updates a comment on a gist. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown. This is the default if you do not pass any specific media type. - **`application/vnd.github.base64+json`**: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
gists_update_comment(body, comment_id, gist_id) -> {author_association, body, created_at, id, ...}
List reactions for a pull request review comment
List the reactions to a [pull request review comment](https://docs.github.com/rest/pulls/comments#get-a-review-comment-for-a-pull-request).
reactions_list_for_pull_request_review_comment(comment_id, owner, repo, content?, page?, per_page?) -> [{}]
Download workflow run logs
Gets a redirect URL to download an archive of log files for a workflow run. This link expires after 1 minute. Look for `Location:` in the response header to find the URL for the download. Anyone with read access to the repository can use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_download_workflow_run_logs(owner, repo, run_id)
Create a reply for a review comment
Creates a reply to a review comment for a pull request. For the `comment_id`, provide the ID of the review comment you are replying to. This must be the ID of a _top-level review comment_, not a reply to that comment. Replies to replies are not supported. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_create_reply_for_review_comment(body, comment_id, owner, pull_number, repo) -> {_links, author_association, body, body_html, ...}
Delete a self-hosted runner group from an organization
Deletes a self-hosted runner group for an organization. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_delete_self_hosted_runner_group_from_org(org, runner_group_id)
List repositories accessible to the app installation
List repositories that an app installation can access.
apps_list_repos_accessible_to_installation(page?, per_page?) -> {repositories, repository_selection, total_count}
Delete social accounts for the authenticated user
Deletes one or more social accounts from the authenticated user's profile. OAuth app tokens and personal access tokens (classic) need the `user` scope to use this endpoint.
users_delete_social_account_for_authenticated_user(account_urls)
List plans
Lists all plans that are part of your GitHub Marketplace listing. GitHub Apps must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint. OAuth apps must use [basic authentication](https://docs.github.com/rest/authentication/authenticating-to-the-rest-api#using-basic-authentication) with their client ID and client secret to access this endpoint.
apps_list_plans(page?, per_page?) -> [{}]
Create a check suite
Creates a check suite manually. By default, check suites are automatically created when you create a [check run](https://docs.github.com/rest/checks/runs). You only need to use this endpoint for manually creating check suites when you've disabled automatic creation using "[Update repository preferences for check suites](https://docs.github.com/rest/checks/suites#update-repository-preferences-for-check-suites)". > [!NOTE] > The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty `pull_requests` array and a `null` value for `head_branch`. OAuth apps and personal access tokens (classic) cannot use this endpoint.
checks_create_suite(head_sha, owner, repo) -> {after, app, before, check_runs_url, ...}
Delete an image version of custom image from the organization
Delete an image version of custom image from the organization. OAuth tokens and personal access tokens (classic) need the `manage_runners:org` scope to use this endpoint.
actions_delete_custom_image_version_from_org(image_definition_id, org, version)
List users blocked by an organization
List the users blocked by an organization.
orgs_list_blocked_users(org, page?, per_page?) -> [{}]
Get rate limit status for the authenticated user
> [!NOTE] > Accessing this endpoint does not count against your REST API rate limit. Some categories of endpoints have custom rate limits that are separate from the rate limit governing the other REST API endpoints. For this reason, the API response categorizes your rate limit. Under `resources`, you'll see objects relating to different categories: * The `core` object provides your rate limit status for all non-search-related resources in the REST API. * The `search` object provides your rate limit status for the REST API for searching (excluding code searches). For more information, see "[Search](https://docs.github.com/rest/search/search)." * The `code_search` object provides your rate limit status for the REST API for searching code. For more information, see "[Search code](https://docs.github.com/rest/search/search#search-code)." * The `graphql` object provides your rate limit status for the GraphQL API. For more information, see "[Resource limitations](https://docs.github.com/graphql/overview/resource-limitations#rate-limit)." * The `integration_manifest` object provides your rate limit status for the `POST /app-manifests/{code}/conversions` operation. For more information, see "[Creating a GitHub App from a manifest](https://docs.github.com/apps/creating-github-apps/setting-up-a-github-app/creating-a-github-app-from-a-manifest#3-you-exchange-the-temporary-code-to-retrieve-the-app-configuration)." * The `dependency_snapshots` object provides your rate limit status for submitting snapshots to the dependency graph. For more information, see "[Dependency graph](https://docs.github.com/rest/dependency-graph)." * The `dependency_sbom` object provides your rate limit status for requesting SBOMs from the dependency graph. For more information, see "[Dependency graph](https://docs.github.com/rest/dependency-graph)." * The `code_scanning_upload` object provides your rate limit status for uploading SARIF results to code scanning. For more information, see "[Uploading a SARIF file to GitHub](https://docs.github.com/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github)." * The `actions_runner_registration` object provides your rate limit status for registering self-hosted runners in GitHub Actions. For more information, see "[Self-hosted runners](https://docs.github.com/rest/actions/self-hosted-runners)." * The `source_import` object is no longer in use for any API endpoints, and it will be removed in the next API version. For more information about API versions, see "[API Versions](https://docs.github.com/rest/about-the-rest-api/api-versions)." > [!NOTE] > The `rate` object is closing down. If you're writing new API client code or updating existing code, you should use the `core` object instead of the `rate` object. The `core` object contains the same information that is present in the `rate` object.
rate_limit_get() -> {rate, resources}
Remove organization assignments
Unassign an enterprise team from multiple organizations.
enterprise_team_organizations_bulk_remove(enterprise, enterprise-team, organization_slugs)
Get top referral sources
Get the top 10 referrers over the last 14 days.
repos_get_top_referrers(owner, repo) -> [{}]
Create artifact metadata storage record
Create metadata storage records for artifacts associated with an organization. This endpoint will create a new artifact storage record on behalf of any artifact matching the provided digest and associated with a repository owned by the organization.
orgs_create_artifact_storage_record(digest, name, org, registry_url, artifact_url?, github_repository?, path?, repository?, status?, version?) -> {storage_records, total_count}
Get all custom property values for a repository
Gets all custom property values that are set for a repository. Users with read access to the repository can use this endpoint.
repos_custom_properties_for_repos_get_repository_values(owner, repo) -> [{}]
Get a release
Gets a public release with the specified release ID. > [!NOTE] > This returns an `upload_url` key corresponding to the endpoint for uploading release assets. This key is a hypermedia resource. For more information, see "[Getting started with the REST API](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#hypermedia)."
repos_get_release(owner, release_id, repo) -> {assets, assets_url, author, body, ...}
Delete a release
Users with push access to the repository can delete a release.
repos_delete_release(owner, release_id, repo)
Get all API versions
Get all supported GitHub API versions.
meta_get_all_versions() -> [{}]
List attestations
List a collection of artifact attestations with a given subject digest that are associated with a repository. The authenticated user making the request must have read access to the repository. In addition, when using a fine-grained access token the `attestations:read` permission is required. **Please note:** in order to offer meaningful security benefits, an attestation's signature and timestamps **must** be cryptographically verified, and the identity of the attestation signer **must** be validated. Attestations can be verified using the [GitHub CLI `attestation verify` command](https://cli.github.com/manual/gh_attestation_verify). For more information, see [our guide on how to use artifact attestations to establish a build's provenance](https://docs.github.com/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds).
repos_list_attestations(owner, repo, subject_digest, after?, before?, per_page?, predicate_type?) -> {attestations}
Add app access restrictions
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Grants the specified apps push access for this branch. Only GitHub Apps that are installed on the repository and that have been granted write access to the repository contents can be added as authorized actors on a protected branch.
repos_add_app_access_restrictions(apps, branch, owner, repo) -> [{}]
Check if a user is a repository collaborator
For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. Team members will include the members of child teams. The authenticated user must have push access to the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.
repos_check_collaborator(owner, repo, username)
Start an organization migration
Initiates the generation of a migration archive.
migrations_start_for_org(org, repositories, exclude?, exclude_attachments?, exclude_git_data?, exclude_metadata?, exclude_owner_projects?, exclude_releases?, lock_repositories?, org_metadata_only?) -> {archive_url, created_at, exclude, exclude_attachments, ...}
Submit a review for a pull request
Submits a pending review for a pull request. For more information about creating a pending review for a pull request, see "[Create a review for a pull request](https://docs.github.com/rest/pulls/reviews#create-a-review-for-a-pull-request)." This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_submit_review(event, owner, pull_number, repo, review_id, body?) -> {_links, author_association, body, body_html, ...}
Render a Markdown document in raw mode
You must send Markdown as plain text (using a `Content-Type` header of `text/plain` or `text/x-markdown`) to this endpoint, rather than using JSON format. In raw mode, [GitHub Flavored Markdown](https://github.github.com/gfm/) is not supported and Markdown will be rendered in plain format like a README.md file. Markdown content must be 400 KB or less.
markdown_render_raw()
Get a self-hosted runner for an organization
Gets a specific self-hosted runner configured in an organization. Authenticated users must have admin access to the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_get_self_hosted_runner_for_org(org, runner_id) -> {busy, ephemeral, id, labels, ...}
Delete an artifact
Deletes an artifact for a workflow run. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_artifact(artifact_id, owner, repo)
Create or update an organization secret
Creates or updates an organization secret with an encrypted value. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)." Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth tokens and personal access tokens (classic) need the`admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_create_or_update_org_secret(encrypted_value, key_id, org, secret_name, visibility, selected_repository_ids?) -> {}
Remove an organization role from a team
Removes an organization role from a team. For more information on organization roles, see "[Using organization roles](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)." The authenticated user must be an administrator for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_revoke_org_role_team(org, role_id, team_slug)
Mark a thread as done
Marks a thread as "done." Marking a thread as "done" is equivalent to marking a notification in your notification inbox on GitHub as done: https://github.com/notifications.
activity_mark_thread_as_done(thread_id)
List teams that are assigned to an organization role
Lists the teams that are assigned to an organization role. For more information on organization roles, see "[Using organization roles](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)." To use this endpoint, you must be an administrator for the organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_list_org_role_teams(org, role_id, page?, per_page?) -> [{}]
List Dependabot alerts for a repository
OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the `public_repo` scope instead.
dependabot_list_alerts_for_repo(owner, repo, after?, before?, direction?, ecosystem?, epss_percentage?, has?, manifest?, package?, per_page?, scope?, severity?, sort?, state?) -> [{}]
Create a repository from an unpublished codespace
Publishes an unpublished codespace, creating a new repository and assigning it to the codespace. The codespace's token is granted write permissions to the repository, allowing the user to push their changes. This will fail for a codespace that is already published, meaning it has an associated repository. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_publish_for_authenticated_user(codespace_name, name?, private?) -> {billable_owner, created_at, devcontainer_path, display_name, ...}
List repositories for the authenticated user
Lists repositories that the authenticated user has explicit permission (`:read`, `:write`, or `:admin`) to access. The authenticated user has explicit permission to access repositories they own, repositories where they are a collaborator, and repositories that they can access through an organization membership.
repos_list_for_authenticated_user(affiliation?, before?, direction?, page?, per_page?, since?, sort?, type?, visibility?) -> [{}]
List jobs for a workflow run
Lists jobs for a workflow run. You can use parameters to narrow the list of results. For more information about using parameters, see [Parameters](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#parameters). Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
actions_list_jobs_for_workflow_run(owner, repo, run_id, filter?, page?, per_page?) -> {jobs, total_count}
Rerequest a check run
Triggers GitHub to rerequest an existing check run, without pushing new code to a repository. This endpoint will trigger the [`check_run` webhook](https://docs.github.com/webhooks/event-payloads/#check_run) event with the action `rerequested`. When a check run is `rerequested`, the `status` of the check suite it belongs to is reset to `queued` and the `conclusion` is cleared. The check run itself is not updated. GitHub apps recieving the [`check_run` webhook](https://docs.github.com/webhooks/event-payloads/#check_run) with the `rerequested` action should then decide if the check run should be reset or updated and call the [update `check_run` endpoint](https://docs.github.com/rest/checks/runs#update-a-check-run) to update the check_run if desired. For more information about how to re-run GitHub Actions jobs, see "[Re-run a job from a workflow run](https://docs.github.com/rest/actions/workflow-runs#re-run-a-job-from-a-workflow-run)".
checks_rerequest_run(check_run_id, owner, repo) -> {}
Test the push repository webhook
This will trigger the hook with the latest push to the current repository if the hook is subscribed to `push` events. If the hook is not subscribed to `push` events, the server will respond with 204 but no test POST will be generated. > [!NOTE] > Previously `/repos/:owner/:repo/hooks/:hook_id/test`
repos_test_push_webhook(hook_id, owner, repo)
Compare two commits
Compares two commits against one another. You can compare refs (branches or tags) and commit SHAs in the same repository, or you can compare refs and commit SHAs that exist in different repositories within the same repository network, including fork branches. For more information about how to view a repository's network, see "[Understanding connections between repositories](https://docs.github.com/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories)." This endpoint is equivalent to running the `git log BASE..HEAD` command, but it returns commits in a different order. The `git log BASE..HEAD` command returns commits in reverse chronological order, whereas the API returns commits in chronological order. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.diff`**: Returns the diff of the commit. - **`application/vnd.github.patch`**: Returns the patch of the commit. Diffs with binary data will have no `patch` property. The API response includes details about the files that were changed between the two commits. This includes the status of the change (if a file was added, removed, modified, or renamed), and details of the change itself. For example, files with a `renamed` status have a `previous_filename` field showing the previous filename of the file, and files with a `modified` status have a `patch` field showing the changes made to the file. When calling this endpoint without any paging parameter (`per_page` or `page`), the returned list is limited to 250 commits, and the last commit in the list is the most recent of the entire comparison. **Working with large comparisons** To process a response with a large number of commits, use a query parameter (`per_page` or `page`) to paginate the results. When using pagination: - The list of changed files is only shown on the first page of results, and it includes up to 300 changed files for the entire comparison. - The results are returned in chronological order, but the last commit in the returned list may not be the most recent one in the entire set if there are more pages of results. For more information on working with pagination, see "[Using pagination in the REST API](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api)." **Signature verification object** The response will include a `verification` object that describes the result of verifying the commit's signature. The `verification` object includes the following fields: | Name | Type | Description | | ---- | ---- | ----------- | | `verified` | `boolean` | Indicates whether GitHub considers the signature in this commit to be verified. | | `reason` | `string` | The reason for verified value. Possible values and their meanings are enumerated in table below. | | `signature` | `string` | The signature that was extracted from the commit. | | `payload` | `string` | The value that was signed. | | `verified_at` | `string` | The date the signature was verified by GitHub. | These are the possible values for `reason` in the `verification` object: | Value | Description | | ----- | ----------- | | `expired_key` | The key that made the signature is expired. | | `not_signing_key` | The "signing" flag is not among the usage flags in the GPG key that made the signature. | | `gpgverify_error` | There was an error communicating with the signature verification service. | | `gpgverify_unavailable` | The signature verification service is currently unavailable. | | `unsigned` | The object does not include a signature. | | `unknown_signature_type` | A non-PGP signature was found in the commit. | | `no_user` | No user was associated with the `committer` email address in the commit. | | `unverified_email` | The `committer` email address in the commit was associated with a user, but the email address is not verified on their account. | | `bad_email` | The `committer` email address in the commit is not included in the identities of the PGP key that made the signature. | | `unknown_key` | The key that made the signature has not been registered with any user's account. | | `malformed_signature` | There was an error parsing the signature. | | `invalid` | The signature could not be cryptographically verified using the key whose key-id was found in the signature. | | `valid` | None of the above errors applied, so the signature is considered to be verified. |
repos_compare_commits(basehead, owner, repo, page?, per_page?) -> {ahead_by, base_commit, behind_by, commits, ...}
Cancel an import
Stop an import for a repository. > [!WARNING] > **Endpoint closing down notice:** Due to very low levels of usage and available alternatives, this endpoint is closing down and will no longer be available from 00:00 UTC on April 12, 2024. For more details and alternatives, see the [changelog](https://gh.io/source-imports-api-deprecation).
migrations_cancel_import(owner, repo)
Remove a label from an issue
Removes the specified label from the issue, and returns the remaining labels on the issue. This endpoint returns a `404 Not Found` status if the label does not exist.
issues_remove_label(issue_number, name, owner, repo) -> [{}]
Get code security configurations for an organization
Lists all code security configurations available in an organization. The authenticated user must be an administrator or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `read:org` scope to use this endpoint.
code_security_get_configurations_for_org(org, after?, before?, per_page?, target_type?) -> [{}]
Enable vulnerability alerts
Enables dependency alerts and the dependency graph for a repository. The authenticated user must have admin access to the repository. For more information, see "[About security alerts for vulnerable dependencies](https://docs.github.com/articles/about-security-alerts-for-vulnerable-dependencies)".
repos_enable_vulnerability_alerts(owner, repo)
List public events received by a user
> [!NOTE] > This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.
activity_list_received_public_events_for_user(username, page?, per_page?) -> [{}]
List issue comments for a repository
You can use the REST API to list comments on issues and pull requests for a repository. Every pull request is an issue, but not every issue is a pull request. By default, issue comments are ordered by ascending ID. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_list_comments_for_repo(owner, repo, direction?, page?, per_page?, since?, sort?) -> [{}]
Create a repository ruleset
Create a ruleset for a repository.
repos_create_repo_ruleset(enforcement, name, owner, repo, bypass_actors?, conditions?, rules?, target?) -> {_links, bypass_actors, conditions, created_at, ...}
Remove status check contexts
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation.
repos_remove_status_check_contexts(branch, owner, repo) -> [{}]
Update a code scanning default setup configuration
Updates a code scanning default setup configuration. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_update_default_setup(owner, repo, languages?, query_suite?, runner_label?, runner_type?, state?, threat_model?) -> {}
Create a deployment status
Users with `push` access can create deployment statuses for a given deployment. OAuth app tokens and personal access tokens (classic) need the `repo_deployment` scope to use this endpoint.
repos_create_deployment_status(deployment_id, owner, repo, state, auto_inactive?, description?, environment?, environment_url?, log_url?, target_url?) -> {created_at, creator, deployment_url, description, ...}
Set a code security configuration as a default for an enterprise
Sets a code security configuration as a default to be applied to new repositories in your enterprise. This configuration will be applied by default to the matching repository type when created, but only for organizations within the enterprise that do not already have a default code security configuration set. The authenticated user must be an administrator for the enterprise to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:enterprise` scope to use this endpoint.
code_security_set_configuration_as_default_for_enterprise(configuration_id, enterprise, default_for_new_repos?) -> {configuration, default_for_new_repos}
Update a webhook configuration for an app
Updates the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see "[Creating a GitHub App](/developers/apps/creating-a-github-app)." You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_update_webhook_config_for_app(content_type?, insecure_ssl?, secret?, url?) -> {content_type, insecure_ssl, secret, url}
Enable a selected repository for immutable releases in an organization
Adds a repository to the list of selected repositories that are enforced for immutable releases in an organization. To use this endpoint, the organization immutable releases policy for `enforced_repositories` must be configured to `selected`. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_enable_selected_repository_immutable_releases_organization(org, repository_id)
Get an organization role
Gets an organization role that is available to this organization. For more information on organization roles, see "[Using organization roles](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)." To use this endpoint, the authenticated user must be one of: - An administrator for the organization. - A user, or a user on a team, with the fine-grained permissions of `read_organization_custom_org_role` in the organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_get_org_role(org, role_id) -> {base_role, created_at, description, id, ...}
List repositories with GitHub Actions cache usage for an organization
Lists repositories and their GitHub Actions cache usage for an organization. The data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated. OAuth tokens and personal access tokens (classic) need the `read:org` scope to use this endpoint.
actions_get_actions_cache_usage_by_repo_for_org(org, page?, per_page?) -> {repository_cache_usages, total_count}
Add organization assignments
Assign an enterprise team to multiple organizations.
enterprise_team_organizations_bulk_add(enterprise, enterprise-team, organization_slugs) -> [{}]
Add selected repository to an organization secret
Adds a repository to an organization development environment secret when the `visibility` for repository access is set to `selected`. The visibility is set when you [Create or update an organization secret](https://docs.github.com/rest/codespaces/organization-secrets#create-or-update-an-organization-secret). OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_add_selected_repo_to_org_secret(org, repository_id, secret_name)
List pending team invitations
The return hash contains a `role` field which refers to the Organization Invitation role and will be one of the following values: `direct_member`, `admin`, `billing_manager`, `hiring_manager`, or `reinstate`. If the invitee is not a GitHub member, the `login` field in the return hash will be `null`. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `GET /organizations/{org_id}/team/{team_id}/invitations`.
teams_list_pending_invitations_in_org(org, team_slug, page?, per_page?) -> [{}]
Update a commit comment
Updates the contents of a specified commit comment. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
repos_update_commit_comment(body, comment_id, owner, repo) -> {author_association, body, commit_id, created_at, ...}
Delete a commit comment
repos_delete_commit_comment(comment_id, owner, repo)
Add selected repository to an organization variable
Adds a repository to an organization variable that is available to selected repositories. Organization variables that are available to selected repositories have their `visibility` field set to `selected`. Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_add_selected_repo_to_org_variable(name, org, repository_id)
List self-hosted runners for a repository
Lists all self-hosted runners configured in a repository. Authenticated users must have admin access to the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_list_self_hosted_runners_for_repo(owner, repo, name?, page?, per_page?) -> {runners, total_count}
Create a review comment for a pull request
Creates a review comment on the diff of a specified pull request. To add a regular comment to a pull request timeline, see "[Create an issue comment](https://docs.github.com/rest/issues/comments#create-an-issue-comment)." If your comment applies to more than one line in the pull request diff, you should use the parameters `line`, `side`, and optionally `start_line` and `start_side` in your request. The `position` parameter is closing down. If you use `position`, the `line`, `side`, `start_line`, and `start_side` parameters are not required. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_create_review_comment(body, commit_id, owner, path, pull_number, repo, in_reply_to?, line?, position?, side?, start_line?, start_side?, subject_type?) -> {_links, author_association, body, body_html, ...}
Get a global security advisory
Gets a global security advisory using its GitHub Security Advisory (GHSA) identifier.
security_advisories_get_global_advisory(ghsa_id) -> {credits, cve_id, cvss, cvss_severities, ...}
Delete a review comment for a pull request
Deletes a review comment.
pulls_delete_review_comment(comment_id, owner, repo)
List public keys for a user
Lists the _verified_ public SSH keys for a user. This is accessible by anyone.
users_list_public_keys_for_user(username, page?, per_page?) -> [{}]
Remove interaction restrictions for a repository
Removes all interaction restrictions from the given repository. You must have owner or admin access to remove restrictions. If the interaction limit is set for the user or organization that owns this repository, you will receive a `409 Conflict` response and will not be able to use this endpoint to change the interaction limit for a single repository.
interactions_remove_restrictions_for_repo(owner, repo)
Create a scoped access token
Use a non-scoped user access token to create a repository-scoped and/or permission-scoped user access token. You can specify which repositories the token can access and which permissions are granted to the token. Invalid tokens will return `404 NOT FOUND`.
apps_scope_token(access_token, client_id, permissions?, repositories?, repository_ids?, target?, target_id?) -> {app, created_at, expires_at, fingerprint, ...}
List issue events for a repository
Lists events for a repository.
issues_list_events_for_repo(owner, repo, page?, per_page?) -> [{}]
Create an autolink reference for a repository
Users with admin access to the repository can create an autolink.
repos_create_autolink(key_prefix, owner, repo, url_template, is_alphanumeric?) -> {id, is_alphanumeric, key_prefix, updated_at, ...}
Get a repository security advisory
Get a repository security advisory using its GitHub Security Advisory (GHSA) identifier. Anyone can access any published security advisory on a public repository. The authenticated user can access an unpublished security advisory from a repository if they are a security manager or administrator of that repository, or if they are a collaborator on the security advisory. OAuth app tokens and personal access tokens (classic) need the `repo` or `repository_advisories:read` scope to to get a published security advisory in a private repository, or any unpublished security advisory that the authenticated user has access to.
security_advisories_get_repository_advisory(ghsa_id, owner, repo) -> {author, closed_at, collaborating_teams, collaborating_users, ...}
Get a user installation for the authenticated app
Enables an authenticated GitHub App to find the user’s installation information. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_get_user_installation(username) -> {access_tokens_url, account, app_id, app_slug, ...}
List repository secrets
Lists all secrets available in a repository without revealing their encrypted values. Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_list_repo_secrets(owner, repo, page?, per_page?) -> {secrets, total_count}
List GPG keys for the authenticated user
Lists the current user's GPG keys. OAuth app tokens and personal access tokens (classic) need the `read:gpg_key` scope to use this endpoint.
users_list_gpg_keys_for_authenticated_user(page?, per_page?) -> [{}]
Get billing usage summary for a user
> [!NOTE] > This endpoint is in public preview and is subject to change. Gets a summary report of usage for a user. **Note:** Only data from the past 24 months is accessible via this endpoint.
billing_get_github_billing_usage_summary_report_user(username, day?, month?, product?, repository?, sku?, year?)
Delete an enterprise team
To delete an enterprise team, the authenticated user must be an enterprise owner. If you are an enterprise owner, deleting an enterprise team will delete all of its IdP mappings as well.
enterprise_teams_delete(enterprise, team_slug)
Unstar a gist
gists_unstar(gist_id)
Star a gist
Note that you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see "[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method)."
gists_star(gist_id)
Check if a gist is starred
gists_check_is_starred(gist_id)
Update an enterprise team
To edit a team, the authenticated user must be an enterprise owner.
enterprise_teams_update(enterprise, team_slug, description?, group_id?, name?, organization_selection_type?, sync_to_organizations?) -> {created_at, description, group_id, group_name, ...}
Get emojis
Lists all the emojis available to use on GitHub.
emojis_get() -> {}
List repositories accessible to the user access token
List repositories that the authenticated user has explicit permission (`:read`, `:write`, or `:admin`) to access for an installation. The authenticated user has explicit permission to access repositories they own, repositories where they are a collaborator, and repositories that they can access through an organization membership. The access the user has to each repository is included in the hash under the `permissions` key.
apps_list_installation_repos_for_authenticated_user(installation_id, page?, per_page?) -> {repositories, repository_selection, total_count}
List all Copilot seat assignments for an organization
> [!NOTE] > This endpoint is in public preview and is subject to change. Lists all Copilot seats for which an organization with a Copilot Business or Copilot Enterprise subscription is currently being billed. Only organization owners can view assigned seats. Each seat object contains information about the assigned user's most recent Copilot activity. Users must have telemetry enabled in their IDE for Copilot in the IDE activity to be reflected in `last_activity_at`. For more information about activity data, see [Metrics data properties for GitHub Copilot](https://docs.github.com/copilot/reference/metrics-data). OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:org` scopes to use this endpoint.
copilot_list_copilot_seats(org, page?, per_page?) -> {seats, total_seats}
Get information about a SARIF upload
Gets information about a SARIF upload, including the status and the URL of the analysis that was uploaded so that you can retrieve details of the analysis. For more information, see "[Get a code scanning analysis for a repository](/rest/code-scanning/code-scanning#get-a-code-scanning-analysis-for-a-repository)." OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_get_sarif(owner, repo, sarif_id) -> {analyses_url, errors, processing_status}
Add or update team repository permissions (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new "[Add or update team repository permissions](https://docs.github.com/rest/teams/teams#add-or-update-team-repository-permissions)" endpoint. To add a repository to a team or update the team's permission on a repository, the authenticated user must have admin access to the repository, and must be able to see the team. The repository must be owned by the organization, or a direct fork of a repository owned by the organization. You will get a `422 Unprocessable Entity` status if you attempt to add a repository to a team that is not owned by the organization. Note that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see "[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method)."
teams_add_or_update_repo_permissions_legacy(owner, repo, team_id, permission?)
Delete an organization repository ruleset
Delete a ruleset for an organization.
repos_delete_org_ruleset(org, ruleset_id)
Get an organization repository ruleset
Get a repository ruleset for an organization. **Note:** To prevent leaking sensitive information, the `bypass_actors` property is only returned if the user making the API request has write access to the ruleset.
repos_get_org_ruleset(org, ruleset_id) -> {_links, bypass_actors, conditions, created_at, ...}
Get a gist
Gets a specified gist. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown. This is the default if you do not pass any specific media type. - **`application/vnd.github.base64+json`**: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
gists_get(gist_id) -> {comments, comments_enabled, comments_url, commits_url, ...}
Get an issue comment
You can use the REST API to get comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_get_comment(comment_id, owner, repo) -> {author_association, body, body_html, body_text, ...}
List review comments in a repository
Lists review comments for all pull requests in a repository. By default, review comments are in ascending order by ID. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_list_review_comments_for_repo(owner, repo, direction?, page?, per_page?, since?, sort?) -> [{}]
Get a deployment branch policy
Gets a deployment branch or tag policy for an environment. Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
repos_get_deployment_branch_policy(branch_policy_id, environment_name, owner, repo) -> {id, name, node_id, type}
Delete an installation for the authenticated app
Uninstalls a GitHub App on a user, organization, or enterprise account. If you prefer to temporarily suspend an app's access to your account's resources, then we recommend the "[Suspend an app installation](https://docs.github.com/rest/apps/apps#suspend-an-app-installation)" endpoint. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_delete_installation(installation_id)
Create a GitHub Pages deployment
Create a GitHub Pages deployment for a repository. The authenticated user must have write permission to the repository.
repos_create_pages_deployment(oidc_token, owner, pages_build_version, repo, artifact_id?, artifact_url?, environment?) -> {id, page_url, preview_url, status_url}
Get the last year of commit activity
Returns the last year of commit activity grouped by week. The `days` array is a group of commits per day, starting on `Sunday`.
repos_get_commit_activity_stats(owner, repo) -> [{}]
Get an installation for the authenticated app
Enables an authenticated GitHub App to find an installation's information using the installation id. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_get_installation(installation_id) -> {access_tokens_url, account, app_id, app_slug, ...}
Create a remove token for a repository
Returns a token that you can pass to the `config` script to remove a self-hosted runner from an repository. The token expires after one hour. For example, you can replace `TOKEN` in the following example with the registration token provided by this endpoint to remove your self-hosted runner from an organization: ``` ./config.sh remove --token TOKEN ``` Authenticated users must have admin access to the repository to use this endpoint. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_create_remove_token_for_repo(owner, repo) -> {expires_at, permissions, repositories, repository_selection, ...}
Remove a security manager team
> [!WARNING] > **Closing down notice:** This operation is closing down and will be removed starting January 1, 2026. Please use the "[Organization Roles](https://docs.github.com/rest/orgs/organization-roles)" endpoints instead.
orgs_remove_security_manager_team(org, team_slug)
Update a hosted compute network configuration for an organization
Updates a hosted compute network configuration for an organization. OAuth app tokens and personal access tokens (classic) need the `write:network_configurations` scope to use this endpoint.
hosted_compute_update_network_configuration_for_org(network_configuration_id, org, compute_service?, name?, network_settings_ids?) -> {compute_service, created_on, id, name, ...}
Set self-hosted runners settings for an organization
Sets the settings for self-hosted runners for an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope or the "Actions policies" fine-grained permission to use this endpoint.
actions_set_self_hosted_runners_permissions_organization(enabled_repositories, org)
Add a security manager team
> [!WARNING] > **Closing down notice:** This operation is closing down and will be removed starting January 1, 2026. Please use the "[Organization Roles](https://docs.github.com/rest/orgs/organization-roles)" endpoints instead.
orgs_add_security_manager_team(org, team_slug)
Delete a commit comment reaction
> [!NOTE] > You can also specify a repository by `repository_id` using the route `DELETE /repositories/:repository_id/comments/:comment_id/reactions/:reaction_id`. Delete a reaction to a [commit comment](https://docs.github.com/rest/commits/comments#get-a-commit-comment).
reactions_delete_for_commit_comment(comment_id, owner, reaction_id, repo)
Create a repository for the authenticated user
Creates a new repository for the authenticated user. OAuth app tokens and personal access tokens (classic) need the `public_repo` or `repo` scope to create a public repository, and `repo` scope to create a private repository.
repos_create_for_authenticated_user(name, allow_auto_merge?, allow_merge_commit?, allow_rebase_merge?, allow_squash_merge?, auto_init?, delete_branch_on_merge?, description?, gitignore_template?, has_discussions?, has_downloads?, has_issues?, has_projects?, has_wiki?, homepage?, is_template?, license_template?, merge_commit_message?, merge_commit_title?, private?, squash_merge_commit_message?, squash_merge_commit_title?, team_id?) -> {labels_url, keys_url, fork, owner, ...}
Set fork PR contributor approval permissions for an organization
Sets the fork PR contributor approval policy for an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_set_fork_pr_contributor_approval_permissions_organization(approval_policy, org)
List team repositories (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [List team repositories](https://docs.github.com/rest/teams/teams#list-team-repositories) endpoint.
teams_list_repos_legacy(team_id, page?, per_page?) -> [{}]
Cancel an organization invitation
Cancel an organization invitation. In order to cancel an organization invitation, the authenticated user must be an organization owner. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications).
orgs_cancel_invitation(invitation_id, org)
Set default workflow permissions for an organization
Sets the default workflow permissions granted to the `GITHUB_TOKEN` when running workflows in an organization, and sets if GitHub Actions can submit approving pull request reviews. For more information, see "[Setting the permissions of the GITHUB_TOKEN for your organization](https://docs.github.com/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization)." OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_set_github_actions_default_workflow_permissions_organization(org, can_approve_pull_request_reviews?, default_workflow_permissions?)
Remove a repository collaborator
Removes a collaborator from a repository. To use this endpoint, the authenticated user must either be an administrator of the repository or target themselves for removal. This endpoint also: - Cancels any outstanding invitations sent by the collaborator - Unassigns the user from any issues - Removes access to organization projects if the user is not an organization member and is not a collaborator on any other organization repositories. - Unstars the repository - Updates access permissions to packages Removing a user as a collaborator has the following effects on forks: - If the user had access to a fork through their membership to this repository, the user will also be removed from the fork. - If the user had their own fork of the repository, the fork will be deleted. - If the user still has read access to the repository, open pull requests by this user from a fork will be denied. > [!NOTE] > A user can still have access to the repository through organization permissions like base repository permissions. Although the API responds immediately, the additional permission updates might take some extra time to complete in the background. For more information on fork permissions, see "[About permissions and visibility of forks](https://docs.github.com/pull-requests/collaborating-with-pull-requests/working-with-forks/about-permissions-and-visibility-of-forks)".
repos_remove_collaborator(owner, repo, username)
Get all codes of conduct
Returns array of all GitHub's codes of conduct.
codes_of_conduct_get_all_codes_of_conduct() -> [{}]
Delete a milestone
Deletes a milestone using the given milestone number.
issues_delete_milestone(milestone_number, owner, repo)
Update a milestone
issues_update_milestone(milestone_number, owner, repo, description?, due_on?, state?, title?) -> {closed_at, closed_issues, created_at, creator, ...}
Get a milestone
Gets a milestone using the given milestone number.
issues_get_milestone(milestone_number, owner, repo) -> {closed_at, closed_issues, created_at, creator, ...}
Add selected repository to an organization secret
Adds a repository to an organization secret when the `visibility` for repository access is set to `selected`. The visibility is set when you [Create or update an organization secret](https://docs.github.com/rest/dependabot/secrets#create-or-update-an-organization-secret). OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
dependabot_add_selected_repo_to_org_secret(org, repository_id, secret_name)
Get a CodeQL database for a repository
Gets a CodeQL database for a language in a repository. By default this endpoint returns JSON metadata about the CodeQL database. To download the CodeQL database binary content, set the `Accept` header of the request to [`application/zip`](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types), and make sure your HTTP client is configured to follow redirects or use the `Location` header to make a second request to get the redirect URL. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_get_codeql_database(language, owner, repo) -> {commit_oid, content_type, created_at, id, ...}
Get all organization roles for an organization
Lists the organization roles available in this organization. For more information on organization roles, see "[Using organization roles](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)." To use this endpoint, the authenticated user must be one of: - An administrator for the organization. - A user, or a user on a team, with the fine-grained permissions of `read_organization_custom_org_role` in the organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_list_org_roles(org) -> {roles, total_count}
Delete a CodeQL database
Deletes a CodeQL database for a language in a repository. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_delete_codeql_database(language, owner, repo)
Get a user
Provides publicly available information about someone with a GitHub account. If you are requesting information about an [Enterprise Managed User](https://docs.github.com/enterprise-cloud@latest/admin/managing-iam/understanding-iam-for-enterprises/about-enterprise-managed-users), or a GitHub App bot that is installed in an organization that uses Enterprise Managed Users, your requests must be authenticated as a user or GitHub App that has access to the organization to view that account's information. If you are not authorized, the request will return a `404 Not Found` status. The `email` key in the following response is the publicly visible email address from your GitHub [profile page](https://github.com/settings/profile). When setting up your profile, you can select a primary email address to be public which provides an email entry for this endpoint. If you do not set a public email address for `email`, then it will have a value of `null`. You only see publicly visible email addresses when authenticated with GitHub. For more information, see [Authentication](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#authentication). The Emails API enables you to list all of your email addresses, and toggle a primary email to be visible publicly. For more information, see [Emails API](https://docs.github.com/rest/users/emails).
users_get_by_username(username)
Create a code security configuration for an enterprise
Creates a code security configuration in an enterprise. The authenticated user must be an administrator of the enterprise in order to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:enterprise` scope to use this endpoint.
code_security_create_configuration_for_enterprise(description, enterprise, name, advanced_security?, code_scanning_default_setup?, code_scanning_default_setup_options?, code_scanning_delegated_alert_dismissal?, code_scanning_options?, code_security?, dependabot_alerts?, dependabot_security_updates?, dependency_graph?, dependency_graph_autosubmit_action?, dependency_graph_autosubmit_action_options?, enforcement?, private_vulnerability_reporting?, secret_protection?, secret_scanning?, secret_scanning_delegated_alert_dismissal?, secret_scanning_generic_secrets?, secret_scanning_non_provider_patterns?, secret_scanning_push_protection?, secret_scanning_validity_checks?) -> {advanced_security, code_scanning_default_setup, code_scanning_default_setup_options, code_scanning_delegated_alert_dismissal, ...}
List child teams (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [`List child teams`](https://docs.github.com/rest/teams/teams#list-child-teams) endpoint.
teams_list_child_legacy(team_id, page?, per_page?) -> [{}]
List package versions for a package owned by an organization
Lists package versions for a package owned by an organization. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_get_all_package_versions_for_package_owned_by_org(org, package_name, package_type, page?, per_page?, state?) -> [{}]
Check if a user can be assigned
Checks if a user has permission to be assigned to an issue in this repository. If the `assignee` can be assigned to issues in the repository, a `204` header with no content is returned. Otherwise a `404` status code is returned.
issues_check_user_can_be_assigned(assignee, owner, repo)
List accounts for a plan (stubbed)
Returns repository and organization accounts associated with the specified plan, including free plans. For per-seat pricing, you see the list of accounts that have purchased the plan, including the number of seats purchased. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change. GitHub Apps must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint. OAuth apps must use [basic authentication](https://docs.github.com/rest/authentication/authenticating-to-the-rest-api#using-basic-authentication) with their client ID and client secret to access this endpoint.
apps_list_accounts_for_plan_stubbed(plan_id, direction?, page?, per_page?, sort?) -> [{}]
Get a gitignore template
Get the content of a gitignore template. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw .gitignore contents.
gitignore_get_template(name) -> {name, source}
Delete admin branch protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Removing admin enforcement requires admin or owner permissions to the repository and branch protection to be enabled.
repos_delete_admin_branch_protection(branch, owner, repo)
Get a thread
Gets information about a notification thread.
activity_get_thread(thread_id) -> {id, last_read_at, reason, repository, ...}
Get a release by tag name
Get a published release with the specified tag.
repos_get_release_by_tag(owner, repo, tag) -> {assets, assets_url, author, body, ...}
Get an organization installation for the authenticated app
Enables an authenticated GitHub App to find the organization's installation information. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_get_org_installation(org) -> {access_tokens_url, account, app_id, app_slug, ...}
Delete pull request review protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation.
repos_delete_pull_request_review_protection(branch, owner, repo)
Delete a file
Deletes a file in a repository. You can provide an additional `committer` parameter, which is an object containing information about the committer. Or, you can provide an `author` parameter, which is an object containing information about the author. The `author` section is optional and is filled in with the `committer` information if omitted. If the `committer` information is omitted, the authenticated user's information is used. You must provide values for both `name` and `email`, whether you choose to use `author` or `committer`. Otherwise, you'll receive a `422` status code. > [!NOTE] > If you use this endpoint and the "[Create or update file contents](https://docs.github.com/rest/repos/contents/#create-or-update-file-contents)" endpoint in parallel, the concurrent requests will conflict and you will receive errors. You must use these endpoints serially instead.
repos_delete_file(message, owner, path, repo, sha, author?, branch?, committer?) -> {commit, content}
Create a commit
Creates a new Git [commit object](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). **Signature verification object** The response will include a `verification` object that describes the result of verifying the commit's signature. The following fields are included in the `verification` object: | Name | Type | Description | | ---- | ---- | ----------- | | `verified` | `boolean` | Indicates whether GitHub considers the signature in this commit to be verified. | | `reason` | `string` | The reason for verified value. Possible values and their meanings are enumerated in the table below. | | `signature` | `string` | The signature that was extracted from the commit. | | `payload` | `string` | The value that was signed. | | `verified_at` | `string` | The date the signature was verified by GitHub. | These are the possible values for `reason` in the `verification` object: | Value | Description | | ----- | ----------- | | `expired_key` | The key that made the signature is expired. | | `not_signing_key` | The "signing" flag is not among the usage flags in the GPG key that made the signature. | | `gpgverify_error` | There was an error communicating with the signature verification service. | | `gpgverify_unavailable` | The signature verification service is currently unavailable. | | `unsigned` | The object does not include a signature. | | `unknown_signature_type` | A non-PGP signature was found in the commit. | | `no_user` | No user was associated with the `committer` email address in the commit. | | `unverified_email` | The `committer` email address in the commit was associated with a user, but the email address is not verified on their account. | | `bad_email` | The `committer` email address in the commit is not included in the identities of the PGP key that made the signature. | | `unknown_key` | The key that made the signature has not been registered with any user's account. | | `malformed_signature` | There was an error parsing the signature. | | `invalid` | The signature could not be cryptographically verified using the key whose key-id was found in the signature. | | `valid` | None of the above errors applied, so the signature is considered to be verified. |
git_create_commit(message, owner, repo, tree, author?, committer?, parents?, signature?) -> {author, committer, html_url, message, ...}
Get the Zen of GitHub
Get a random sentence from the Zen of GitHub
meta_get_zen()
Create draft item for organization owned project
Create draft issue item for the specified organization owned project.
projects_create_draft_item_for_org(org, project_number, title, body?) -> {archived_at, content, content_type, created_at, ...}
Set GitHub Actions cache retention limit for a repository
Sets GitHub Actions cache retention limit for a repository. This determines how long caches will be retained for, if not manually removed or evicted due to size constraints. OAuth tokens and personal access tokens (classic) need the `admin:repository` scope to use this endpoint.
actions_set_actions_cache_retention_limit_for_repository(owner, repo, max_cache_retention_days?)
Get all repository rulesets
Get all the rulesets for a repository.
repos_get_repo_rulesets(owner, repo, includes_parents?, page?, per_page?, targets?) -> [{}]
Delete a release asset
repos_delete_release_asset(asset_id, owner, repo)
Privately report a security vulnerability
Report a security vulnerability to the maintainers of the repository. See "[Privately reporting a security vulnerability](https://docs.github.com/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability)" for more information about private vulnerability reporting.
security_advisories_create_private_vulnerability_report(description, owner, repo, summary, cvss_vector_string?, cwe_ids?, severity?, start_private_fork?, vulnerabilities?) -> {author, closed_at, collaborating_teams, collaborating_users, ...}
Unlock a user repository
Unlocks a repository. You can lock repositories when you [start a user migration](https://docs.github.com/rest/migrations/users#start-a-user-migration). Once the migration is complete you can unlock each repository to begin using it again or [delete the repository](https://docs.github.com/rest/repos/repos#delete-a-repository) if you no longer need the source data. Returns a status of `404 Not Found` if the repository is not locked.
migrations_unlock_repo_for_authenticated_user(migration_id, repo_name)
List repository events
> [!NOTE] > This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.
activity_list_repo_events(owner, repo, page?, per_page?) -> [{}]
Get list of conflicting packages during Docker migration for organization
Lists all packages that are in a specific organization, are readable by the requesting user, and that encountered a conflict during a Docker migration. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint.
packages_list_docker_migration_conflicting_packages_for_organization(org) -> [{}]
Get a repository public key
Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint if the repository is private.
dependabot_get_repo_public_key(owner, repo) -> {key, key_id}
List commit statuses for a reference
Users with pull access in a repository can view commit statuses for a given ref. The ref can be a SHA, a branch name, or a tag name. Statuses are returned in reverse chronological order. The first status in the list will be the latest one. This resource is also available via a legacy route: `GET /repos/:owner/:repo/statuses/:ref`.
repos_list_commit_statuses_for_ref(owner, ref, repo, page?, per_page?) -> [{}]
Get an organization public key
Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
dependabot_get_org_public_key(org) -> {key, key_id}
Delete a pending review for a pull request
Deletes a pull request review that has not been submitted. Submitted reviews cannot be deleted. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_delete_pending_review(owner, pull_number, repo, review_id) -> {_links, author_association, body, body_html, ...}
Get a review for a pull request
Retrieves a pull request review by its ID. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_get_review(owner, pull_number, repo, review_id) -> {_links, author_association, body, body_html, ...}
Create a fork
Create a fork for the authenticated user. > [!NOTE] > Forking a Repository happens asynchronously. You may have to wait a short period of time before you can access the git objects. If this takes longer than 5 minutes, be sure to contact [GitHub Support](https://support.github.com/contact?tags=dotcom-rest-api). > [!NOTE] > Although this endpoint works with GitHub Apps, the GitHub App must be installed on the destination account with access to all repositories and on the source account with access to the source repository.
repos_create_fork(owner, repo, default_branch_only?, name?, organization?)
Add or update team membership for a user
Adds an organization member to a team. An authenticated organization owner or team maintainer can add organization members to a team. Team synchronization is available for organizations using GitHub Enterprise Cloud. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. > [!NOTE] > When you have team synchronization set up for a team with your organization's identity provider (IdP), you will see an error if you attempt to use the API for making changes to the team's membership. If you have access to manage group membership in your IdP, you can manage GitHub team membership through your identity provider, which automatically adds and removes team members in an organization. For more information, see "[Synchronizing teams between your identity provider and GitHub](https://docs.github.com/articles/synchronizing-teams-between-your-identity-provider-and-github/)." An organization owner can add someone who is not part of the team's organization to a team. When an organization owner adds someone to a team who is not an organization member, this endpoint will send an invitation to the person via email. This newly-created membership will be in the "pending" state until the person accepts the invitation, at which point the membership will transition to the "active" state and the user will be added as a member of the team. If the user is already a member of the team, this endpoint will update the role of the team member's role. To update the membership of a team member, the authenticated user must be an organization owner or a team maintainer. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `PUT /organizations/{org_id}/team/{team_id}/memberships/{username}`.
teams_add_or_update_membership_for_user_in_org(org, team_slug, username, role?) -> {role, state, url}
Delete a repository secret
Deletes a development environment secret in a repository using the secret name. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint. The associated user must be a repository admin.
codespaces_delete_repo_secret(owner, repo, secret_name)
Get the analysis status of a repository in a CodeQL variant analysis
Gets the analysis status of a repository in a CodeQL variant analysis. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_get_variant_analysis_repo_task(codeql_variant_analysis_id, owner, repo, repo_name, repo_owner) -> {analysis_status, artifact_size_in_bytes, artifact_url, database_commit_sha, ...}
Get a check run
Gets a single check run using its `id`. > [!NOTE] > The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty `pull_requests` array. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint on a private repository.
checks_get(check_run_id, owner, repo) -> {app, check_suite, completed_at, conclusion, ...}
Get code security configurations for an enterprise
Lists all code security configurations available in an enterprise. The authenticated user must be an administrator of the enterprise in order to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `read:enterprise` scope to use this endpoint.
code_security_get_configurations_for_enterprise(enterprise, after?, before?, per_page?) -> [{}]
List security manager teams
> [!WARNING] > **Closing down notice:** This operation is closing down and will be removed starting January 1, 2026. Please use the "[Organization Roles](https://docs.github.com/rest/orgs/organization-roles)" endpoints instead.
orgs_list_security_manager_teams(org) -> [{}]
Get repository permissions for a user
Checks the repository permission and role of a collaborator. The `permission` attribute provides the legacy base roles of `admin`, `write`, `read`, and `none`, where the `maintain` role is mapped to `write` and the `triage` role is mapped to `read`. The `role_name` attribute provides the name of the assigned role, including custom roles. The `permission` can also be used to determine which base level of access the collaborator has to the repository. The calculated permissions are the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response.
repos_get_collaborator_permission_level(owner, repo, username) -> {permission, role_name, user}
Delete an issue comment reaction
> [!NOTE] > You can also specify a repository by `repository_id` using the route `DELETE delete /repositories/:repository_id/issues/comments/:comment_id/reactions/:reaction_id`. Delete a reaction to an [issue comment](https://docs.github.com/rest/issues/comments#get-an-issue-comment).
reactions_delete_for_issue_comment(comment_id, owner, reaction_id, repo)
Get an organization migration status
Fetches the status of a migration. The `state` of a migration can be one of the following values: * `pending`, which means the migration hasn't started yet. * `exporting`, which means the migration is in progress. * `exported`, which means the migration finished successfully. * `failed`, which means the migration failed.
migrations_get_status_for_org(migration_id, org, exclude?) -> {archive_url, created_at, exclude, exclude_attachments, ...}
Set artifact and log retention settings for a repository
Sets artifact and log retention settings for a repository. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_set_artifact_and_log_retention_settings_repository(days, owner, repo)
Get GitHub Actions cache retention limit for an organization
Gets GitHub Actions cache retention limit for an organization. All repositories under this organization may not set a higher cache retention limit. OAuth tokens and personal access tokens (classic) need the `admin:organization` scope to use this endpoint.
actions_get_actions_cache_retention_limit_for_organization(org) -> {max_cache_retention_days}
Get parent issue
You can use the REST API to get the parent issue of a sub-issue. This endpoint supports the following custom media types. For more information, see [Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types). - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_get_parent(issue_number, owner, repo) -> {labels_url, title, comments, id, ...}
Search issues and pull requests
Find issues by state and keyword. This method returns up to 100 results [per page](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api). When searching for issues, you can get text match metadata for the issue **title**, issue **body**, and issue **comment body** fields when you pass the `text-match` media type. For more details about how to receive highlighted search results, see [Text match metadata](https://docs.github.com/rest/search/search#text-match-metadata). For example, if you want to find the oldest unresolved Python bugs on Windows. Your query might look something like this. `q=windows+label:bug+language:python+state:open&sort=created&order=asc` This query searches for the keyword `windows`, within any open issue that is labeled as `bug`. The search runs across repositories whose primary language is Python. The results are sorted by creation date in ascending order, which means the oldest issues appear first in the search results. > [!NOTE] > For requests made by GitHub Apps with a user access token, you can't retrieve a combination of issues and pull requests in a single query. Requests that don't include the `is:issue` or `is:pull-request` qualifier will receive an HTTP `422 Unprocessable Entity` response. To get results for both issues and pull requests, you must send separate queries for issues and pull requests. For more information about the `is` qualifier, see "[Searching only issues or pull requests](https://docs.github.com/github/searching-for-information-on-github/searching-issues-and-pull-requests#search-only-issues-or-pull-requests)."
search_issues_and_pull_requests(q, advanced_search?, order?, page?, per_page?, sort?) -> {incomplete_results, items, total_count}
Create a pull request
Draft pull requests are available in public repositories with GitHub Free and GitHub Free for organizations, GitHub Pro, and legacy per-repository billing plans, and in public and private repositories with GitHub Team and GitHub Enterprise Cloud. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. To open or update a pull request in a public repository, you must have write access to the head or the source branch. For organization-owned repositories, you must be a member of the organization that owns the repository to open or update a pull request. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_create(base, head, owner, repo, body?, draft?, head_repo?, issue?, maintainer_can_modify?, title?) -> {additions, title, comments, id, ...}
List pull requests
Lists pull requests in a specified repository. Draft pull requests are available in public repositories with GitHub Free and GitHub Free for organizations, GitHub Pro, and legacy per-repository billing plans, and in public and private repositories with GitHub Team and GitHub Enterprise Cloud. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_list(owner, repo, base?, direction?, head?, page?, per_page?, sort?, state?) -> [{}]
List attestations
List a collection of artifact attestations with a given subject digest that are associated with repositories owned by a user. The collection of attestations returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the `attestations:read` permission is required. **Please note:** in order to offer meaningful security benefits, an attestation's signature and timestamps **must** be cryptographically verified, and the identity of the attestation signer **must** be validated. Attestations can be verified using the [GitHub CLI `attestation verify` command](https://cli.github.com/manual/gh_attestation_verify). For more information, see [our guide on how to use artifact attestations to establish a build's provenance](https://docs.github.com/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds).
users_list_attestations(subject_digest, username, after?, before?, per_page?, predicate_type?) -> {attestations}
List attestations by bulk subject digests
List a collection of artifact attestations associated with any entry in a list of subject digests owned by an organization. The collection of attestations returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the `attestations:read` permission is required. **Please note:** in order to offer meaningful security benefits, an attestation's signature and timestamps **must** be cryptographically verified, and the identity of the attestation signer **must** be validated. Attestations can be verified using the [GitHub CLI `attestation verify` command](https://cli.github.com/manual/gh_attestation_verify). For more information, see [our guide on how to use artifact attestations to establish a build's provenance](https://docs.github.com/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds).
orgs_list_attestations_bulk(org, subject_digests, after?, before?, per_page?, predicate_type?) -> {attestations_subject_digests, page_info}
Start a codespace for the authenticated user
Starts a user's codespace. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_start_for_authenticated_user(codespace_name) -> {billable_owner, created_at, devcontainer_path, display_name, ...}
Get a webhook configuration for a repository
Returns the webhook configuration for a repository. To get more information about the webhook, including the `active` state and `events`, use "[Get a repository webhook](/rest/webhooks/repos#get-a-repository-webhook)." OAuth app tokens and personal access tokens (classic) need the `read:repo_hook` or `repo` scope to use this endpoint.
repos_get_webhook_config_for_repo(hook_id, owner, repo) -> {content_type, insecure_ssl, secret, url}
Create or update a custom property for an organization
Creates a new or updates an existing custom property that is defined for an organization. To use this endpoint, the authenticated user must be one of: - An administrator for the organization. - A user, or a user on a team, with the fine-grained permission of `custom_properties_org_definitions_manager` in the organization.
orgs_custom_properties_for_repos_create_or_update_organization_definition(custom_property_name, org, value_type, allowed_values?, default_value?, description?, required?, values_editable_by?) -> {allowed_values, default_value, description, property_name, ...}
Remove requested reviewers from a pull request
Removes review requests from a pull request for a given set of users and/or teams.
pulls_remove_requested_reviewers(owner, pull_number, repo, reviewers, team_reviewers?) -> {title, id, locked, number, ...}
Sync a fork branch with the upstream repository
Sync a branch of a forked repository to keep it up-to-date with the upstream repository.
repos_merge_upstream(branch, owner, repo) -> {base_branch, merge_type, message}
List repository security advisories
Lists security advisories in a repository. The authenticated user can access unpublished security advisories from a repository if they are a security manager or administrator of that repository, or if they are a collaborator on any security advisory. OAuth app tokens and personal access tokens (classic) need the `repo` or `repository_advisories:read` scope to to get a published security advisory in a private repository, or any unpublished security advisory that the authenticated user has access to.
security_advisories_list_repository_advisories(owner, repo, after?, before?, direction?, per_page?, sort?, state?) -> [{}]
Get a delivery for a repository webhook
Returns a delivery for a webhook configured in a repository.
repos_get_webhook_delivery(delivery_id, hook_id, owner, repo) -> {action, delivered_at, duration, event, ...}
Get a hosted compute network settings resource for an organization
Gets a hosted compute network settings resource configured for an organization. OAuth app tokens and personal access tokens (classic) need the `read:network_configurations` scope to use this endpoint.
hosted_compute_get_network_settings_for_org(network_settings_id, org) -> {id, name, network_configuration_id, region, ...}
Enable private vulnerability reporting for a repository
Enables private vulnerability reporting for a repository. The authenticated user must have admin access to the repository. For more information, see "[Privately reporting a security vulnerability](https://docs.github.com/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability)."
repos_enable_private_vulnerability_reporting(owner, repo)
List starred gists
List the authenticated user's starred gists:
gists_list_starred(page?, per_page?, since?) -> [{}]
Create an issue comment
You can use the REST API to create comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_create_comment(body, issue_number, owner, repo) -> {author_association, body, body_html, body_text, ...}
Unlock an issue
Users with push access can unlock an issue's conversation.
issues_unlock(issue_number, owner, repo)
List codespaces in a repository for the authenticated user
Lists the codespaces associated to a specified repository and the authenticated user. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_list_in_repository_for_authenticated_user(owner, repo, page?, per_page?) -> {codespaces, total_count}
Delete attestations by ID
Delete an artifact attestation by unique ID that is associated with a repository owned by a user.
users_delete_attestations_by_id(attestation_id, username)
List projects for organization
List all projects owned by a specific organization accessible by the authenticated user.
projects_list_for_org(org, after?, before?, per_page?, q?) -> [{}]
Create a GPG key for the authenticated user
Adds a GPG key to the authenticated user's GitHub account. OAuth app tokens and personal access tokens (classic) need the `write:gpg_key` scope to use this endpoint.
users_create_gpg_key_for_authenticated_user(armored_public_key, name?) -> {can_certify, can_encrypt_comms, can_encrypt_storage, can_sign, ...}
Create issue type for an organization
Create a new issue type for an organization. You can find out more about issue types in [Managing issue types in an organization](https://docs.github.com/issues/tracking-your-work-with-issues/configuring-issues/managing-issue-types-in-an-organization). To use this endpoint, the authenticated user must be an administrator for the organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_create_issue_type(is_enabled, name, org, color?, description?) -> {color, created_at, description, id, ...}
List pull requests files
Lists the files in a specified pull request. > [!NOTE] > Responses include a maximum of 3000 files. The paginated response returns 30 files per page by default. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_list_files(owner, pull_number, repo, page?, per_page?) -> [{}]
List issue types for an organization
Lists all issue types for an organization. OAuth app tokens and personal access tokens (classic) need the read:org scope to use this endpoint.
orgs_list_issue_types(org) -> [{}]
Create a registration token for a repository
Returns a token that you can pass to the `config` script. The token expires after one hour. For example, you can replace `TOKEN` in the following example with the registration token provided by this endpoint to configure your self-hosted runner: ``` ./config.sh --url https://github.com/octo-org --token TOKEN ``` Authenticated users must have admin access to the repository to use this endpoint. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_create_registration_token_for_repo(owner, repo) -> {expires_at, permissions, repositories, repository_selection, ...}
Create an installation access token for an app
Creates an installation access token that enables a GitHub App to make authenticated API requests for the app's installation on an organization or individual account. Installation tokens expire one hour from the time you create them. Using an expired token produces a status code of `401 - Unauthorized`, and requires creating a new installation token. By default the installation token has access to all repositories that the installation can access. Optionally, you can use the `repositories` or `repository_ids` body parameters to specify individual repositories that the installation access token can access. If you don't use `repositories` or `repository_ids` to grant access to specific repositories, the installation access token will have access to all repositories that the installation was granted access to. The installation access token cannot be granted access to repositories that the installation was not granted access to. Up to 500 repositories can be listed in this manner. Optionally, use the `permissions` body parameter to specify the permissions that the installation access token should have. If `permissions` is not specified, the installation access token will have all of the permissions that were granted to the app. The installation access token cannot be granted permissions that the app was not granted. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_create_installation_access_token(installation_id, permissions?, repositories?, repository_ids?) -> {expires_at, has_multiple_single_files, permissions, repositories, ...}
Remove a custom property for an organization
Removes a custom property that is defined for an organization. To use this endpoint, the authenticated user must be one of: - An administrator for the organization. - A user, or a user on a team, with the fine-grained permission of `custom_properties_org_definitions_manager` in the organization.
orgs_custom_properties_for_repos_delete_organization_definition(custom_property_name, org)
Rerequest a check suite
Triggers GitHub to rerequest an existing check suite, without pushing new code to a repository. This endpoint will trigger the [`check_suite` webhook](https://docs.github.com/webhooks/event-payloads/#check_suite) event with the action `rerequested`. When a check suite is `rerequested`, its `status` is reset to `queued` and the `conclusion` is cleared.
checks_rerequest_suite(check_suite_id, owner, repo) -> {}
Add status check contexts
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation.
repos_add_status_check_contexts(branch, owner, repo) -> [{}]
Set status check contexts
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation.
repos_set_status_check_contexts(branch, owner, repo) -> [{}]
List repository languages
Lists languages for the specified repository. The value shown for each language is the number of bytes of code written in that language.
repos_list_languages(owner, repo) -> {}
Get a private registry for an organization
Get the configuration of a single private registry defined for an organization, omitting its encrypted value. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
private_registries_get_org_private_registry(org, secret_name) -> {created_at, name, registry_type, replaces_base, ...}
Create a snapshot of dependencies for a repository
Create a new snapshot of a repository's dependencies. The authenticated user must have access to the repository. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
dependency_graph_create_repository_snapshot(detector, job, owner, ref, repo, scanned, sha, version, manifests?, metadata?) -> {created_at, id, message, result}
Add a repository to an app installation
Add a single repository to an installation. The authenticated user must have admin access to the repository. This endpoint only works for PATs (classic) with the `repo` scope.
apps_add_repo_to_installation_for_authenticated_user(installation_id, repository_id)
List organization rule suites
Lists suites of rule evaluations at the organization level. For more information, see "[Managing rulesets for repositories in your organization](https://docs.github.com/organizations/managing-organization-settings/managing-rulesets-for-repositories-in-your-organization#viewing-insights-for-rulesets)."
repos_get_org_rule_suites(org, actor_name?, page?, per_page?, ref?, repository_name?, rule_suite_result?, time_period?) -> [{actor_id, actor_name, after_sha, before_sha, ...}]
Get GitHub Actions cache retention limit for an enterprise
Gets GitHub Actions cache retention limit for an enterprise. All organizations and repositories under this enterprise may not set a higher cache retention limit. OAuth tokens and personal access tokens (classic) need the `admin:enterprise` scope to use this endpoint.
actions_get_actions_cache_retention_limit_for_enterprise(enterprise) -> {max_cache_retention_days}
Get a repository subscription
Gets information about whether the authenticated user is subscribed to the repository.
activity_get_repo_subscription(owner, repo) -> {created_at, ignored, reason, repository_url, ...}
List failed organization invitations
The return hash contains `failed_at` and `failed_reason` fields which represent the time at which the invitation failed and the reason for the failure.
orgs_list_failed_invitations(org, page?, per_page?) -> [{}]
Get the summary of a CodeQL variant analysis
Gets the summary of a CodeQL variant analysis. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_get_variant_analysis(codeql_variant_analysis_id, owner, repo) -> {actions_workflow_run_id, actor, completed_at, controller_repo, ...}
Set selected repositories for immutable releases enforcement
Replaces all repositories that have been selected for immutable releases enforcement in an organization. To use this endpoint, the organization immutable releases policy for `enforced_repositories` must be configured to `selected`. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_set_immutable_releases_settings_repositories(org, selected_repository_ids)
Delete a GitHub Pages site
Deletes a GitHub Pages site. For more information, see "[About GitHub Pages](/github/working-with-github-pages/about-github-pages). The authenticated user must be a repository administrator, maintainer, or have the 'manage GitHub Pages settings' permission. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_delete_pages_site(owner, repo)
Get platforms for GitHub-hosted runners in an organization
Get the list of platforms available for GitHub-hosted runners for an organization.
actions_get_hosted_runners_platforms_for_org(org) -> {platforms, total_count}
Remove interaction restrictions for an organization
Removes all interaction restrictions from public repositories in the given organization. You must be an organization owner to remove restrictions.
interactions_remove_restrictions_for_org(org)
Check if private vulnerability reporting is enabled for a repository
Returns a boolean indicating whether or not private vulnerability reporting is enabled for the repository. For more information, see "[Evaluating the security settings of a repository](https://docs.github.com/code-security/security-advisories/working-with-repository-security-advisories/evaluating-the-security-settings-of-a-repository)".
repos_check_private_vulnerability_reporting(owner, repo) -> {enabled}
Create a GitHub Pages site
Configures a GitHub Pages site. For more information, see "[About GitHub Pages](/github/working-with-github-pages/about-github-pages)." The authenticated user must be a repository administrator, maintainer, or have the 'manage GitHub Pages settings' permission. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_create_pages_site(owner, repo, build_type?, source?) -> {build_type, cname, custom_404, html_url, ...}
Delete a repository invitation
repos_delete_invitation(invitation_id, owner, repo)
Get the status of a GitHub Pages deployment
Gets the current status of a GitHub Pages deployment. The authenticated user must have read permission for the GitHub Pages site.
repos_get_pages_deployment(owner, pages_deployment_id, repo) -> {status}
Create a tree
The tree creation API accepts nested entries. If you specify both a tree and a nested path modifying that tree, this endpoint will overwrite the contents of the tree with the new path contents, and create a new tree structure. If you use this endpoint to add, delete, or modify the file contents in a tree, you will need to commit the tree and then update a branch to point to the commit. For more information see "[Create a commit](https://docs.github.com/rest/git/commits#create-a-commit)" and "[Update a reference](https://docs.github.com/rest/git/refs#update-a-reference)." Returns an error if you try to delete a file that does not exist.
git_create_tree(owner, repo, tree, base_tree?) -> {sha, tree, truncated, url}
Remove status check protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation.
repos_remove_status_check_protection(branch, owner, repo)
Update status check protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Updating required status checks requires admin or owner permissions to the repository and branch protection to be enabled.
repos_update_status_check_protection(branch, owner, repo, checks?, contexts?, strict?) -> {checks, contexts, contexts_url, strict, ...}
Revoke an installation access token
Revokes the installation token you're using to authenticate as an installation and access this endpoint. Once an installation token is revoked, the token is invalidated and cannot be used. Other endpoints that require the revoked installation token must have a new installation token to work. You can create a new token using the "[Create an installation access token for an app](https://docs.github.com/rest/apps/apps#create-an-installation-access-token-for-an-app)" endpoint.
apps_revoke_installation_access_token()
List social accounts for a user
Lists social media accounts for a user. This endpoint is accessible by anyone.
users_list_social_accounts_for_user(username, page?, per_page?) -> [{}]
Get secret scanning scan history for a repository
Lists the latest default incremental and backfill scans by type for a repository. Scans from Copilot Secret Scanning are not included. > [!NOTE] > This endpoint requires [GitHub Advanced Security](https://docs.github.com/get-started/learning-about-github/about-github-advanced-security)." OAuth app tokens and personal access tokens (classic) need the `repo` or `security_events` scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the `public_repo` scope instead.
secret_scanning_get_scan_history(owner, repo) -> {backfill_scans, custom_pattern_backfill_scans, incremental_scans, pattern_update_scans}
Delete issue type for an organization
Deletes an issue type for an organization. You can find out more about issue types in [Managing issue types in an organization](https://docs.github.com/issues/tracking-your-work-with-issues/configuring-issues/managing-issue-types-in-an-organization). To use this endpoint, the authenticated user must be an administrator for the organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_delete_issue_type(issue_type_id, org)
Delete a label
Deletes a label using the given label name.
issues_delete_label(name, owner, repo)
Get a package version for an organization
Gets a specific package version in an organization. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_get_package_version_for_organization(org, package_name, package_type, package_version_id) -> {created_at, deleted_at, description, html_url, ...}
Delete package version for an organization
Deletes a specific package version in an organization. If the package is public and the package version has more than 5,000 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance. The authenticated user must have admin permissions in the organization to use this endpoint. If the `package_type` belongs to a GitHub Packages registry that supports granular permissions, the authenticated user must also have admin permissions to the package. For the list of these registries, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#granular-permissions-for-userorganization-scoped-packages)." OAuth app tokens and personal access tokens (classic) need the `read:packages` and `delete:packages` scopes to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_delete_package_version_for_org(org, package_name, package_type, package_version_id)
List runner applications for an organization
Lists binaries for the runner application that you can download and run. Authenticated users must have admin access to the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_list_runner_applications_for_org(org) -> [{}]
Create a milestone
Creates a milestone.
issues_create_milestone(owner, repo, title, description?, due_on?, state?) -> {closed_at, closed_issues, created_at, creator, ...}
Add repository access to a self-hosted runner group in an organization
Adds a repository to the list of repositories that can access a self-hosted runner group. The runner group must have `visibility` set to `selected`. For more information, see "[Create a self-hosted runner group for an organization](#create-a-self-hosted-runner-group-for-an-organization)." OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_add_repo_access_to_self_hosted_runner_group_in_org(org, repository_id, runner_group_id)
Update a gist
Allows you to update a gist's description and to update, delete, or rename gist files. Files from the previous version of the gist that aren't explicitly changed during an edit are unchanged. At least one of `description` or `files` is required. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown. This is the default if you do not pass any specific media type. - **`application/vnd.github.base64+json`**: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
gists_update(gist_id, description?, files?) -> {comments, comments_enabled, comments_url, commits_url, ...}
Delete a deploy key
Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.
repos_delete_deploy_key(key_id, owner, repo)
Follow a user
Note that you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see "[HTTP verbs](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method)." OAuth app tokens and personal access tokens (classic) need the `user:follow` scope to use this endpoint.
users_follow(username)
Get an organization public key
Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. The authenticated user must have collaborator access to a repository to create, update, or read secrets. OAuth tokens and personal access tokens (classic) need the`admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_org_public_key(org) -> {created_at, id, key, key_id, ...}
Unfollow a user
OAuth app tokens and personal access tokens (classic) need the `user:follow` scope to use this endpoint.
users_unfollow(username)
Delete attestations by subject digest
Delete an artifact attestation by subject digest.
users_delete_attestations_by_subject_digest(subject_digest, username)
Check if a person is followed by the authenticated user
users_check_person_is_followed_by_authenticated(username)
Update a review for a pull request
Updates the contents of a specified review summary comment. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_update_review(body, owner, pull_number, repo, review_id) -> {_links, author_association, body, body_html, ...}
List gist forks
gists_list_forks(gist_id, page?, per_page?) -> [{}]
Update project item for organization
Update a specific item in an organization-owned project.
projects_update_item_for_org(fields, item_id, org, project_number) -> {archived_at, content, content_type, created_at, ...}
Get a delivery for an app webhook
Returns a delivery for the webhook configured for a GitHub App. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_get_webhook_delivery(delivery_id) -> {action, delivered_at, duration, event, ...}
Get top referral paths
Get the top 10 popular contents over the last 14 days.
repos_get_top_paths(owner, repo) -> [{}]
List public repositories
Lists all public repositories in the order that they were created. Note: - For GitHub Enterprise Server, this endpoint will only list repositories available to all users on the enterprise. - Pagination is powered exclusively by the `since` parameter. Use the [Link header](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api#using-link-headers) to get the URL for the next page of repositories.
repos_list_public(since?) -> [{}]
List followers of the authenticated user
Lists the people following the authenticated user.
users_list_followers_for_authenticated_user(page?, per_page?) -> [{}]
Get pull request review protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation.
repos_get_pull_request_review_protection(branch, owner, repo) -> {bypass_pull_request_allowances, dismiss_stale_reviews, dismissal_restrictions, require_code_owner_reviews, ...}
Delete a code security configuration
Deletes the desired code security configuration from an organization. Repositories attached to the configuration will retain their settings but will no longer be associated with the configuration. The authenticated user must be an administrator or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `write:org` scope to use this endpoint.
code_security_delete_configuration(configuration_id, org)
Create a reference
Creates a reference for your repository. You are unable to create new references for empty repositories, even if the commit SHA-1 hash used exists. Empty repositories are repositories without branches.
git_create_ref(owner, ref, repo, sha) -> {node_id, object, ref, url}
Get a repository ruleset
Get a ruleset for a repository. **Note:** To prevent leaking sensitive information, the `bypass_actors` property is only returned if the user making the API request has write access to the ruleset.
repos_get_repo_ruleset(owner, repo, ruleset_id, includes_parents?) -> {_links, bypass_actors, conditions, created_at, ...}
Delete attestations by subject digest
Delete an artifact attestation by subject digest.
orgs_delete_attestations_by_subject_digest(org, subject_digest)
Disable private vulnerability reporting for a repository
Disables private vulnerability reporting for a repository. The authenticated user must have admin access to the repository. For more information, see "[Privately reporting a security vulnerability](https://docs.github.com/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability)".
repos_disable_private_vulnerability_reporting(owner, repo)
List reviews for a pull request
Lists all reviews for a specified pull request. The list of reviews returns in chronological order. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_list_reviews(owner, pull_number, repo, page?, per_page?) -> [{}]
Update a code scanning alert
Updates the status of a single code scanning alert. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_update_alert(alert_number, owner, repo, assignees?, create_request?, dismissed_comment?, dismissed_reason?, state?) -> {assignees, created_at, dismissal_approved_by, dismissed_at, ...}
Get project field for organization
Get a specific field for an organization-owned project.
projects_get_field_for_org(field_id, org, project_number) -> {configuration, created_at, data_type, id, ...}
Remove public organization membership for the authenticated user
Removes the public membership for the authenticated user from the specified organization, unless public visibility is enforced by default.
orgs_remove_public_membership_for_authenticated_user(org, username)
Set public organization membership for the authenticated user
The user can publicize their own membership. (A user cannot publicize the membership for another user.) Note that you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see "[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method)."
orgs_set_public_membership_for_authenticated_user(org, username)
Create a GitHub App from a manifest
Use this endpoint to complete the handshake necessary when implementing the [GitHub App Manifest flow](https://docs.github.com/apps/building-github-apps/creating-github-apps-from-a-manifest/). When you create a GitHub App with the manifest flow, you receive a temporary `code` used to retrieve the GitHub App's `id`, `pem` (private key), and `webhook_secret`.
apps_create_from_manifest(code)
Delete project item for organization
Delete a specific item from an organization-owned project.
projects_delete_item_for_org(item_id, org, project_number)
Get repository ruleset version
Get a version of a repository ruleset.
repos_get_repo_ruleset_version(owner, repo, ruleset_id, version_id)
Delete a package for a user
Deletes an entire package for a user. You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact GitHub support for further assistance. If the `package_type` belongs to a GitHub Packages registry that supports granular permissions, the authenticated user must have admin permissions to the package. For the list of these registries, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#granular-permissions-for-userorganization-scoped-packages)." OAuth app tokens and personal access tokens (classic) need the `read:packages` and `delete:packages` scopes to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_delete_package_for_user(package_name, package_type, username)
Create or update an environment secret
Creates or updates an environment secret with an encrypted value. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)." Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_create_or_update_environment_secret(encrypted_value, environment_name, key_id, owner, repo, secret_name) -> {}
List Dependabot alerts for an enterprise
Lists Dependabot alerts for repositories that are owned by the specified enterprise. The authenticated user must be a member of the enterprise to use this endpoint. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager. For more information about security managers, see "[Managing security managers in your organization](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)." OAuth app tokens and personal access tokens (classic) need the `repo` or `security_events` scope to use this endpoint.
dependabot_list_alerts_for_enterprise(enterprise, after?, before?, direction?, ecosystem?, epss_percentage?, has?, package?, per_page?, scope?, severity?, sort?, state?) -> [{}]
List outside collaborators for an organization
List all users who are outside collaborators of an organization.
orgs_list_outside_collaborators(org, filter?, page?, per_page?) -> [{}]
Download job logs for a workflow run
Gets a redirect URL to download a plain text file of logs for a workflow job. This link expires after 1 minute. Look for `Location:` in the response header to find the URL for the download. Anyone with read access to the repository can use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_download_job_logs_for_workflow_run(job_id, owner, repo)
List custom images for an organization
List custom images for an organization. OAuth tokens and personal access tokens (classic) need the `manage_runners:org` scope to use this endpoint.
actions_list_custom_images_for_org(org) -> {images, total_count}
List organization events for the authenticated user
This is the user's organization dashboard. You must be authenticated as the user to view this. > [!NOTE] > This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.
activity_list_org_events_for_authenticated_user(org, username, page?, per_page?) -> [{}]
List secret scanning alerts for a repository
Lists secret scanning alerts for an eligible repository, from newest to oldest. The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` or `security_events` scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the `public_repo` scope instead.
secret_scanning_list_alerts_for_repo(owner, repo, after?, assignee?, before?, direction?, hide_secret?, is_multi_repo?, is_publicly_leaked?, page?, per_page?, resolution?, secret_type?, sort?, state?, validity?) -> [{}]
Create a private registry for an organization
Creates a private registry configuration with an encrypted value for an organization. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)." OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
private_registries_create_org_private_registry(encrypted_value, key_id, org, registry_type, url, visibility, replaces_base?, selected_repository_ids?, username?) -> {created_at, name, registry_type, replaces_base, ...}
List organization webhooks
List webhooks for an organization. The authenticated user must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need `admin:org_hook` scope. OAuth apps cannot list, view, or edit webhooks that they did not create and users cannot list, view, or edit webhooks that were created by OAuth apps.
orgs_list_webhooks(org, page?, per_page?) -> [{}]
Update a private registry for an organization
Updates a private registry configuration with an encrypted value for an organization. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)." OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
private_registries_update_org_private_registry(org, secret_name, encrypted_value?, key_id?, registry_type?, replaces_base?, selected_repository_ids?, url?, username?, visibility?)
Create an organization webhook
Create a hook that posts payloads in JSON format. You must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need `admin:org_hook` scope. OAuth apps cannot list, view, or edit webhooks that they did not create and users cannot list, view, or edit webhooks that were created by OAuth apps.
orgs_create_webhook(config, name, org, active?, events?) -> {active, config, created_at, deliveries_url, ...}
Get an organization rule suite
Gets information about a suite of rule evaluations from within an organization. For more information, see "[Managing rulesets for repositories in your organization](https://docs.github.com/organizations/managing-organization-settings/managing-rulesets-for-repositories-in-your-organization#viewing-insights-for-rulesets)."
repos_get_org_rule_suite(org, rule_suite_id) -> {actor_id, actor_name, after_sha, before_sha, ...}
List repository invitations for the authenticated user
When authenticating as a user, this endpoint will list all currently open repository invitations for that user.
repos_list_invitations_for_authenticated_user(page?, per_page?) -> [{}]
Get an item for a user owned project
Get a specific item from a user-owned project.
projects_get_user_item(item_id, project_number, username, fields?) -> {archived_at, content, content_type, created_at, ...}
Remove users from the Copilot subscription for an organization
> [!NOTE] > This endpoint is in public preview and is subject to change. Sets seats for all users specified to "pending cancellation". This will cause the specified users to lose access to GitHub Copilot at the end of the current billing cycle unless they retain access through team membership. For more information about disabling access to Copilot, see "[Revoking access to Copilot for members of your organization](https://docs.github.com/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-access-to-github-copilot-in-your-organization/revoking-access-to-copilot-for-members-of-your-organization)." Only organization owners can cancel Copilot seats for their organization members. The response contains the total number of seats set to "pending cancellation". OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `admin:org` scopes to use this endpoint.
copilot_cancel_copilot_seat_assignment_for_users(org, selected_usernames) -> {seats_cancelled}
Add users to the Copilot subscription for an organization
> [!NOTE] > This endpoint is in public preview and is subject to change. Purchases a GitHub Copilot seat for each user specified. The organization will be billed for each seat based on the organization's Copilot plan. For more information about Copilot pricing, see "[About billing for GitHub Copilot in your organization](https://docs.github.com/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-the-copilot-subscription-for-your-organization/about-billing-for-github-copilot-in-your-organization)." Only organization owners can purchase Copilot seats for their organization members. The organization must have a Copilot Business or Copilot Enterprise subscription and a configured suggestion matching policy. For more information about setting up a Copilot subscription, see "[Subscribing to Copilot for your organization](https://docs.github.com/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-the-copilot-subscription-for-your-organization/subscribing-to-copilot-for-your-organization)." For more information about setting a suggestion matching policy, see "[Managing policies for Copilot in your organization](https://docs.github.com/copilot/managing-copilot/managing-github-copilot-in-your-organization/setting-policies-for-copilot-in-your-organization/managing-policies-for-copilot-in-your-organization#policies-for-suggestion-matching)." The response contains the total number of new seats that were created and existing seats that were refreshed. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `admin:org` scopes to use this endpoint.
copilot_add_copilot_seats_for_users(org, selected_usernames) -> {seats_created}
Set selected repositories enabled for GitHub Actions in an organization
Replaces the list of selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for `enabled_repositories` must be configured to `selected`. For more information, see "[Set GitHub Actions permissions for an organization](#set-github-actions-permissions-for-an-organization)." OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_set_selected_repositories_enabled_github_actions_organization(org, selected_repository_ids)
List selected repositories enabled for GitHub Actions in an organization
Lists the selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for `enabled_repositories` must be configured to `selected`. For more information, see "[Set GitHub Actions permissions for an organization](#set-github-actions-permissions-for-an-organization)." OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_list_selected_repositories_enabled_github_actions_organization(org, page?, per_page?) -> {repositories, total_count}
List SSH signing keys for the authenticated user
Lists the SSH signing keys for the authenticated user's GitHub account. OAuth app tokens and personal access tokens (classic) need the `read:ssh_signing_key` scope to use this endpoint.
users_list_ssh_signing_keys_for_authenticated_user(page?, per_page?) -> [{}]
Get a secret scanning alert
Gets a single secret scanning alert detected in an eligible repository. The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` or `security_events` scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the `public_repo` scope instead.
secret_scanning_get_alert(alert_number, owner, repo, hide_secret?) -> {assigned_to, created_at, first_location_detected, has_more_locations, ...}
Create a SSH signing key for the authenticated user
Creates an SSH signing key for the authenticated user's GitHub account. OAuth app tokens and personal access tokens (classic) need the `write:ssh_signing_key` scope to use this endpoint.
users_create_ssh_signing_key_for_authenticated_user(key, title?) -> {created_at, id, key, title}
List requests to access organization resources with fine-grained personal access tokens
Lists requests from organization members to access organization resources with a fine-grained personal access token. Only GitHub Apps can use this endpoint.
orgs_list_pat_grant_requests(org, direction?, last_used_after?, last_used_before?, owner?, page?, per_page?, permission?, repository?, sort?, token_id?) -> [{}]
Create an organization repository
Creates a new repository in the specified organization. The authenticated user must be a member of the organization. OAuth app tokens and personal access tokens (classic) need the `public_repo` or `repo` scope to create a public repository, and `repo` scope to create a private repository.
repos_create_in_org(name, org, allow_auto_merge?, allow_merge_commit?, allow_rebase_merge?, allow_squash_merge?, auto_init?, custom_properties?, delete_branch_on_merge?, description?, gitignore_template?, has_downloads?, has_issues?, has_projects?, has_wiki?, homepage?, is_template?, license_template?, merge_commit_message?, merge_commit_title?, private?, squash_merge_commit_message?, squash_merge_commit_title?, team_id?, use_squash_pr_title_as_default?, visibility?) -> {labels_url, keys_url, fork, owner, ...}
Set GitHub Actions cache storage limit for an organization
Sets GitHub Actions cache storage limit for an organization. All organizations and repositories under this organization may not set a higher cache storage limit. OAuth tokens and personal access tokens (classic) need the `admin:organization` scope to use this endpoint.
actions_set_actions_cache_storage_limit_for_organization(org, max_cache_size_gb?)
Get an artifact
Gets a specific artifact for a workflow run. Anyone with read access to the repository can use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_artifact(artifact_id, owner, repo) -> {archive_download_url, created_at, digest, expired, ...}
Get status checks protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation.
repos_get_status_checks_protection(branch, owner, repo) -> {checks, contexts, contexts_url, strict, ...}
Delete a self-hosted runner from an organization
Forces the removal of a self-hosted runner from an organization. You can use this endpoint to completely remove the runner when the machine you were using no longer exists. Authenticated users must have admin access to the organization to use this endpoint. OAuth tokens and personal access tokens (classic) need the`admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_self_hosted_runner_from_org(org, runner_id)
Set selected repositories for an organization secret
Replaces all repositories for an organization development environment secret when the `visibility` for repository access is set to `selected`. The visibility is set when you [Create or update an organization secret](https://docs.github.com/rest/codespaces/organization-secrets#create-or-update-an-organization-secret). OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_set_selected_repos_for_org_secret(org, secret_name, selected_repository_ids)
List selected repositories for an organization secret
Lists all repositories that have been selected when the `visibility` for repository access to a secret is set to `selected`. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_list_selected_repos_for_org_secret(org, secret_name, page?, per_page?) -> {repositories, total_count}
List repositories starred by the authenticated user
Lists repositories the authenticated user has starred. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.star+json`**: Includes a timestamp of when the star was created.
activity_list_repos_starred_by_authenticated_user(direction?, page?, per_page?, sort?) -> [{}]
Create a repository webhook
Repositories can have multiple webhooks installed. Each webhook should have a unique `config`. Multiple webhooks can share the same `config` as long as those webhooks do not have any `events` that overlap.
repos_create_webhook(owner, repo, active?, config?, events?, name?) -> {active, config, created_at, deliveries_url, ...}
Create a commit comment
Create a comment for a commit using its `:commit_sha`. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
repos_create_commit_comment(body, commit_sha, owner, repo, line?, path?, position?) -> {author_association, body, commit_id, created_at, ...}
Create a codespace in a repository
Creates a codespace owned by the authenticated user in the specified repository. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_create_with_repo_for_authenticated_user(owner, repo, client_ip?, devcontainer_path?, display_name?, geo?, idle_timeout_minutes?, location?, machine?, multi_repo_permissions_opt_out?, ref?, retention_period_minutes?, working_directory?) -> {billable_owner, created_at, devcontainer_path, display_name, ...}
Get a repository installation for the authenticated app
Enables an authenticated GitHub App to find the repository's installation information. The installation's account type will be either an organization or a user account, depending which account the repository belongs to. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_get_repo_installation(owner, repo) -> {access_tokens_url, account, app_id, app_slug, ...}
Get a repository public key
Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. If the repository is private, OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
codespaces_get_repo_public_key(owner, repo) -> {created_at, id, key, key_id, ...}
Get page views
Get the total number of views and breakdown per day or week for the last 14 days. Timestamps are aligned to UTC midnight of the beginning of the day or week. Week begins on Monday.
repos_get_views(owner, repo, per?) -> {count, uniques, views}
List labels for a self-hosted runner for a repository
Lists all labels for a self-hosted runner configured in a repository. Authenticated users must have admin access to the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_list_labels_for_self_hosted_runner_for_repo(owner, repo, runner_id)
Get GitHub Actions permissions for an organization
Gets the GitHub Actions permissions policy for repositories and allowed actions and reusable workflows in an organization. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_get_github_actions_permissions_organization(org) -> {allowed_actions, enabled_repositories, selected_actions_url, selected_repositories_url, ...}
List organization memberships for the authenticated user
Lists all of the authenticated user's organization memberships.
orgs_list_memberships_for_authenticated_user(page?, per_page?, state?) -> [{}]
Add assignees to an issue
Adds up to 10 assignees to an issue. Users already assigned to an issue are not replaced.
issues_add_assignees(issue_number, owner, repo, assignees?) -> {labels_url, title, comments, id, ...}
Remove a self-hosted runner from a group for an organization
Removes a self-hosted runner from a group configured in an organization. The runner is then returned to the default group. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_remove_self_hosted_runner_from_group_for_org(org, runner_group_id, runner_id)
Get allowed actions and reusable workflows for an organization
Gets the selected actions and reusable workflows that are allowed in an organization. To use this endpoint, the organization permission policy for `allowed_actions` must be configured to `selected`. For more information, see "[Set GitHub Actions permissions for an organization](#set-github-actions-permissions-for-an-organization)." OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_get_allowed_actions_organization(org) -> {github_owned_allowed, patterns_allowed, verified_allowed}
Disable a selected repository for GitHub Actions in an organization
Removes a repository from the list of selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for `enabled_repositories` must be configured to `selected`. For more information, see "[Set GitHub Actions permissions for an organization](#set-github-actions-permissions-for-an-organization)." OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_disable_selected_repository_github_actions_organization(org, repository_id)
Set the default repository access level for Dependabot
Sets the default level of repository access Dependabot will have while performing an update. Available values are: - 'public' - Dependabot will only have access to public repositories, unless access is explicitly granted to non-public repositories. - 'internal' - Dependabot will only have access to public and internal repositories, unless access is explicitly granted to private repositories. Unauthorized users will not see the existence of this endpoint. This operation supports both server-to-server and user-to-server access.
dependabot_set_repository_access_default_level(default_level, org)
List public events
> [!NOTE] > This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.
activity_list_public_events(page?, per_page?) -> [{}]
Get a code scanning analysis for a repository
Gets a specified code scanning analysis for a repository. The default JSON response contains fields that describe the analysis. This includes the Git reference and commit SHA to which the analysis relates, the datetime of the analysis, the name of the code scanning tool, and the number of alerts. The `rules_count` field in the default response give the number of rules that were run in the analysis. For very old analyses this data is not available, and `0` is returned in this field. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/sarif+json`**: Instead of returning a summary of the analysis, this endpoint returns a subset of the analysis data that was uploaded. The data is formatted as [SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html). It also returns additional data such as the `github/alertNumber` and `github/alertUrl` properties. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_get_analysis(analysis_id, owner, repo) -> {analysis_key, category, commit_sha, created_at, ...}
Get a release asset
To download the asset's binary content: - If within a browser, fetch the location specified in the `browser_download_url` key provided in the response. - Alternatively, set the `Accept` header of the request to [`application/octet-stream`](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types). The API will either redirect the client to the location, or stream it directly if possible. API clients should handle both a `200` or `302` response.
repos_get_release_asset(asset_id, owner, repo) -> {browser_download_url, content_type, created_at, digest, ...}
List check runs in a check suite
Lists check runs for a check suite using its `id`. > [!NOTE] > The endpoints to manage checks only look for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty `pull_requests` array. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint on a private repository.
checks_list_for_suite(check_suite_id, owner, repo, check_name?, filter?, page?, per_page?, status?) -> {check_runs, total_count}
List GitHub-hosted runners for an organization
Lists all GitHub-hosted runners configured in an organization. OAuth app tokens and personal access tokens (classic) need the `manage_runner:org` scope to use this endpoint.
actions_list_hosted_runners_for_org(org, page?, per_page?) -> {runners, total_count}
Create a GitHub-hosted runner for an organization
Creates a GitHub-hosted runner for an organization. OAuth tokens and personal access tokens (classic) need the `manage_runners:org` scope to use this endpoint.
actions_create_hosted_runner_for_org(image, name, org, runner_group_id, size, enable_static_ip?, image_gen?, maximum_runners?) -> {id, image_details, image_gen, last_active_on, ...}
Add selected repository to an organization secret
Adds a repository to an organization secret when the `visibility` for repository access is set to `selected`. For more information about setting the visibility, see [Create or update an organization secret](https://docs.github.com/rest/actions/secrets#create-or-update-an-organization-secret). Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_add_selected_repo_to_org_secret(org, repository_id, secret_name)
Start a user migration
Initiates the generation of a user migration archive.
migrations_start_for_authenticated_user(repositories, exclude?, exclude_attachments?, exclude_git_data?, exclude_metadata?, exclude_owner_projects?, exclude_releases?, lock_repositories?, org_metadata_only?) -> {archive_url, created_at, exclude, exclude_attachments, ...}
List release assets
repos_list_release_assets(owner, release_id, repo, page?, per_page?) -> [{}]
Create a release
Users with push access to the repository can create a release. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)."
repos_create_release(owner, repo, tag_name, body?, discussion_category_name?, draft?, generate_release_notes?, make_latest?, name?, prerelease?, target_commitish?) -> {assets, assets_url, author, body, ...}
Create a discussion (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [`Create a discussion`](https://docs.github.com/rest/teams/discussions#create-a-discussion) endpoint. Creates a new discussion post on a team's page. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." OAuth app tokens and personal access tokens (classic) need the `write:discussion` scope to use this endpoint.
teams_create_discussion_legacy(body, team_id, title, private?) -> {author, body, body_html, body_version, ...}
Disable a selected repository for immutable releases in an organization
Removes a repository from the list of selected repositories that are enforced for immutable releases in an organization. To use this endpoint, the organization immutable releases policy for `enforced_repositories` must be configured to `selected`. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_disable_selected_repository_immutable_releases_organization(org, repository_id)
Update an issue
Issue owners and users with push access or Triage role can edit an issue. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_update(issue_number, owner, repo, assignee?, assignees?, body?, labels?, milestone?, state?, state_reason?, title?, type?) -> {labels_url, title, comments, id, ...}
Disable vulnerability alerts
Disables dependency alerts and the dependency graph for a repository. The authenticated user must have admin access to the repository. For more information, see "[About security alerts for vulnerable dependencies](https://docs.github.com/articles/about-security-alerts-for-vulnerable-dependencies)".
repos_disable_vulnerability_alerts(owner, repo)
Get an issue
The API returns a [`301 Moved Permanently` status](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api#follow-redirects) if the issue was [transferred](https://docs.github.com/articles/transferring-an-issue-to-another-repository/) to another repository. If the issue was transferred to or deleted from a repository where the authenticated user lacks read access, the API returns a `404 Not Found` status. If the issue was deleted from a repository where the authenticated user has read access, the API returns a `410 Gone` status. To receive webhook events for transferred and deleted issues, subscribe to the [`issues`](https://docs.github.com/webhooks/event-payloads/#issues) webhook. > [!NOTE] > GitHub's REST API considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the `pull_request` key. Be aware that the `id` of a pull request returned from "Issues" endpoints will be an _issue id_. To find out the pull request id, use the "[List pull requests](https://docs.github.com/rest/pulls/pulls#list-pull-requests)" endpoint. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_get(issue_number, owner, repo) -> {labels_url, title, comments, id, ...}
Get all requested reviewers for a pull request
Gets the users or teams whose review is requested for a pull request. Once a requested reviewer submits a review, they are no longer considered a requested reviewer. Their review will instead be returned by the [List reviews for a pull request](https://docs.github.com/rest/pulls/reviews#list-reviews-for-a-pull-request) operation.
pulls_list_requested_reviewers(owner, pull_number, repo) -> {teams, users}
List repository secrets
Lists all development environment secrets available in a repository without revealing their encrypted values. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
codespaces_list_repo_secrets(owner, repo, page?, per_page?) -> {secrets, total_count}
List users
Lists all users, in the order that they signed up on GitHub. This list includes personal user accounts and organization accounts. Note: Pagination is powered exclusively by the `since` parameter. Use the [Link header](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api#using-link-headers) to get the URL for the next page of users.
users_list(per_page?, since?) -> [{}]
Add custom labels to a self-hosted runner for an organization
Adds custom labels to a self-hosted runner configured in an organization. Authenticated users must have admin access to the organization to use this endpoint. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_add_custom_labels_to_self_hosted_runner_for_org(labels, org, runner_id)
Get a subscription plan for an account (stubbed)
Shows whether the user or organization account actively subscribes to a plan listed by the authenticated GitHub App. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change. GitHub Apps must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint. OAuth apps must use [basic authentication](https://docs.github.com/rest/authentication/authenticating-to-the-rest-api#using-basic-authentication) with their client ID and client secret to access this endpoint.
apps_get_subscription_plan_for_account_stubbed(account_id) -> {email, id, login, marketplace_pending_change, ...}
Get a classroom
Gets a GitHub Classroom classroom for the current user. Classroom will only be returned if the current user is an administrator of the GitHub Classroom.
classroom_get_a_classroom(classroom_id) -> {archived, id, name, organization, ...}
List watchers
Lists the people watching the specified repository.
activity_list_watchers_for_repo(owner, repo, page?, per_page?) -> [{}]
Closing down - Delete a tag protection state for a repository
> [!WARNING] > **Closing down notice:** This operation is closing down and will be removed after August 30, 2024. Use the "[Repository Rulesets](https://docs.github.com/rest/repos/rules#delete-a-repository-ruleset)" endpoint instead. This deletes a tag protection state for a repository. This endpoint is only available to repository administrators.
repos_delete_tag_protection(owner, repo, tag_protection_id)
Set primary email visibility for the authenticated user
Sets the visibility for your primary email addresses.
users_set_primary_email_visibility_for_authenticated_user(visibility) -> [{}]
List timeline events for an issue
List all timeline events for an issue.
issues_list_events_for_timeline(issue_number, owner, repo, page?, per_page?) -> [{}]
Create an attestation
Store an artifact attestation and associate it with a repository. The authenticated user must have write permission to the repository and, if using a fine-grained access token, the `attestations:write` permission is required. Artifact attestations are meant to be created using the [attest action](https://github.com/actions/attest). For more information, see our guide on [using artifact attestations to establish a build's provenance](https://docs.github.com/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds).
repos_create_attestation(bundle, owner, repo) -> {id}
Mark notifications as read
Marks all notifications as "read" for the current user. If the number of notifications is too large to complete in one request, you will receive a `202 Accepted` status and GitHub will run an asynchronous process to mark notifications as "read." To check whether any "unread" notifications remain, you can use the [List notifications for the authenticated user](https://docs.github.com/rest/activity/notifications#list-notifications-for-the-authenticated-user) endpoint and pass the query parameter `all=false`.
activity_mark_notifications_as_read(last_read_at?, read?)
List attestations by bulk subject digests
List a collection of artifact attestations associated with any entry in a list of subject digests owned by a user. The collection of attestations returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the `attestations:read` permission is required. **Please note:** in order to offer meaningful security benefits, an attestation's signature and timestamps **must** be cryptographically verified, and the identity of the attestation signer **must** be validated. Attestations can be verified using the [GitHub CLI `attestation verify` command](https://cli.github.com/manual/gh_attestation_verify). For more information, see [our guide on how to use artifact attestations to establish a build's provenance](https://docs.github.com/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds).
users_list_attestations_bulk(subject_digests, username, after?, before?, per_page?, predicate_type?) -> {attestations_subject_digests, page_info}
Get all autolinks of a repository
Gets all autolinks that are configured for a repository. Information about autolinks are only available to repository administrators.
repos_list_autolinks(owner, repo) -> [{}]
Create or update a repository secret
Creates or updates a repository secret with an encrypted value. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)." OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
dependabot_create_or_update_repo_secret(owner, repo, secret_name, encrypted_value?, key_id?) -> {}
Get a workflow run
Gets a specific workflow run. Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
actions_get_workflow_run(owner, repo, run_id, exclude_pull_requests?) -> {run_number, previous_attempt_url, id, head_repository, ...}
Create or update custom property values for a repository
Create new or update existing custom property values for a repository. Using a value of `null` for a custom property will remove or 'unset' the property value from the repository. Repository admins and other users with the repository-level "edit custom property values" fine-grained permission can use this endpoint.
repos_custom_properties_for_repos_create_or_update_repository_values(owner, properties, repo)
Add a dependency an issue is blocked by
You can use the REST API to add a 'blocked by' relationship to an issue. Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see [Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits) and [Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api). This endpoint supports the following custom media types. For more information, see [Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types). - **`application/vnd.github.raw+json`**: Returns the raw Markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the Markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's Markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_add_blocked_by_dependency(issue_id, issue_number, owner, repo) -> {labels_url, title, comments, id, ...}
Get organization assignments
Get all organizations assigned to an enterprise team
enterprise_team_organizations_get_assignments(enterprise, enterprise-team, page?, per_page?) -> [{}]
Check if vulnerability alerts are enabled for a repository
Shows whether dependency alerts are enabled or disabled for a repository. The authenticated user must have admin read access to the repository. For more information, see "[About security alerts for vulnerable dependencies](https://docs.github.com/articles/about-security-alerts-for-vulnerable-dependencies)".
repos_check_vulnerability_alerts(owner, repo)
Delete an organization assignment
Unassign an enterprise team from an organization.
enterprise_team_organizations_delete(enterprise, enterprise-team, org)
Set selected repositories for an organization secret
Replaces all repositories for an organization secret when the `visibility` for repository access is set to `selected`. The visibility is set when you [Create or update an organization secret](https://docs.github.com/rest/dependabot/secrets#create-or-update-an-organization-secret). OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
dependabot_set_selected_repos_for_org_secret(org, secret_name, selected_repository_ids)
List repository collaborators
For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. The `permissions` hash returned in the response contains the base role permissions of the collaborator. The `role_name` is the highest role assigned to the collaborator after considering all sources of grants, including: repo, teams, organization, and enterprise. There is presently not a way to differentiate between an organization level grant and a repository level grant from this endpoint response. Team members will include the members of child teams. The authenticated user must have write, maintain, or admin privileges on the repository to use this endpoint. For organization-owned repositories, the authenticated user needs to be a member of the organization. OAuth app tokens and personal access tokens (classic) need the `read:org` and `repo` scopes to use this endpoint.
repos_list_collaborators(owner, repo, affiliation?, page?, per_page?, permission?) -> [{}]
List branches
repos_list_branches(owner, repo, page?, per_page?, protected?) -> [{}]
Block a user
Blocks the given user and returns a 204. If the authenticated user cannot block the given user a 422 is returned.
users_block(username)
Check if a user is blocked by the authenticated user
Returns a 204 if the given user is blocked by the authenticated user. Returns a 404 if the given user is not blocked by the authenticated user, or if the given user account has been identified as spam by GitHub.
users_check_blocked(username)
Update the access to organization resources via fine-grained personal access tokens
Updates the access organization members have to organization resources via fine-grained personal access tokens. Limited to revoking a token's existing access. Only GitHub Apps can use this endpoint.
orgs_update_pat_accesses(action, org, pat_ids)
Unblock a user
Unblocks the given user and returns a 204.
users_unblock(username)
Create or update custom property values for an organization
Create new or update existing custom property values for an organization. To remove a custom property value from an organization, set the property value to `null`. The organization must belong to an enterprise. Access requirements: - Organization admins - OAuth tokens and personal access tokens (classic) with the `admin:org` scope - Actors with the organization-level "edit custom properties for an organization" fine-grained permission
orgs_custom_properties_for_orgs_create_or_update_organization_values(org, properties)
List public gists
List public gists sorted by most recently updated to least recently updated. Note: With [pagination](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api), you can fetch up to 3000 gists. For example, you can fetch 100 pages with 30 gists per page or 30 pages with 100 gists per page.
gists_list_public(page?, per_page?, since?) -> [{}]
Get all custom property values for an organization
Gets all custom property values that are set for an organization. The organization must belong to an enterprise. Access requirements: - Organization admins - OAuth tokens and personal access tokens (classic) with the `read:org` scope - Actors with the organization-level "read custom properties for an organization" fine-grained permission or above
orgs_custom_properties_for_orgs_get_organization_values(org) -> [{}]
List events received by the authenticated user
These are events that you've received by watching repositories and following users. If you are authenticated as the given user, you will see private events. Otherwise, you'll only see public events. > [!NOTE] > This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.
activity_list_received_events_for_user(username, page?, per_page?) -> [{}]
Add an email address for the authenticated user
OAuth app tokens and personal access tokens (classic) need the `user` scope to use this endpoint.
users_add_email_for_authenticated_user() -> [{}]
Get an assignment
Gets a GitHub Classroom assignment. Assignment will only be returned if the current user is an administrator of the GitHub Classroom for the assignment.
classroom_get_an_assignment(assignment_id) -> {accepted, classroom, deadline, editor, ...}
Get a repository
The `parent` and `source` objects are present when the repository is a fork. `parent` is the repository this repository was forked from, `source` is the ultimate source for the network. > [!NOTE] > - In order to see the `security_and_analysis` block for a repository you must have admin permissions for the repository or be an owner or security manager for the organization that owns the repository. For more information, see "[Managing security managers in your organization](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)." > - To view merge-related settings, you must have the `contents:read` and `contents:write` permissions.
repos_get(owner, repo) -> {labels_url, keys_url, fork, owner, ...}
Delete an email address for the authenticated user
OAuth app tokens and personal access tokens (classic) need the `user` scope to use this endpoint.
users_delete_email_for_authenticated_user()
List deploy keys
repos_list_deploy_keys(owner, repo, page?, per_page?) -> [{}]
Create a deploy key
You can create a read-only deploy key.
repos_create_deploy_key(key, owner, repo, read_only?, title?) -> {added_by, created_at, enabled, id, ...}
List items for a user project view
List items in a user project with the saved view's filter applied.
projects_list_view_items_for_user(project_number, username, view_number, after?, before?, fields?, per_page?) -> [{}]
Create a repository using a template
Creates a new repository using a repository template. Use the `template_owner` and `template_repo` route parameters to specify the repository to use as the template. If the repository is not public, the authenticated user must own or be a member of an organization that owns the repository. To check if a repository is available to use as a template, get the repository's information using the [Get a repository](https://docs.github.com/rest/repos/repos#get-a-repository) endpoint and check that the `is_template` key is `true`. OAuth app tokens and personal access tokens (classic) need the `public_repo` or `repo` scope to create a public repository, and `repo` scope to create a private repository.
repos_create_using_template(name, template_owner, template_repo, description?, include_all_branches?, owner?, private?) -> {labels_url, keys_url, fork, owner, ...}
List campaigns for an organization
Lists campaigns in an organization. The authenticated user must be an owner or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint.
campaigns_list_org_campaigns(org, direction?, page?, per_page?, sort?, state?) -> [{}]
Redeliver a delivery for an app webhook
Redeliver a delivery for the webhook configured for a GitHub App. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_redeliver_webhook_delivery(delivery_id)
Update a deployment branch policy
Updates a deployment branch or tag policy for an environment. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_update_deployment_branch_policy(branch_policy_id, environment_name, name, owner, repo) -> {id, name, node_id, type}
Get the hourly commit count for each day
Each array contains the day number, hour number, and number of commits: * `0-6`: Sunday - Saturday * `0-23`: Hour of day * Number of commits For example, `[2, 14, 25]` indicates that there were 25 total commits, during the 2:00pm hour on Tuesdays. All times are based on the time zone of individual commits.
repos_get_punch_card_stats(owner, repo) -> [{}]
List child teams
Lists the child teams of the team specified by `{team_slug}`. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `GET /organizations/{org_id}/team/{team_id}/teams`.
teams_list_child_in_org(org, team_slug, page?, per_page?) -> [{}]
Generate release notes content for a release
Generate a name and body describing a [release](https://docs.github.com/rest/releases/releases#get-a-release). The body content will be markdown formatted and contain information like the changes since last release and users who contributed. The generated release notes are not saved anywhere. They are intended to be generated and used when creating a new release.
repos_generate_release_notes(owner, repo, tag_name, configuration_file_path?, previous_tag_name?, target_commitish?) -> {body, name}
Force cancel a workflow run
Cancels a workflow run and bypasses conditions that would otherwise cause a workflow execution to continue, such as an `always()` condition on a job. You should only use this endpoint to cancel a workflow run when the workflow run is not responding to [`POST /repos/{owner}/{repo}/actions/runs/{run_id}/cancel`](/rest/actions/workflow-runs#cancel-a-workflow-run). OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_force_cancel_workflow_run(owner, repo, run_id)
Redeliver a delivery for an organization webhook
Redeliver a delivery for a webhook configured in an organization. You must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need `admin:org_hook` scope. OAuth apps cannot list, view, or edit webhooks that they did not create and users cannot list, view, or edit webhooks that were created by OAuth apps.
orgs_redeliver_webhook_delivery(delivery_id, hook_id, org)
Create a codespace from a pull request
Creates a codespace owned by the authenticated user for the specified pull request. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_create_with_pr_for_authenticated_user(owner, pull_number, repo, client_ip?, devcontainer_path?, display_name?, geo?, idle_timeout_minutes?, location?, machine?, multi_repo_permissions_opt_out?, retention_period_minutes?, working_directory?) -> {billable_owner, created_at, devcontainer_path, display_name, ...}
GitHub API Root
Get Hypermedia links to resources accessible in GitHub's REST API
meta_root() -> {user_organizations_url, keys_url, user_repositories_url, public_gists_url, ...}
Delete an app token
OAuth or GitHub application owners can revoke a single token for an OAuth application or a GitHub application with an OAuth authorization.
apps_delete_token(access_token, client_id)
Check a token
OAuth applications and GitHub applications with OAuth authorizations can use this API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. Invalid tokens will return `404 NOT FOUND`.
apps_check_token(access_token, client_id) -> {app, created_at, expires_at, fingerprint, ...}
Remove all labels from an issue
Removes all labels from an issue.
issues_remove_all_labels(issue_number, owner, repo)
List image versions of a custom image for an organization
List image versions of a custom image for an organization. OAuth tokens and personal access tokens (classic) need the `manage_runners:org` scope to use this endpoint.
actions_list_custom_image_versions_for_org(image_definition_id, org) -> {image_versions, total_count}
List users blocked by the authenticated user
List the users you've blocked on your personal account.
users_list_blocked_by_authenticated_user(page?, per_page?) -> [{}]
Add labels to an issue
Adds labels to an issue. If you provide an empty array of labels, all labels are removed from the issue.
issues_add_labels(issue_number, owner, repo) -> [{}]
Remove teams from the Copilot subscription for an organization
> [!NOTE] > This endpoint is in public preview and is subject to change. Sets seats for all members of each team specified to "pending cancellation". This will cause the members of the specified team(s) to lose access to GitHub Copilot at the end of the current billing cycle unless they retain access through another team. For more information about disabling access to Copilot, see "[Revoking access to Copilot for members of your organization](https://docs.github.com/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-access-to-github-copilot-in-your-organization/revoking-access-to-copilot-for-members-of-your-organization)." Only organization owners can cancel Copilot seats for their organization members. The response contains the total number of seats set to "pending cancellation". OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `admin:org` scopes to use this endpoint.
copilot_cancel_copilot_seat_assignment_for_teams(org, selected_teams) -> {seats_cancelled}
Set labels for an issue
Removes any previous labels and sets the new labels for an issue.
issues_set_labels(issue_number, owner, repo) -> [{}]
List the people the authenticated user follows
Lists the people who the authenticated user follows.
users_list_followed_by_authenticated_user(page?, per_page?) -> [{}]
Get all contributor commit activity
Returns the `total` number of commits authored by the contributor. In addition, the response includes a Weekly Hash (`weeks` array) with the following information: * `w` - Start of the week, given as a [Unix timestamp](https://en.wikipedia.org/wiki/Unix_time). * `a` - Number of additions * `d` - Number of deletions * `c` - Number of commits > [!NOTE] > This endpoint will return `0` values for all addition and deletion counts in repositories with 10,000 or more commits.
repos_get_contributors_stats(owner, repo) -> [{}]
Delete a GitHub-hosted runner for an organization
Deletes a GitHub-hosted runner for an organization.
actions_delete_hosted_runner_for_org(hosted_runner_id, org)
Get feeds
Lists the feeds available to the authenticated user. The response provides a URL for each feed. You can then get a specific feed by sending a request to one of the feed URLs. * **Timeline**: The GitHub global public timeline * **User**: The public timeline for any user, using `uri_template`. For more information, see "[Hypermedia](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#hypermedia)." * **Current user public**: The public timeline for the authenticated user * **Current user**: The private timeline for the authenticated user * **Current user actor**: The private timeline for activity created by the authenticated user * **Current user organizations**: The private timeline for the organizations the authenticated user is a member of. * **Security advisories**: A collection of public announcements that provide information about security-related vulnerabilities in software on GitHub. By default, timeline resources are returned in JSON. You can specify the `application/atom+xml` type in the `Accept` header to return timeline resources in Atom format. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." > [!NOTE] > Private feeds are only returned when [authenticating via Basic Auth](https://docs.github.com/rest/authentication/authenticating-to-the-rest-api#using-basic-authentication) since current feed URIs use the older, non revocable auth tokens.
activity_get_feeds() -> {_links, current_user_actor_url, current_user_organization_url, current_user_organization_urls, ...}
Get a GitHub-hosted runner for an organization
Gets a GitHub-hosted runner configured in an organization. OAuth app tokens and personal access tokens (classic) need the `manage_runners:org` scope to use this endpoint.
actions_get_hosted_runner_for_org(hosted_runner_id, org) -> {id, image_details, image_gen, last_active_on, ...}
List check runs for a Git reference
Lists check runs for a commit ref. The `ref` can be a SHA, branch name, or a tag name. > [!NOTE] > The endpoints to manage checks only look for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty `pull_requests` array. If there are more than 1000 check suites on a single git reference, this endpoint will limit check runs to the 1000 most recent check suites. To iterate over all possible check runs, use the [List check suites for a Git reference](https://docs.github.com/rest/reference/checks#list-check-suites-for-a-git-reference) endpoint and provide the `check_suite_id` parameter to the [List check runs in a check suite](https://docs.github.com/rest/reference/checks#list-check-runs-in-a-check-suite) endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint on a private repository.
checks_list_for_ref(owner, ref, repo, app_id?, check_name?, filter?, page?, per_page?, status?) -> {check_runs, total_count}
Create a hosted compute network configuration for an organization
Creates a hosted compute network configuration for an organization. OAuth app tokens and personal access tokens (classic) need the `write:network_configurations` scope to use this endpoint.
hosted_compute_create_network_configuration_for_org(name, network_settings_ids, org, compute_service?) -> {compute_service, created_on, id, name, ...}
List commits
**Signature verification object** The response will include a `verification` object that describes the result of verifying the commit's signature. The following fields are included in the `verification` object: | Name | Type | Description | | ---- | ---- | ----------- | | `verified` | `boolean` | Indicates whether GitHub considers the signature in this commit to be verified. | | `reason` | `string` | The reason for verified value. Possible values and their meanings are enumerated in table below. | | `signature` | `string` | The signature that was extracted from the commit. | | `payload` | `string` | The value that was signed. | | `verified_at` | `string` | The date the signature was verified by GitHub. | These are the possible values for `reason` in the `verification` object: | Value | Description | | ----- | ----------- | | `expired_key` | The key that made the signature is expired. | | `not_signing_key` | The "signing" flag is not among the usage flags in the GPG key that made the signature. | | `gpgverify_error` | There was an error communicating with the signature verification service. | | `gpgverify_unavailable` | The signature verification service is currently unavailable. | | `unsigned` | The object does not include a signature. | | `unknown_signature_type` | A non-PGP signature was found in the commit. | | `no_user` | No user was associated with the `committer` email address in the commit. | | `unverified_email` | The `committer` email address in the commit was associated with a user, but the email address is not verified on their account. | | `bad_email` | The `committer` email address in the commit is not included in the identities of the PGP key that made the signature. | | `unknown_key` | The key that made the signature has not been registered with any user's account. | | `malformed_signature` | There was an error parsing the signature. | | `invalid` | The signature could not be cryptographically verified using the key whose key-id was found in the signature. | | `valid` | None of the above errors applied, so the signature is considered to be verified. |
repos_list_commits(owner, repo, author?, committer?, page?, path?, per_page?, sha?, since?, until?) -> [{}]
Remove an organization member
Removing a user from this list will remove them from all teams and they will no longer have any access to the organization's repositories. > [!NOTE] > If a user has both direct membership in the organization as well as indirect membership via an enterprise team, only their direct membership will be removed. Their indirect membership via an enterprise team remains until the user is removed from the enterprise team.
orgs_remove_member(org, username)
Delete workflow run logs
Deletes all logs for a workflow run. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_workflow_run_logs(owner, repo, run_id)
Remove users from Codespaces access for an organization
Codespaces for the specified users will no longer be billed to the organization. To use this endpoint, the access settings for the organization must be set to `selected_members`. For information on how to change this setting, see "[Manage access control for organization codespaces](https://docs.github.com/rest/codespaces/organizations#manage-access-control-for-organization-codespaces)." OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_delete_codespaces_access_users(org, selected_usernames)
Get a deployment
repos_get_deployment(deployment_id, owner, repo) -> {created_at, creator, description, environment, ...}
Add users to Codespaces access for an organization
Codespaces for the specified users will be billed to the organization. To use this endpoint, the access settings for the organization must be set to `selected_members`. For information on how to change this setting, see "[Manage access control for organization codespaces](https://docs.github.com/rest/codespaces/organizations#manage-access-control-for-organization-codespaces)." OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_set_codespaces_access_users(org, selected_usernames)
Get teams with access to the protected branch
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Lists the teams who have push access to this branch. The list includes child teams.
repos_get_teams_with_access_to_protected_branch(branch, owner, repo) -> [{}]
Get a deployment status
Users with pull access can view a deployment status for a deployment:
repos_get_deployment_status(deployment_id, owner, repo, status_id) -> {created_at, creator, deployment_url, description, ...}
List selected repositories for a user secret
List the repositories that have been granted the ability to use a user's development environment secret. The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `codespace` or `codespace:secrets` scope to use this endpoint.
codespaces_list_repositories_for_secret_for_authenticated_user(secret_name) -> {repositories, total_count}
Delete an organization secret
Deletes a secret in an organization using the secret name. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
dependabot_delete_org_secret(org, secret_name)
Create or update an organization secret
Creates or updates an organization secret with an encrypted value. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)." OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
dependabot_create_or_update_org_secret(org, secret_name, visibility, encrypted_value?, key_id?, selected_repository_ids?) -> {}
List commit comments
Lists the comments for a specified commit. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
repos_list_comments_for_commit(commit_sha, owner, repo, page?, per_page?) -> [{}]
Create a registration token for an organization
Returns a token that you can pass to the `config` script. The token expires after one hour. For example, you can replace `TOKEN` in the following example with the registration token provided by this endpoint to configure your self-hosted runner: ``` ./config.sh --url https://github.com/octo-org --token TOKEN ``` Authenticated users must have admin access to the organization to use this endpoint. OAuth tokens and personal access tokens (classic) need the`admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_create_registration_token_for_org(org) -> {expires_at, permissions, repositories, repository_selection, ...}
Get limits on GitHub-hosted runners for an organization
Get the GitHub-hosted runners limits for an organization.
actions_get_hosted_runners_limits_for_org(org) -> {public_ips}
List deployments
Simple filtering of deployments is available via query parameters:
repos_list_deployments(owner, repo, environment?, page?, per_page?, ref?, sha?, task?) -> [{}]
Get assignment grades
Gets grades for a GitHub Classroom assignment. Grades will only be returned if the current user is an administrator of the GitHub Classroom for the assignment.
classroom_get_assignment_grades(assignment_id) -> [{}]
List accounts for a plan
Returns user and organization accounts associated with the specified plan, including free plans. For per-seat pricing, you see the list of accounts that have purchased the plan, including the number of seats purchased. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change. GitHub Apps must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint. OAuth apps must use [basic authentication](https://docs.github.com/rest/authentication/authenticating-to-the-rest-api#using-basic-authentication) with their client ID and client secret to access this endpoint.
apps_list_accounts_for_plan(plan_id, direction?, page?, per_page?, sort?) -> [{}]
List attestations
List a collection of artifact attestations with a given subject digest that are associated with repositories owned by an organization. The collection of attestations returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the `attestations:read` permission is required. **Please note:** in order to offer meaningful security benefits, an attestation's signature and timestamps **must** be cryptographically verified, and the identity of the attestation signer **must** be validated. Attestations can be verified using the [GitHub CLI `attestation verify` command](https://cli.github.com/manual/gh_attestation_verify). For more information, see [our guide on how to use artifact attestations to establish a build's provenance](https://docs.github.com/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds).
orgs_list_attestations(org, subject_digest, after?, before?, per_page?, predicate_type?) -> {attestations}
Get a gist revision
Gets a specified gist revision. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown. This is the default if you do not pass any specific media type. - **`application/vnd.github.base64+json`**: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
gists_get_revision(gist_id, sha) -> {comments, comments_enabled, comments_url, commits_url, ...}
List public email addresses for the authenticated user
Lists your publicly visible email address, which you can set with the [Set primary email visibility for the authenticated user](https://docs.github.com/rest/users/emails#set-primary-email-visibility-for-the-authenticated-user) endpoint. OAuth app tokens and personal access tokens (classic) need the `user:email` scope to use this endpoint.
users_list_public_emails_for_authenticated_user(page?, per_page?) -> [{}]
List the people a user follows
Lists the people who the specified user follows.
users_list_following_for_user(username, page?, per_page?) -> [{}]
Request a GitHub Pages build
You can request that your site be built from the latest revision on the default branch. This has the same effect as pushing a commit to your default branch, but does not require an additional commit. Manually triggering page builds can be helpful when diagnosing build warnings and failures. Build requests are limited to one concurrent build per repository and one concurrent build per requester. If you request a build while another is still in progress, the second request will be queued until the first completes.
repos_request_pages_build(owner, repo) -> {status, url}
Delete a codespace from the organization
Deletes a user's codespace. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_delete_from_organization(codespace_name, org, username)
Get list of conflicting packages during Docker migration for authenticated-user
Lists all packages that are owned by the authenticated user within the user's namespace, and that encountered a conflict during a Docker migration. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint.
packages_list_docker_migration_conflicting_packages_for_authenticated_user() -> [{}]
Add teams to the Copilot subscription for an organization
> [!NOTE] > This endpoint is in public preview and is subject to change. Purchases a GitHub Copilot seat for all users within each specified team. The organization will be billed for each seat based on the organization's Copilot plan. For more information about Copilot pricing, see "[About billing for GitHub Copilot in your organization](https://docs.github.com/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-the-copilot-subscription-for-your-organization/about-billing-for-github-copilot-in-your-organization)." Only organization owners can purchase Copilot seats for their organization members. The organization must have a Copilot Business or Copilot Enterprise subscription and a configured suggestion matching policy. For more information about setting up a Copilot subscription, see "[Subscribing to Copilot for your organization](https://docs.github.com/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-the-copilot-subscription-for-your-organization/subscribing-to-copilot-for-your-organization)." For more information about setting a suggestion matching policy, see "[Managing policies for Copilot in your organization](https://docs.github.com/copilot/managing-copilot/managing-github-copilot-in-your-organization/setting-policies-for-copilot-in-your-organization/managing-policies-for-copilot-in-your-organization#policies-for-suggestion-matching)." The response contains the total number of new seats that were created and existing seats that were refreshed. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `admin:org` scopes to use this endpoint.
copilot_add_copilot_seats_for_teams(org, selected_teams) -> {seats_created}
List items for an organization owned project
List all items for a specific organization-owned project accessible by the authenticated user.
projects_list_items_for_org(org, project_number, after?, before?, fields?, per_page?, q?) -> [{}]
Update the access a fine-grained personal access token has to organization resources
Updates the access an organization member has to organization resources via a fine-grained personal access token. Limited to revoking the token's existing access. Limited to revoking a token's existing access. Only GitHub Apps can use this endpoint.
orgs_update_pat_access(action, org, pat_id)
List public events for a user
> [!NOTE] > This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.
activity_list_public_events_for_user(username, page?, per_page?) -> [{}]
Get repository content
Gets the contents of a file or directory in a repository. Specify the file path or directory with the `path` parameter. If you omit the `path` parameter, you will receive the contents of the repository's root directory. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw file contents for files and symlinks. - **`application/vnd.github.html+json`**: Returns the file contents in HTML. Markup languages are rendered to HTML using GitHub's open-source [Markup library](https://github.com/github/markup). - **`application/vnd.github.object+json`**: Returns the contents in a consistent object format regardless of the content type. For example, instead of an array of objects for a directory, the response will be an object with an `entries` attribute containing the array of objects. If the content is a directory, the response will be an array of objects, one object for each item in the directory. When listing the contents of a directory, submodules have their "type" specified as "file". Logically, the value _should_ be "submodule". This behavior exists [for backwards compatibility purposes](https://git.io/v1YCW). In the next major version of the API, the type will be returned as "submodule". If the content is a symlink and the symlink's target is a normal file in the repository, then the API responds with the content of the file. Otherwise, the API responds with an object describing the symlink itself. If the content is a submodule, the `submodule_git_url` field identifies the location of the submodule repository, and the `sha` identifies a specific commit within the submodule repository. Git uses the given URL when cloning the submodule repository, and checks out the submodule at that specific commit. If the submodule repository is not hosted on github.com, the Git URLs (`git_url` and `_links["git"]`) and the github.com URLs (`html_url` and `_links["html"]`) will have null values. **Notes**: - To get a repository's contents recursively, you can [recursively get the tree](https://docs.github.com/rest/git/trees#get-a-tree). - This API has an upper limit of 1,000 files for a directory. If you need to retrieve more files, use the [Git Trees API](https://docs.github.com/rest/git/trees#get-a-tree). - Download URLs expire and are meant to be used just once. To ensure the download URL does not expire, please use the contents API to obtain a fresh download URL for each download. - If the requested file's size is: - 1 MB or smaller: All features of this endpoint are supported. - Between 1-100 MB: Only the `raw` or `object` custom media types are supported. Both will work as normal, except that when using the `object` media type, the `content` field will be an empty string and the `encoding` field will be `"none"`. To get the contents of these larger files, use the `raw` media type. - Greater than 100 MB: This endpoint is not supported.
repos_get_content(owner, path, repo, ref?)
Get a commit
Returns the contents of a single commit reference. You must have `read` access for the repository to use this endpoint. > [!NOTE] > If there are more than 300 files in the commit diff and the default JSON media type is requested, the response will include pagination link headers for the remaining files, up to a limit of 3000 files. Each page contains the static commit information, and the only changes are to the file listing. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." Pagination query parameters are not supported for these media types. - **`application/vnd.github.diff`**: Returns the diff of the commit. Larger diffs may time out and return a 5xx status code. - **`application/vnd.github.patch`**: Returns the patch of the commit. Diffs with binary data will have no `patch` property. Larger diffs may time out and return a 5xx status code. - **`application/vnd.github.sha`**: Returns the commit's SHA-1 hash. You can use this endpoint to check if a remote reference's SHA-1 hash is the same as your local reference's SHA-1 hash by providing the local SHA-1 reference as the ETag. **Signature verification object** The response will include a `verification` object that describes the result of verifying the commit's signature. The following fields are included in the `verification` object: | Name | Type | Description | | ---- | ---- | ----------- | | `verified` | `boolean` | Indicates whether GitHub considers the signature in this commit to be verified. | | `reason` | `string` | The reason for verified value. Possible values and their meanings are enumerated in table below. | | `signature` | `string` | The signature that was extracted from the commit. | | `payload` | `string` | The value that was signed. | | `verified_at` | `string` | The date the signature was verified by GitHub. | These are the possible values for `reason` in the `verification` object: | Value | Description | | ----- | ----------- | | `expired_key` | The key that made the signature is expired. | | `not_signing_key` | The "signing" flag is not among the usage flags in the GPG key that made the signature. | | `gpgverify_error` | There was an error communicating with the signature verification service. | | `gpgverify_unavailable` | The signature verification service is currently unavailable. | | `unsigned` | The object does not include a signature. | | `unknown_signature_type` | A non-PGP signature was found in the commit. | | `no_user` | No user was associated with the `committer` email address in the commit. | | `unverified_email` | The `committer` email address in the commit was associated with a user, but the email address is not verified on their account. | | `bad_email` | The `committer` email address in the commit is not included in the identities of the PGP key that made the signature. | | `unknown_key` | The key that made the signature has not been registered with any user's account. | | `malformed_signature` | There was an error parsing the signature. | | `invalid` | The signature could not be cryptographically verified using the key whose key-id was found in the signature. | | `valid` | None of the above errors applied, so the signature is considered to be verified. |
repos_get_commit(owner, ref, repo, page?, per_page?) -> {author, comments_url, commit, committer, ...}
Add field to user owned project
Add a field to a specified user owned project.
projects_add_field_for_user(project_number, username) -> {configuration, created_at, data_type, id, ...}
Create or update file contents
Creates a new file or replaces an existing file in a repository. > [!NOTE] > If you use this endpoint and the "[Delete a file](https://docs.github.com/rest/repos/contents/#delete-a-file)" endpoint in parallel, the concurrent requests will conflict and you will receive errors. You must use these endpoints serially instead. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint. The `workflow` scope is also required in order to modify files in the `.github/workflows` directory.
repos_create_or_update_file_contents(content, message, owner, path, repo, author?, branch?, committer?, sha?) -> {commit, content}
Get organization ruleset version
Get a version of an organization ruleset.
orgs_get_org_ruleset_version(org, ruleset_id, version_id)
Get latest Pages build
Gets information about the single most recent build of a GitHub Pages site. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_get_latest_pages_build(owner, repo) -> {commit, created_at, duration, error, ...}
List SSH signing keys for a user
Lists the SSH signing keys for a user. This operation is accessible by anyone.
users_list_ssh_signing_keys_for_user(username, page?, per_page?) -> [{}]
List project fields for organization
List all fields for a specific organization-owned project.
projects_list_fields_for_org(org, project_number, after?, before?, per_page?) -> [{}]
Detach configurations from repositories
Detach code security configuration(s) from a set of repositories. Repositories will retain their settings but will no longer be associated with the configuration. The authenticated user must be an administrator or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `write:org` scope to use this endpoint.
code_security_detach_configuration(org, selected_repository_ids?)
Get an app
> [!NOTE] > The `:app_slug` is just the URL-friendly name of your GitHub App. You can find this on the settings page for your GitHub App (e.g., `https://github.com/settings/apps/:app_slug`).
apps_get_by_slug(app_slug) -> {client_id, created_at, description, events, ...}
Unblock a user from an organization
Unblocks the given user on behalf of the specified organization.
orgs_unblock_user(org, username)
Block a user from an organization
Blocks the given user on behalf of the specified organization and returns a 204. If the organization cannot block the given user a 422 is returned.
orgs_block_user(org, username)
Check if a user is blocked by an organization
Returns a 204 if the given user is blocked by the given organization. Returns a 404 if the organization is not blocking the user, or if the user account has been identified as spam by GitHub.
orgs_check_blocked_user(org, username)
Get a discussion
Get a specific discussion on a team's page. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `GET /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}`. OAuth app tokens and personal access tokens (classic) need the `read:discussion` scope to use this endpoint.
teams_get_discussion_in_org(discussion_number, org, team_slug) -> {author, body, body_html, body_version, ...}
Check if a pull request has been merged
Checks if a pull request has been merged into the base branch. The HTTP status of the response indicates whether or not the pull request has been merged; the response body is empty.
pulls_check_if_merged(owner, pull_number, repo)
List forks
repos_list_forks(owner, repo, page?, per_page?, sort?) -> [{}]
Create an artifact deployment record
Create or update deployment records for an artifact associated with an organization. This endpoint allows you to record information about a specific artifact, such as its name, digest, environments, cluster, and deployment.
orgs_create_artifact_deployment_record(deployment_name, digest, logical_environment, name, org, status, cluster?, github_repository?, physical_environment?, runtime_risks?, tags?, version?) -> {deployment_records, total_count}
Get an environment secret
Gets a single environment secret without revealing its encrypted value. Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_environment_secret(environment_name, owner, repo, secret_name) -> {created_at, name, updated_at}
Get community profile metrics
Returns all community profile metrics for a repository. The repository cannot be a fork. The returned metrics include an overall health score, the repository description, the presence of documentation, the detected code of conduct, the detected license, and the presence of ISSUE\_TEMPLATE, PULL\_REQUEST\_TEMPLATE, README, and CONTRIBUTING files. The `health_percentage` score is defined as a percentage of how many of the recommended community health files are present. For more information, see "[About community profiles for public repositories](https://docs.github.com/communities/setting-up-your-project-for-healthy-contributions/about-community-profiles-for-public-repositories)." `content_reports_enabled` is only returned for organization-owned repositories.
repos_get_community_profile_metrics(owner, repo) -> {content_reports_enabled, description, documentation, files, ...}
Update an organization membership for the authenticated user
Converts the authenticated user to an active member of the organization, if that user has a pending invitation from the organization.
orgs_update_membership_for_authenticated_user(org, state) -> {direct_membership, enterprise_teams_providing_indirect_membership, organization, organization_url, ...}
Delete a secret for the authenticated user
Deletes a development environment secret from a user's codespaces using the secret name. Deleting the secret will remove access from all codespaces that were allowed to access the secret. The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `codespace` or `codespace:secrets` scope to use this endpoint.
codespaces_delete_secret_for_authenticated_user(secret_name)
Get GitHub Actions cache retention limit for a repository
Gets GitHub Actions cache retention limit for a repository. This determines how long caches will be retained for, if not manually removed or evicted due to size constraints. OAuth tokens and personal access tokens (classic) need the `admin:repository` scope to use this endpoint.
actions_get_actions_cache_retention_limit_for_repository(owner, repo) -> {max_cache_retention_days}
Update a campaign
Updates a campaign in an organization. The authenticated user must be an owner or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint.
campaigns_update_campaign(campaign_number, org, contact_link?, description?, ends_at?, managers?, name?, state?, team_managers?) -> {alert_stats, closed_at, contact_link, created_at, ...}
Get Octocat
Get the octocat as ASCII art
meta_get_octocat(s?)
Create a workflow dispatch event
You can use this endpoint to manually trigger a GitHub Actions workflow run. You can replace `workflow_id` with the workflow file name. For example, you could use `main.yaml`. You must configure your GitHub Actions workflow to run when the [`workflow_dispatch` webhook](/developers/webhooks-and-events/webhook-events-and-payloads#workflow_dispatch) event occurs. The `inputs` are configured in the workflow file. For more information about how to configure the `workflow_dispatch` event in the workflow file, see "[Events that trigger workflows](/actions/reference/events-that-trigger-workflows#workflow_dispatch)." OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_create_workflow_dispatch(owner, ref, repo, workflow_id, inputs?)
Delete a GPG key for the authenticated user
Removes a GPG key from the authenticated user's GitHub account. OAuth app tokens and personal access tokens (classic) need the `admin:gpg_key` scope to use this endpoint.
users_delete_gpg_key_for_authenticated_user(gpg_key_id)
Get private registries public key for an organization
Gets the org public key, which is needed to encrypt private registry secrets. You need to encrypt a secret before you can create or update secrets. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
private_registries_get_org_public_key(org) -> {key, key_id}
Update a discussion
Edits the title and body text of a discussion post. Only the parameters you provide are updated. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `PATCH /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}`. OAuth app tokens and personal access tokens (classic) need the `write:discussion` scope to use this endpoint.
teams_update_discussion_in_org(discussion_number, org, team_slug, body?, title?) -> {author, body, body_html, body_version, ...}
List repository invitations
When authenticating as a user with admin rights to a repository, this endpoint will list all currently open repository invitations.
repos_list_invitations(owner, repo, page?, per_page?) -> [{}]
Set a thread subscription
If you are watching a repository, you receive notifications for all threads by default. Use this endpoint to ignore future notifications for threads until you comment on the thread or get an **@mention**. You can also use this endpoint to subscribe to threads that you are currently not receiving notifications for or to subscribed to threads that you have previously ignored. Unsubscribing from a conversation in a repository that you are not watching is functionally equivalent to the [Delete a thread subscription](https://docs.github.com/rest/activity/notifications#delete-a-thread-subscription) endpoint.
activity_set_thread_subscription(thread_id, ignored?) -> {created_at, ignored, reason, repository_url, ...}
List sub-issues
You can use the REST API to list the sub-issues on an issue. This endpoint supports the following custom media types. For more information, see [Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types). - **`application/vnd.github.raw+json`**: Returns the raw Markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the Markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's Markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_list_sub_issues(issue_number, owner, repo, page?, per_page?) -> [{}]
Get project for user
Get a specific user-owned project.
projects_get_for_user(project_number, username) -> {closed_at, created_at, creator, deleted_at, ...}
Create a label
Creates a label for the specified repository with the given name and color. The name and color parameters are required. The color must be a valid [hexadecimal color code](http://www.color-hex.com/).
issues_create_label(name, owner, repo, color?, description?) -> {color, default, description, id, ...}
List organizations
Lists all organizations, in the order that they were created. > [!NOTE] > Pagination is powered exclusively by the `since` parameter. Use the [Link header](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api#using-link-headers) to get the URL for the next page of organizations.
orgs_list(per_page?, since?) -> [{}]
List labels for a repository
Lists all labels for a repository.
issues_list_labels_for_repo(owner, repo, page?, per_page?) -> [{}]
Delete an environment variable
Deletes an environment variable using the variable name. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_delete_environment_variable(environment_name, name, owner, repo)
Redeliver a delivery for a repository webhook
Redeliver a webhook delivery for a webhook configured in a repository.
repos_redeliver_webhook_delivery(delivery_id, hook_id, owner, repo)
Get private repo fork PR workflow settings for an organization
Gets the settings for whether workflows from fork pull requests can run on private repositories in an organization.
actions_get_private_repo_fork_pr_workflows_settings_organization(org) -> {require_approval_for_fork_pr_workflows, run_workflows_from_fork_pull_requests, send_secrets_and_variables, send_write_tokens_to_workflows}
Update project item for user
Update a specific item in a user-owned project.
projects_update_item_for_user(fields, item_id, project_number, username) -> {archived_at, content, content_type, created_at, ...}
Get allowed actions and reusable workflows for a repository
Gets the settings for selected actions and reusable workflows that are allowed in a repository. To use this endpoint, the repository policy for `allowed_actions` must be configured to `selected`. For more information, see "[Set GitHub Actions permissions for a repository](#set-github-actions-permissions-for-a-repository)." OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_allowed_actions_repository(owner, repo) -> {github_owned_allowed, patterns_allowed, verified_allowed}
Delete project item for user
Delete a specific item from a user-owned project.
projects_delete_item_for_user(item_id, project_number, username)
List releases
This returns a list of releases, which does not include regular Git tags that have not been associated with a release. To get a list of Git tags, use the [Repository Tags API](https://docs.github.com/rest/repos/repos#list-repository-tags). Information about published releases are available to everyone. Only users with push access will receive listings for draft releases.
repos_list_releases(owner, repo, page?, per_page?) -> [{}]
Update a webhook configuration for a repository
Updates the webhook configuration for a repository. To update more information about the webhook, including the `active` state and `events`, use "[Update a repository webhook](/rest/webhooks/repos#update-a-repository-webhook)." OAuth app tokens and personal access tokens (classic) need the `write:repo_hook` or `repo` scope to use this endpoint.
repos_update_webhook_config_for_repo(hook_id, owner, repo, content_type?, insecure_ssl?, secret?, url?) -> {content_type, insecure_ssl, secret, url}
Delete attestations in bulk
Delete artifact attestations in bulk by either subject digests or unique ID.
users_delete_attestations_bulk(username)
Delete a public SSH key for the authenticated user
Removes a public SSH key from the authenticated user's GitHub account. OAuth app tokens and personal access tokens (classic) need the `admin:public_key` scope to use this endpoint.
users_delete_public_ssh_key_for_authenticated_user(key_id)
Get a pull request
Draft pull requests are available in public repositories with GitHub Free and GitHub Free for organizations, GitHub Pro, and legacy per-repository billing plans, and in public and private repositories with GitHub Team and GitHub Enterprise Cloud. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Lists details of a pull request by providing its number. When you get, [create](https://docs.github.com/rest/pulls/pulls/#create-a-pull-request), or [edit](https://docs.github.com/rest/pulls/pulls#update-a-pull-request) a pull request, GitHub creates a merge commit to test whether the pull request can be automatically merged into the base branch. This test commit is not added to the base branch or the head branch. You can review the status of the test commit using the `mergeable` key. For more information, see "[Checking mergeability of pull requests](https://docs.github.com/rest/guides/getting-started-with-the-git-database-api#checking-mergeability-of-pull-requests)". The value of the `mergeable` attribute can be `true`, `false`, or `null`. If the value is `null`, then GitHub has started a background job to compute the mergeability. After giving the job time to complete, resubmit the request. When the job finishes, you will see a non-`null` value for the `mergeable` attribute in the response. If `mergeable` is `true`, then `merge_commit_sha` will be the SHA of the _test_ merge commit. The value of the `merge_commit_sha` attribute changes depending on the state of the pull request. Before merging a pull request, the `merge_commit_sha` attribute holds the SHA of the _test_ merge commit. After merging a pull request, the `merge_commit_sha` attribute changes depending on how you merged the pull request: * If merged as a [merge commit](https://docs.github.com/articles/about-merge-methods-on-github/), `merge_commit_sha` represents the SHA of the merge commit. * If merged via a [squash](https://docs.github.com/articles/about-merge-methods-on-github/#squashing-your-merge-commits), `merge_commit_sha` represents the SHA of the squashed commit on the base branch. * If [rebased](https://docs.github.com/articles/about-merge-methods-on-github/#rebasing-and-merging-your-commits), `merge_commit_sha` represents the commit that the base branch was updated to. Pass the appropriate [media type](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types) to fetch diff and patch formats. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`. - **`application/vnd.github.diff`**: For more information, see "[git-diff](https://git-scm.com/docs/git-diff)" in the Git documentation. If a diff is corrupt, contact us through the [GitHub Support portal](https://support.github.com/). Include the repository name and pull request ID in your message.
pulls_get(owner, pull_number, repo) -> {additions, title, comments, id, ...}
Get a public SSH key for the authenticated user
View extended details for a single public SSH key. OAuth app tokens and personal access tokens (classic) need the `read:public_key` scope to use this endpoint.
users_get_public_ssh_key_for_authenticated_user(key_id) -> {created_at, id, key, last_used, ...}
List pull requests associated with a commit
Lists the merged pull request that introduced the commit to the repository. If the commit is not present in the default branch, it will return merged and open pull requests associated with the commit. To list the open or merged pull requests associated with a branch, you can set the `commit_sha` parameter to the branch name.
repos_list_pull_requests_associated_with_commit(commit_sha, owner, repo, page?, per_page?) -> [{}]
List subscriptions for the authenticated user
Lists the active subscriptions for the authenticated user.
apps_list_subscriptions_for_authenticated_user(page?, per_page?) -> [{}]
Download a repository archive (zip)
Gets a redirect URL to download a zip archive for a repository. If you omit `:ref`, the repository’s default branch (usually `main`) will be used. Please make sure your HTTP framework is configured to follow redirects or you will need to use the `Location` header to make a second `GET` request. > [!NOTE] > For private repositories, these links are temporary and expire after five minutes. If the repository is empty, you will receive a 404 when you follow the redirect.
repos_download_zipball_archive(owner, ref, repo)
Update a pull request
Draft pull requests are available in public repositories with GitHub Free and GitHub Free for organizations, GitHub Pro, and legacy per-repository billing plans, and in public and private repositories with GitHub Team and GitHub Enterprise Cloud. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. To open or update a pull request in a public repository, you must have write access to the head or the source branch. For organization-owned repositories, you must be a member of the organization that owns the repository to open or update a pull request. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_update(owner, pull_number, repo, base?, body?, maintainer_can_modify?, state?, title?) -> {additions, title, comments, id, ...}
Get a discussion (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [Get a discussion](https://docs.github.com/rest/teams/discussions#get-a-discussion) endpoint. Get a specific discussion on a team's page. OAuth app tokens and personal access tokens (classic) need the `read:discussion` scope to use this endpoint.
teams_get_discussion_legacy(discussion_number, team_id) -> {author, body, body_html, body_version, ...}
Get an organization membership for the authenticated user
If the authenticated user is an active or pending member of the organization, this endpoint will return the user's membership. If the authenticated user is not affiliated with the organization, a `404` is returned. This endpoint will return a `403` if the request is made by a GitHub App that is blocked by the organization.
orgs_get_membership_for_authenticated_user(org) -> {direct_membership, enterprise_teams_providing_indirect_membership, organization, organization_url, ...}
List GitHub Actions caches for a repository
Lists the GitHub Actions caches for a repository. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_actions_cache_list(owner, repo, direction?, key?, page?, per_page?, ref?, sort?) -> {actions_caches, total_count}
List GitHub Pages builds
Lists builts of a GitHub Pages site. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_list_pages_builds(owner, repo, page?, per_page?) -> [{}]
Get GitHub Actions cache storage limit for a repository
Gets GitHub Actions cache storage limit for a repository. This determines the maximum size of caches that can be stored before eviction occurs. OAuth tokens and personal access tokens (classic) need the `admin:repository` scope to use this endpoint.
actions_get_actions_cache_storage_limit_for_repository(owner, repo) -> {max_cache_size_gb}
Approve a workflow run for a fork pull request
Approves a workflow run for a pull request from a public fork of a first time contributor. For more information, see ["Approving workflow runs from public forks](https://docs.github.com/actions/managing-workflow-runs/approving-workflow-runs-from-public-forks)." OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_approve_workflow_run(owner, repo, run_id) -> {}
Set GitHub Actions cache storage limit for a repository
Sets GitHub Actions cache storage limit for a repository. This determines the maximum size of caches that can be stored before eviction occurs. OAuth tokens and personal access tokens (classic) need the `admin:repository` scope to use this endpoint.
actions_set_actions_cache_storage_limit_for_repository(owner, repo, max_cache_size_gb?)
Get GitHub-hosted runners machine specs for an organization
Get the list of machine specs available for GitHub-hosted runners for an organization.
actions_get_hosted_runners_machine_specs_for_org(org) -> {machine_specs, total_count}
Get the authenticated app
Returns the GitHub App associated with the authentication credentials used. To see how many app installations are associated with this GitHub App, see the `installations_count` in the response. For more details about your app's installations, see the "[List installations for the authenticated app](https://docs.github.com/rest/apps/apps#list-installations-for-the-authenticated-app)" endpoint. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_get_authenticated() -> {client_id, created_at, description, events, ...}
Get a package for an organization
Gets a specific package in an organization. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_get_package_for_organization(org, package_name, package_type) -> {created_at, html_url, id, name, ...}
Remove repository access to a self-hosted runner group in an organization
Removes a repository from the list of selected repositories that can access a self-hosted runner group. The runner group must have `visibility` set to `selected`. For more information, see "[Create a self-hosted runner group for an organization](#create-a-self-hosted-runner-group-for-an-organization)." OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_remove_repo_access_to_self_hosted_runner_group_in_org(org, repository_id, runner_group_id)
Start an import
Start a source import to a GitHub repository using GitHub Importer. Importing into a GitHub repository with GitHub Actions enabled is not supported and will return a status `422 Unprocessable Entity` response. > [!WARNING] > **Endpoint closing down notice:** Due to very low levels of usage and available alternatives, this endpoint is closing down and will no longer be available from 00:00 UTC on April 12, 2024. For more details and alternatives, see the [changelog](https://gh.io/source-imports-api-deprecation).
migrations_start_import(owner, repo, vcs_url, tfvc_project?, vcs?, vcs_password?, vcs_username?) -> {authors_count, authors_url, commit_count, error_message, ...}
Set allowed actions and reusable workflows for an organization
Sets the actions and reusable workflows that are allowed in an organization. To use this endpoint, the organization permission policy for `allowed_actions` must be configured to `selected`. For more information, see "[Set GitHub Actions permissions for an organization](#set-github-actions-permissions-for-an-organization)." OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_set_allowed_actions_organization(org, github_owned_allowed?, patterns_allowed?, verified_allowed?)
Disable immutable releases
Disables immutable releases for a repository. The authenticated user must have admin access to the repository.
repos_disable_immutable_releases(owner, repo)
Get billing usage summary for an organization
> [!NOTE] > This endpoint is in public preview and is subject to change. Gets a summary report of usage for an organization. To use this endpoint, you must be an administrator of an organization within an enterprise or an organization account. **Note:** Only data from the past 24 months is accessible via this endpoint.
billing_get_github_billing_usage_summary_report_org(org, day?, month?, product?, repository?, sku?, year?)
Get default code security configurations for an enterprise
Lists the default code security configurations for an enterprise. The authenticated user must be an administrator of the enterprise in order to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `read:enterprise` scope to use this endpoint.
code_security_get_default_configurations_for_enterprise(enterprise) -> [{configuration, default_for_new_repos}]
Get all gitignore templates
List all templates available to pass as an option when [creating a repository](https://docs.github.com/rest/repos/repos#create-a-repository-for-the-authenticated-user).
gitignore_get_all_templates() -> [{}]
Delete access restrictions
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Disables the ability to restrict who can push to this branch.
repos_delete_access_restrictions(branch, owner, repo)
List milestones
Lists milestones for a repository.
issues_list_milestones(owner, repo, direction?, page?, per_page?, sort?, state?) -> [{}]
Set the customization template for an OIDC subject claim for a repository
Sets the customization template and `opt-in` or `opt-out` flag for an OpenID Connect (OIDC) subject claim for a repository. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_set_custom_oidc_sub_claim_for_repo(owner, repo, use_default, include_claim_keys?) -> {}
Delete an SSH signing key for the authenticated user
Deletes an SSH signing key from the authenticated user's GitHub account. OAuth app tokens and personal access tokens (classic) need the `admin:ssh_signing_key` scope to use this endpoint.
users_delete_ssh_signing_key_for_authenticated_user(ssh_signing_key_id)
Get repositories associated with an enterprise code security configuration
Lists the repositories associated with an enterprise code security configuration in an organization. The authenticated user must be an administrator of the enterprise in order to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `read:enterprise` scope to use this endpoint.
code_security_get_repositories_for_enterprise_configuration(configuration_id, enterprise, after?, before?, per_page?, status?) -> [{}]
Search repositories
Find repositories via various criteria. This method returns up to 100 results [per page](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api). When searching for repositories, you can get text match metadata for the **name** and **description** fields when you pass the `text-match` media type. For more details about how to receive highlighted search results, see [Text match metadata](https://docs.github.com/rest/search/search#text-match-metadata). For example, if you want to search for popular Tetris repositories written in assembly code, your query might look like this: `q=tetris+language:assembly&sort=stars&order=desc` This query searches for repositories with the word `tetris` in the name, the description, or the README. The results are limited to repositories where the primary language is assembly. The results are sorted by stars in descending order, so that the most popular repositories appear first in the search results.
search_repos(q, order?, page?, per_page?, sort?) -> {incomplete_results, items, total_count}
Get an SSH signing key for the authenticated user
Gets extended details for an SSH signing key. OAuth app tokens and personal access tokens (classic) need the `read:ssh_signing_key` scope to use this endpoint.
users_get_ssh_signing_key_for_authenticated_user(ssh_signing_key_id) -> {created_at, id, key, title}
Get a user using their ID
Provides publicly available information about someone with a GitHub account. This method takes their durable user `ID` instead of their `login`, which can change over time. If you are requesting information about an [Enterprise Managed User](https://docs.github.com/enterprise-cloud@latest/admin/managing-iam/understanding-iam-for-enterprises/about-enterprise-managed-users), or a GitHub App bot that is installed in an organization that uses Enterprise Managed Users, your requests must be authenticated as a user or GitHub App that has access to the organization to view that account's information. If you are not authorized, the request will return a `404 Not Found` status. The `email` key in the following response is the publicly visible email address from your GitHub [profile page](https://github.com/settings/profile). When setting up your profile, you can select a primary email address to be public which provides an email entry for this endpoint. If you do not set a public email address for `email`, then it will have a value of `null`. You only see publicly visible email addresses when authenticated with GitHub. For more information, see [Authentication](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#authentication). The Emails API enables you to list all of your email addresses, and toggle a primary email to be visible publicly. For more information, see [Emails API](https://docs.github.com/rest/users/emails).
users_get_by_id(account_id)
Get the review history for a workflow run
Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
actions_get_reviews_for_run(owner, repo, run_id) -> [{}]
Delete a repository ruleset
Delete a ruleset for a repository.
repos_delete_repo_ruleset(owner, repo, ruleset_id)
Update a repository ruleset
Update a ruleset for a repository.
repos_update_repo_ruleset(owner, repo, ruleset_id, bypass_actors?, conditions?, enforcement?, name?, rules?, target?) -> {_links, bypass_actors, conditions, created_at, ...}
Delete a code security configuration for an enterprise
Deletes a code security configuration from an enterprise. Repositories attached to the configuration will retain their settings but will no longer be associated with the configuration. The authenticated user must be an administrator for the enterprise to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:enterprise` scope to use this endpoint.
code_security_delete_configuration_for_enterprise(configuration_id, enterprise)
Search labels
Find labels in a repository with names or descriptions that match search keywords. Returns up to 100 results [per page](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api). When searching for labels, you can get text match metadata for the label **name** and **description** fields when you pass the `text-match` media type. For more details about how to receive highlighted search results, see [Text match metadata](https://docs.github.com/rest/search/search#text-match-metadata). For example, if you want to find labels in the `linguist` repository that match `bug`, `defect`, or `enhancement`. Your query might look like this: `q=bug+defect+enhancement&repository_id=64778136` The labels that best match the query appear first in the search results.
search_labels(q, repository_id, order?, page?, per_page?, sort?) -> {incomplete_results, items, total_count}
List repository webhooks
Lists webhooks for a repository. `last response` may return null if there have not been any deliveries within 30 days.
repos_list_webhooks(owner, repo, page?, per_page?) -> [{}]
List subscriptions for the authenticated user (stubbed)
Lists the active subscriptions for the authenticated user.
apps_list_subscriptions_for_authenticated_user_stubbed(page?, per_page?) -> [{}]
Update the authenticated user
**Note:** If your email is set to private and you send an `email` parameter as part of this request to update your profile, your privacy settings are still enforced: the email address will not be displayed on your public profile or via the API.
users_update_authenticated(bio?, blog?, company?, email?, hireable?, location?, name?, twitter_username?) -> {plan, followers, id, blog, ...}
Get the authenticated user
OAuth app tokens and personal access tokens (classic) need the `user` scope in order for the response to include private profile information.
users_get_authenticated()
Enable immutable releases
Enables immutable releases for a repository. The authenticated user must have admin access to the repository.
repos_enable_immutable_releases(owner, repo)
Set GitHub Actions permissions for an organization
Sets the GitHub Actions permissions policy for repositories and allowed actions and reusable workflows in an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_set_github_actions_permissions_organization(enabled_repositories, org, allowed_actions?, sha_pinning_required?)
Download a repository archive (tar)
Gets a redirect URL to download a tar archive for a repository. If you omit `:ref`, the repository’s default branch (usually `main`) will be used. Please make sure your HTTP framework is configured to follow redirects or you will need to use the `Location` header to make a second `GET` request. > [!NOTE] > For private repositories, these links are temporary and expire after five minutes.
repos_download_tarball_archive(owner, ref, repo)
Attach a configuration to repositories
Attach a code security configuration to a set of repositories. If the repositories specified are already attached to a configuration, they will be re-attached to the provided configuration. If insufficient GHAS licenses are available to attach the configuration to a repository, only free features will be enabled. The authenticated user must be an administrator or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `write:org` scope to use this endpoint.
code_security_attach_configuration(configuration_id, org, scope, selected_repository_ids?)
Delete a codespace for the authenticated user
Deletes a user's codespace. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_delete_for_authenticated_user(codespace_name)
Get GitHub Pages build
Gets information about a GitHub Pages build. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_get_pages_build(build_id, owner, repo) -> {commit, created_at, duration, error, ...}
Get a codespace for the authenticated user
Gets information about a user's codespace. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_get_for_authenticated_user(codespace_name) -> {billable_owner, created_at, devcontainer_path, display_name, ...}
Remove a repository from a team
If the authenticated user is an organization owner or a team maintainer, they can remove any repositories from the team. To remove a repository from a team as an organization member, the authenticated user must have admin access to the repository and must be able to see the team. This does not delete the repository, it just removes it from the team. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `DELETE /organizations/{org_id}/team/{team_id}/repos/{owner}/{repo}`.
teams_remove_repo_in_org(org, owner, repo, team_slug)
Check team permissions for a repository
Checks whether a team has `admin`, `push`, `maintain`, `triage`, or `pull` permission for a repository. Repositories inherited through a parent team will also be checked. You can also get information about the specified repository, including what permissions the team grants on it, by passing the following custom [media type](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types/) via the `application/vnd.github.v3.repository+json` accept header. If a team doesn't have permission for the repository, you will receive a `404 Not Found` response status. If the repository is private, you must have at least `read` permission for that repository, and your token must have the `repo` or `admin:org` scope. Otherwise, you will receive a `404 Not Found` response status. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `GET /organizations/{org_id}/team/{team_id}/repos/{owner}/{repo}`.
teams_check_permissions_for_repo_in_org(org, owner, repo, team_slug) -> {labels_url, keys_url, fork, owner, ...}
Disable Dependabot security updates
Disables Dependabot security updates for a repository. The authenticated user must have admin access to the repository. For more information, see "[Configuring Dependabot security updates](https://docs.github.com/articles/configuring-automated-security-fixes)".
repos_disable_automated_security_fixes(owner, repo)
Set GitHub Actions cache retention limit for an organization
Sets GitHub Actions cache retention limit for an organization. All repositories under this organization may not set a higher cache retention limit. OAuth tokens and personal access tokens (classic) need the `admin:organization` scope to use this endpoint.
actions_set_actions_cache_retention_limit_for_organization(org, max_cache_retention_days?)
Enable Dependabot security updates
Enables Dependabot security updates for a repository. The authenticated user must have admin access to the repository. For more information, see "[Configuring Dependabot security updates](https://docs.github.com/articles/configuring-automated-security-fixes)".
repos_enable_automated_security_fixes(owner, repo)
List code scanning alerts for a repository
Lists code scanning alerts. The response includes a `most_recent_instance` object. This provides details of the most recent instance of this alert for the default branch (or for the specified Git reference if you used `ref` in the request). OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_list_alerts_for_repo(owner, repo, after?, assignees?, before?, direction?, page?, per_page?, pr?, ref?, severity?, sort?, state?, tool_guid?, tool_name?) -> [{}]
Set GitHub Actions cache storage limit for an enterprise
Sets GitHub Actions cache storage limit for an enterprise. All organizations and repositories under this enterprise may not set a higher cache storage limit. OAuth tokens and personal access tokens (classic) need the `admin:enterprise` scope to use this endpoint.
actions_set_actions_cache_storage_limit_for_enterprise(enterprise, max_cache_size_gb?)
Remove team access restrictions
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Removes the ability of a team to push to this branch. You can also remove push access for child teams.
repos_remove_team_access_restrictions(branch, owner, repo) -> [{}]
List teams
Lists all teams in an organization that are visible to the authenticated user.
teams_list(org, page?, per_page?) -> [{}]
Get Copilot metrics for a team
Use this endpoint to see a breakdown of aggregated metrics for various GitHub Copilot features. See the response schema tab for detailed metrics definitions. > [!NOTE] > This endpoint will only return results for a given day if the team had **five or more members with active Copilot licenses** on that day, as evaluated at the end of that day. The response contains metrics for up to 100 days prior. Metrics are processed once per day for the previous day, and the response will only include data up until yesterday. In order for an end user to be counted towards these metrics, they must have telemetry enabled in their IDE. To access this endpoint, the Copilot Metrics API access policy must be enabled for the organization containing the team within GitHub settings. Only organization owners for the organization that contains this team and owners and billing managers of the parent enterprise can view Copilot metrics for a team. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot`, `read:org`, or `read:enterprise` scopes to use this endpoint.
copilot_copilot_metrics_for_team(org, team_slug, page?, per_page?, since?, until?) -> [{}]
Get GitHub-owned images for GitHub-hosted runners in an organization
Get the list of GitHub-owned images available for GitHub-hosted runners for an organization.
actions_get_hosted_runners_github_owned_images_for_org(org) -> {images, total_count}
Create a team
To create a team, the authenticated user must be a member or owner of `{org}`. By default, organization members can create teams. Organization owners can limit team creation to organization owners. For more information, see "[Setting team creation permissions](https://docs.github.com/articles/setting-team-creation-permissions-in-your-organization)." When you create a new team, you automatically become a team maintainer without explicitly adding yourself to the optional array of `maintainers`. For more information, see "[About teams](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/about-teams)".
teams_create(name, org, description?, maintainers?, notification_setting?, parent_team_id?, permission?, privacy?, repo_names?) -> {created_at, description, enterprise_id, html_url, ...}
Restore a package for an organization
Restores an entire package in an organization. You can restore a deleted package under the following conditions: - The package was deleted within the last 30 days. - The same package namespace and version is still available and not reused for a new package. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first. The authenticated user must have admin permissions in the organization to use this endpoint. If the `package_type` belongs to a GitHub Packages registry that supports granular permissions, the authenticated user must also have admin permissions to the package. For the list of these registries, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#granular-permissions-for-userorganization-scoped-packages)." OAuth app tokens and personal access tokens (classic) need the `read:packages` and `write:packages` scopes to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_restore_package_for_org(org, package_name, package_type, token?)
Cancel a GitHub Pages deployment
Cancels a GitHub Pages deployment. The authenticated user must have write permissions for the GitHub Pages site.
repos_cancel_pages_deployment(owner, pages_deployment_id, repo)
List repositories for a user migration
Lists all the repositories for this user migration.
migrations_list_repos_for_authenticated_user(migration_id, page?, per_page?) -> [{}]
Get a diff of the dependencies between commits
Gets the diff of the dependency changes between two commits of a repository, based on the changes to the dependency manifests made in those commits.
dependency_graph_diff_range(basehead, owner, repo, name?) -> [{change_type, ecosystem, license, manifest, ...}]
Delete a team
To delete a team, the authenticated user must be an organization owner or team maintainer. If you are an organization owner, deleting a parent team will delete all of its child teams as well. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `DELETE /organizations/{org_id}/team/{team_id}`.
teams_delete_in_org(org, team_slug)
Check if a user follows another user
users_check_following_for_user(target_user, username)
Update a team
To edit a team, the authenticated user must either be an organization owner or a team maintainer. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `PATCH /organizations/{org_id}/team/{team_id}`.
teams_update_in_org(org, team_slug, description?, name?, notification_setting?, parent_team_id?, permission?, privacy?) -> {created_at, description, enterprise_id, html_url, ...}
Remove all organization roles for a team
Removes all assigned organization roles from a team. For more information on organization roles, see "[Using organization roles](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)." The authenticated user must be an administrator for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_revoke_all_org_roles_team(org, team_slug)
Update a Dependabot alert
The authenticated user must have access to security alerts for the repository to use this endpoint. For more information, see "[Granting access to security alerts](https://docs.github.com/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)." OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the `public_repo` scope instead.
dependabot_update_alert(alert_number, owner, repo, state, dismissed_comment?, dismissed_reason?) -> {auto_dismissed_at, created_at, dependency, dismissal_request, ...}
Get a license
Gets information about a specific license. For more information, see "[Licensing a repository ](https://docs.github.com/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/licensing-a-repository)."
licenses_get(license) -> {body, conditions, description, featured, ...}
List CODEOWNERS errors
List any syntax errors that are detected in the CODEOWNERS file. For more information about the correct CODEOWNERS syntax, see "[About code owners](https://docs.github.com/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners)."
repos_codeowners_errors(owner, repo, ref?) -> {errors}
Set selected repositories for an organization secret
Replaces all repositories for an organization secret when the `visibility` for repository access is set to `selected`. The visibility is set when you [Create or update an organization secret](https://docs.github.com/rest/actions/secrets#create-or-update-an-organization-secret). Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_set_selected_repos_for_org_secret(org, secret_name, selected_repository_ids)
Disable a custom protection rule for an environment
Disables a custom deployment protection rule for an environment. The authenticated user must have admin or owner permissions to the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_disable_deployment_protection_rule(environment_name, owner, protection_rule_id, repo)
Rename a branch
Renames a branch in a repository. > [!NOTE] > Although the API responds immediately, the branch rename process might take some extra time to complete in the background. You won't be able to push to the old branch name while the rename process is in progress. For more information, see "[Renaming a branch](https://docs.github.com/github/administering-a-repository/renaming-a-branch)". The authenticated user must have push access to the branch. If the branch is the default branch, the authenticated user must also have admin or owner permissions. In order to rename the default branch, fine-grained access tokens also need the `administration:write` repository permission.
repos_rename_branch(branch, new_name, owner, repo) -> {_links, commit, name, pattern, ...}
Ping a repository webhook
This will trigger a [ping event](https://docs.github.com/webhooks/#ping-event) to be sent to the hook.
repos_ping_webhook(hook_id, owner, repo)
List public SSH keys for the authenticated user
Lists the public SSH keys for the authenticated user's GitHub account. OAuth app tokens and personal access tokens (classic) need the `read:public_key` scope to use this endpoint.
users_list_public_ssh_keys_for_authenticated_user(page?, per_page?) -> [{}]
List CodeQL databases for a repository
Lists the CodeQL databases that are available in a repository. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_list_codeql_databases(owner, repo) -> [{}]
Get a custom deployment protection rule
Gets an enabled custom deployment protection rule for an environment. Anyone with read access to the repository can use this endpoint. For more information about environments, see "[Using environments for deployment](https://docs.github.com/actions/deployment/targeting-different-environments/using-environments-for-deployment)." For more information about the app that is providing this custom deployment rule, see [`GET /apps/{app_slug}`](https://docs.github.com/rest/apps/apps#get-an-app). OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
repos_get_custom_deployment_protection_rule(environment_name, owner, protection_rule_id, repo) -> {app, enabled, id, node_id}
Get a campaign for an organization
Gets a campaign for an organization. The authenticated user must be an owner or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint.
campaigns_get_campaign_summary(campaign_number, org) -> {alert_stats, closed_at, contact_link, created_at, ...}
Remove team membership
Remove membership of a specific user from a particular team in an enterprise.
enterprise_team_memberships_remove(enterprise, enterprise-team, username)
Get enterprise team membership
Returns whether the user is a member of the enterprise team.
enterprise_team_memberships_get(enterprise, enterprise-team, username) -> {avatar_url, email, events_url, followers_url, ...}
Add team member
Add a team member to an enterprise team.
enterprise_team_memberships_add(enterprise, enterprise-team, username) -> {avatar_url, email, events_url, followers_url, ...}
Get time stats by user
Get the number of API requests and rate-limited requests made within an organization by a specific user over a specified time period.
api_insights_get_time_stats_by_user(min_timestamp, org, timestamp_increment, user_id, max_timestamp?) -> [{rate_limited_request_count, timestamp, total_request_count}]
Create a check run
Creates a new check run for a specific commit in a repository. To create a check run, you must use a GitHub App. OAuth apps and authenticated users are not able to create a check suite. In a check suite, GitHub limits the number of check runs with the same name to 1000. Once these check runs exceed 1000, GitHub will start to automatically delete older check runs. > [!NOTE] > The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty `pull_requests` array.
checks_create(head_sha, name, owner, repo, actions?, completed_at?, conclusion?, details_url?, external_id?, output?, started_at?, status?) -> {app, check_suite, completed_at, conclusion, ...}
Get Copilot seat information and settings for an organization
> [!NOTE] > This endpoint is in public preview and is subject to change. Gets information about an organization's Copilot subscription, including seat breakdown and feature policies. To configure these settings, go to your organization's settings on GitHub.com. For more information, see "[Managing policies for Copilot in your organization](https://docs.github.com/copilot/managing-copilot/managing-policies-for-copilot-business-in-your-organization)." Only organization owners can view details about the organization's Copilot Business or Copilot Enterprise subscription. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:org` scopes to use this endpoint.
copilot_get_copilot_organization_details(org) -> {cli, ide_chat, plan_type, platform_chat, ...}
Replace all repository topics
repos_replace_all_topics(names, owner, repo) -> {names}
Get all repository topics
repos_get_all_topics(owner, repo, page?, per_page?) -> {names}
Search topics
Find topics via various criteria. Results are sorted by best match. This method returns up to 100 results [per page](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api). See "[Searching topics](https://docs.github.com/articles/searching-topics/)" for a detailed list of qualifiers. When searching for topics, you can get text match metadata for the topic's **short\_description**, **description**, **name**, or **display\_name** field when you pass the `text-match` media type. For more details about how to receive highlighted search results, see [Text match metadata](https://docs.github.com/rest/search/search#text-match-metadata). For example, if you want to search for topics related to Ruby that are featured on https://github.com/topics. Your query might look like this: `q=ruby+is:featured` This query searches for topics with the keyword `ruby` and limits the results to find only topics that are featured. The topics that are the best match for the query appear first in the search results.
search_topics(q, page?, per_page?) -> {incomplete_results, items, total_count}
List repository access to a self-hosted runner group in an organization
Lists the repositories with access to a self-hosted runner group configured in an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_list_repo_access_to_self_hosted_runner_group_in_org(org, runner_group_id, page?, per_page?) -> {repositories, total_count}
List classrooms
Lists GitHub Classroom classrooms for the current user. Classrooms will only be returned if the current user is an administrator of one or more GitHub Classrooms.
classroom_list_classrooms(page?, per_page?) -> [{}]
List packages for the authenticated user's namespace
Lists packages owned by the authenticated user within the user's namespace. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_list_packages_for_authenticated_user(package_type, page?, per_page?, visibility?) -> [{}]
Update a repository webhook
Updates a webhook configured in a repository. If you previously had a `secret` set, you must provide the same `secret` or set a new `secret` or the secret will be removed. If you are only updating individual webhook `config` properties, use "[Update a webhook configuration for a repository](/rest/webhooks/repo-config#update-a-webhook-configuration-for-a-repository)."
repos_update_webhook(hook_id, owner, repo, active?, add_events?, config?, events?, remove_events?) -> {active, config, created_at, deliveries_url, ...}
Delete an app authorization
OAuth and GitHub application owners can revoke a grant for their application and a specific user. You must provide a valid OAuth `access_token` as an input parameter and the grant for the token's owner will be deleted. Deleting an application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on [the application authorizations settings screen within GitHub](https://github.com/settings/applications#authorized).
apps_delete_authorization(access_token, client_id)
Set private repo fork PR workflow settings for an organization
Sets the settings for whether workflows from fork pull requests can run on private repositories in an organization.
actions_set_private_repo_fork_pr_workflows_settings_organization(org, run_workflows_from_fork_pull_requests, require_approval_for_fork_pr_workflows?, send_secrets_and_variables?, send_write_tokens_to_workflows?)
Create an organization repository ruleset
Create a repository ruleset for an organization.
repos_create_org_ruleset(enforcement, name, org, bypass_actors?, conditions?, rules?, target?) -> {_links, bypass_actors, conditions, created_at, ...}
Star a repository for the authenticated user
Note that you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see "[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method)."
activity_star_repo_for_authenticated_user(owner, repo)
Get a check suite
Gets a single check suite using its `id`. > [!NOTE] > The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty `pull_requests` array and a `null` value for `head_branch`. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint on a private repository.
checks_get_suite(check_suite_id, owner, repo) -> {after, app, before, check_runs_url, ...}
Get a package version for the authenticated user
Gets a specific package version for a package owned by the authenticated user. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_get_package_version_for_authenticated_user(package_name, package_type, package_version_id) -> {created_at, deleted_at, description, html_url, ...}
Unsuspend an app installation
Removes a GitHub App installation suspension. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_unsuspend_installation(installation_id)
Suspend an app installation
Suspends a GitHub App on a user, organization, or enterprise account, which blocks the app from accessing the account's resources. When a GitHub App is suspended, the app's access to the GitHub API or webhook events is blocked for that account. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_suspend_installation(installation_id)
Get all commonly used licenses
Lists the most commonly used licenses on GitHub. For more information, see "[Licensing a repository ](https://docs.github.com/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/licensing-a-repository)."
licenses_get_all_commonly_used(featured?, page?, per_page?) -> [{}]
Create a temporary private fork
Create a temporary private fork to collaborate on fixing a security vulnerability in your repository. > [!NOTE] > Forking a repository happens asynchronously. You may have to wait up to 5 minutes before you can access the fork.
security_advisories_create_fork(ghsa_id, owner, repo)
Get all organization repository rulesets
Get all the repository rulesets for an organization.
repos_get_org_rulesets(org, page?, per_page?, targets?) -> [{}]
List repository secrets
Lists all secrets available in a repository without revealing their encrypted values. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
dependabot_list_repo_secrets(owner, repo, page?, per_page?) -> {secrets, total_count}
List installation requests for the authenticated app
Lists all the pending installation requests for the authenticated GitHub App.
apps_list_installation_requests_for_authenticated_app(page?, per_page?) -> [{}]
Update Git LFS preference
You can import repositories from Subversion, Mercurial, and TFS that include files larger than 100MB. This ability is powered by [Git LFS](https://git-lfs.com). You can learn more about our LFS feature and working with large files [on our help site](https://docs.github.com/repositories/working-with-files/managing-large-files). > [!WARNING] > **Endpoint closing down notice:** Due to very low levels of usage and available alternatives, this endpoint is closing down and will no longer be available from 00:00 UTC on April 12, 2024. For more details and alternatives, see the [changelog](https://gh.io/source-imports-api-deprecation).
migrations_set_lfs_preference(owner, repo, use_lfs) -> {authors_count, authors_url, commit_count, error_message, ...}
Create a deployment branch policy
Creates a deployment branch or tag policy for an environment. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_create_deployment_branch_policy(environment_name, name, owner, repo, type?) -> {id, name, node_id, type}
Get branch protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation.
repos_get_branch_protection(branch, owner, repo) -> {allow_deletions, allow_force_pushes, allow_fork_syncing, block_creations, ...}
List repository tags
repos_list_tags(owner, repo, page?, per_page?) -> [{}]
Delete branch protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation.
repos_delete_branch_protection(branch, owner, repo)
List organization issues assigned to the authenticated user
List issues in an organization assigned to the authenticated user. > [!NOTE] > GitHub's REST API considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the `pull_request` key. Be aware that the `id` of a pull request returned from "Issues" endpoints will be an _issue id_. To find out the pull request id, use the "[List pull requests](https://docs.github.com/rest/pulls/pulls#list-pull-requests)" endpoint. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_list_for_org(org, direction?, filter?, labels?, page?, per_page?, since?, sort?, state?, type?) -> [{}]
List code scanning alerts for an organization
Lists code scanning alerts for the default branch for all eligible repositories in an organization. Eligible repositories are repositories that are owned by organizations that you own or for which you are a security manager. For more information, see "[Managing security managers in your organization](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)." The authenticated user must be an owner or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `security_events` or `repo`s cope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_list_alerts_for_org(org, after?, assignees?, before?, direction?, page?, per_page?, severity?, sort?, state?, tool_guid?, tool_name?) -> [{}]
Update branch protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Protecting a branch requires admin or owner permissions to the repository. > [!NOTE] > Passing new arrays of `users` and `teams` replaces their previous values. > [!NOTE] > The list of users, apps, and teams in total is limited to 100 items.
repos_update_branch_protection(branch, enforce_admins, owner, repo, required_pull_request_reviews, required_status_checks, restrictions, allow_deletions?, allow_force_pushes?, allow_fork_syncing?, block_creations?, lock_branch?, required_conversation_resolution?, required_linear_history?) -> {allow_deletions, allow_force_pushes, allow_fork_syncing, block_creations, ...}
Set self-hosted runners in a group for an organization
Replaces the list of self-hosted runners that are part of an organization runner group. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_set_self_hosted_runners_in_group_for_org(org, runner_group_id, runners)
Delete an organization
Deletes an organization and all its repositories. The organization login will be unavailable for 90 days after deletion. Please review the Terms of Service regarding account deletion before using this endpoint: https://docs.github.com/site-policy/github-terms/github-terms-of-service
orgs_delete(org)
List artifact deployment records
List deployment records for an artifact metadata associated with an organization.
orgs_list_artifact_deployment_records(org, subject_digest) -> {deployment_records, total_count}
Update an organization
> [!WARNING] > **Closing down notice:** GitHub will replace and discontinue `members_allowed_repository_creation_type` in favor of more granular permissions. The new input parameters are `members_can_create_public_repositories`, `members_can_create_private_repositories` for all organizations and `members_can_create_internal_repositories` for organizations associated with an enterprise account using GitHub Enterprise Cloud or GitHub Enterprise Server 2.20+. For more information, see the [blog post](https://developer.github.com/changes/2019-12-03-internal-visibility-changes). > [!WARNING] > **Closing down notice:** Code security product enablement for new repositories through the organization API is closing down. Please use [code security configurations](https://docs.github.com/rest/code-security/configurations#set-a-code-security-configuration-as-a-default-for-an-organization) to set defaults instead. For more information on setting a default security configuration, see the [changelog](https://github.blog/changelog/2024-07-09-sunsetting-security-settings-defaults-parameters-in-the-organizations-rest-api/). Updates the organization's profile and member privileges. The authenticated user must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` or `repo` scope to use this endpoint.
orgs_update(org, advanced_security_enabled_for_new_repositories?, billing_email?, blog?, company?, default_repository_permission?, dependabot_alerts_enabled_for_new_repositories?, dependabot_security_updates_enabled_for_new_repositories?, dependency_graph_enabled_for_new_repositories?, deploy_keys_enabled_for_repositories?, description?, email?, has_organization_projects?, has_repository_projects?, location?, members_allowed_repository_creation_type?, members_can_create_internal_repositories?, members_can_create_pages?, members_can_create_private_pages?, members_can_create_private_repositories?, members_can_create_public_pages?, members_can_create_public_repositories?, members_can_create_repositories?, members_can_fork_private_repositories?, name?, secret_scanning_enabled_for_new_repositories?, secret_scanning_push_protection_custom_link?, secret_scanning_push_protection_custom_link_enabled?, secret_scanning_push_protection_enabled_for_new_repositories?, twitter_username?, web_commit_signoff_required?) -> {plan, two_factor_requirement_enabled, members_can_view_dependency_insights, members_can_create_teams, ...}
Get an organization secret
Gets an organization development environment secret without revealing its encrypted value. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_get_org_secret(org, secret_name) -> {created_at, name, selected_repositories_url, updated_at, ...}
Create or update a secret for the authenticated user
Creates or updates a development environment secret for a user's codespace with an encrypted value. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)." The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `codespace` or `codespace:secrets` scope to use this endpoint.
codespaces_create_or_update_secret_for_authenticated_user(key_id, secret_name, encrypted_value?, selected_repository_ids?) -> {}
Add team member (Legacy)
The "Add team member" endpoint (described below) is closing down. We recommend using the [Add or update team membership for a user](https://docs.github.com/rest/teams/members#add-or-update-team-membership-for-a-user) endpoint instead. It allows you to invite new organization members to your teams. Team synchronization is available for organizations using GitHub Enterprise Cloud. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. To add someone to a team, the authenticated user must be an organization owner or a team maintainer in the team they're changing. The person being added to the team must be a member of the team's organization. > [!NOTE] > When you have team synchronization set up for a team with your organization's identity provider (IdP), you will see an error if you attempt to use the API for making changes to the team's membership. If you have access to manage group membership in your IdP, you can manage GitHub team membership through your identity provider, which automatically adds and removes team members in an organization. For more information, see "[Synchronizing teams between your identity provider and GitHub](https://docs.github.com/articles/synchronizing-teams-between-your-identity-provider-and-github/)." Note that you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see "[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method)."
teams_add_member_legacy(team_id, username)
Get team member (Legacy)
The "Get team member" endpoint (described below) is closing down. We recommend using the [Get team membership for a user](https://docs.github.com/rest/teams/members#get-team-membership-for-a-user) endpoint instead. It allows you to get both active and pending memberships. To list members in a team, the team must be visible to the authenticated user.
teams_get_member_legacy(team_id, username)
Dismiss a review for a pull request
Dismisses a specified review on a pull request. > [!NOTE] > To dismiss a pull request review on a [protected branch](https://docs.github.com/rest/branches/branch-protection), you must be a repository administrator or be included in the list of people or teams who can dismiss pull request reviews. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_dismiss_review(message, owner, pull_number, repo, review_id, event?) -> {_links, author_association, body, body_html, ...}
List deliveries for an organization webhook
Returns a list of webhook deliveries for a webhook configured in an organization. You must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need `admin:org_hook` scope. OAuth apps cannot list, view, or edit webhooks that they did not create and users cannot list, view, or edit webhooks that were created by OAuth apps.
orgs_list_webhook_deliveries(hook_id, org, cursor?, per_page?) -> [{}]
List repositories watched by a user
Lists repositories a user is watching.
activity_list_repos_watched_by_user(username, page?, per_page?) -> [{}]
Remove interaction restrictions from your public repositories
Removes any interaction restrictions from your public repositories.
interactions_remove_restrictions_for_authenticated_user()
Update a reference
Updates the provided reference to point to a new SHA. For more information, see "[Git References](https://git-scm.com/book/en/v2/Git-Internals-Git-References)" in the Git documentation.
git_update_ref(owner, ref, repo, sha, force?) -> {node_id, object, ref, url}
Get user stats
Get API usage statistics within an organization for a user broken down by the type of access.
api_insights_get_user_stats(min_timestamp, org, user_id, actor_name_substring?, direction?, max_timestamp?, page?, per_page?, sort?) -> [{actor_id, actor_name, actor_type, integration_id, ...}]
Create a codespace for the authenticated user
Creates a new codespace, owned by the authenticated user. This endpoint requires either a `repository_id` OR a `pull_request` but not both. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_create_for_authenticated_user() -> {billable_owner, created_at, devcontainer_path, display_name, ...}
List repository activities
Lists a detailed history of changes to a repository, such as pushes, merges, force pushes, and branch changes, and associates these changes with commits and users. For more information about viewing repository activity, see "[Viewing activity and data for your repository](https://docs.github.com/repositories/viewing-activity-and-data-for-your-repository)."
repos_list_activities(owner, repo, activity_type?, actor?, after?, before?, direction?, per_page?, ref?, time_period?) -> [{}]
Get an environment public key
Get the public key for an environment, which you need to encrypt environment secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_environment_public_key(environment_name, owner, repo) -> {created_at, id, key, key_id, ...}
List accepted assignments for an assignment
Lists any assignment repositories that have been created by students accepting a GitHub Classroom assignment. Accepted assignments will only be returned if the current user is an administrator of the GitHub Classroom for the assignment.
classroom_list_accepted_assignments_for_an_assignment(assignment_id, page?, per_page?) -> [{}]
Get a self-hosted runner group for an organization
Gets a specific self-hosted runner group for an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_get_self_hosted_runner_group_for_org(org, runner_group_id) -> {allows_public_repositories, default, hosted_runners_url, id, ...}
List hosted compute network configurations for an organization
Lists all hosted compute network configurations configured in an organization. OAuth app tokens and personal access tokens (classic) need the `read:network_configurations` scope to use this endpoint.
hosted_compute_list_network_configurations_for_org(org, page?, per_page?) -> {network_configurations, total_count}
List organization pattern configurations
Lists the secret scanning pattern configurations for an organization. Personal access tokens (classic) need the `read:org` scope to use this endpoint.
secret_scanning_list_org_pattern_configs(org) -> {custom_pattern_overrides, pattern_config_version, provider_pattern_overrides}
Get an organization webhook
Returns a webhook configured in an organization. To get only the webhook `config` properties, see "[Get a webhook configuration for an organization](/rest/orgs/webhooks#get-a-webhook-configuration-for-an-organization). You must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need `admin:org_hook` scope. OAuth apps cannot list, view, or edit webhooks that they did not create and users cannot list, view, or edit webhooks that were created by OAuth apps.
orgs_get_webhook(hook_id, org) -> {active, config, created_at, deliveries_url, ...}
Remove app access restrictions
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Removes the ability of an app to push to this branch. Only GitHub Apps that are installed on the repository and that have been granted write access to the repository contents can be added as authorized actors on a protected branch.
repos_remove_app_access_restrictions(apps, branch, owner, repo) -> [{}]
Get the latest release
View the latest published full release for the repository. The latest release is the most recent non-prerelease, non-draft release, sorted by the `created_at` attribute. The `created_at` attribute is the date of the commit used for the release, and not the date when the release was drafted or published.
repos_get_latest_release(owner, repo) -> {assets, assets_url, author, body, ...}
Delete a repository
Deleting a repository requires admin access. If an organization owner has configured the organization to prevent members from deleting organization-owned repositories, you will get a `403 Forbidden` response. OAuth app tokens and personal access tokens (classic) need the `delete_repo` scope to use this endpoint.
repos_delete(owner, repo)
Set app access restrictions
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Replaces the list of apps that have push access to this branch. This removes all apps that previously had push access and grants push access to the new list of apps. Only GitHub Apps that are installed on the repository and that have been granted write access to the repository contents can be added as authorized actors on a protected branch.
repos_set_app_access_restrictions(apps, branch, owner, repo) -> [{}]
Update pull request review protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Updating pull request review enforcement requires admin or owner permissions to the repository and branch protection to be enabled. > [!NOTE] > Passing new arrays of `users` and `teams` replaces their previous values.
repos_update_pull_request_review_protection(branch, owner, repo, bypass_pull_request_allowances?, dismiss_stale_reviews?, dismissal_restrictions?, require_code_owner_reviews?, require_last_push_approval?, required_approving_review_count?) -> {bypass_pull_request_allowances, dismiss_stale_reviews, dismissal_restrictions, require_code_owner_reviews, ...}
Update a repository
**Note**: To edit a repository's topics, use the [Replace all repository topics](https://docs.github.com/rest/repos/repos#replace-all-repository-topics) endpoint.
repos_update(owner, repo, allow_auto_merge?, allow_forking?, allow_merge_commit?, allow_rebase_merge?, allow_squash_merge?, allow_update_branch?, archived?, default_branch?, delete_branch_on_merge?, description?, has_issues?, has_projects?, has_wiki?, homepage?, is_template?, merge_commit_message?, merge_commit_title?, name?, private?, security_and_analysis?, squash_merge_commit_message?, squash_merge_commit_title?, use_squash_pr_title_as_default?, visibility?, web_commit_signoff_required?) -> {labels_url, keys_url, fork, owner, ...}
Create a commit status
Users with push access in a repository can create commit statuses for a given SHA. Note: there is a limit of 1000 statuses per `sha` and `context` within a repository. Attempts to create more than 1000 statuses will result in a validation error.
repos_create_commit_status(owner, repo, sha, state, context?, description?, target_url?) -> {avatar_url, context, created_at, creator, ...}
Get partner images for GitHub-hosted runners in an organization
Get the list of partner images available for GitHub-hosted runners for an organization.
actions_get_hosted_runners_partner_images_for_org(org) -> {images, total_count}
List organization invitation teams
List all teams associated with an invitation. In order to see invitations in an organization, the authenticated user must be an organization owner.
orgs_list_invitation_teams(invitation_id, org, page?, per_page?) -> [{}]
Enable a selected repository for GitHub Actions in an organization
Adds a repository to the list of selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for `enabled_repositories` must be must be configured to `selected`. For more information, see "[Set GitHub Actions permissions for an organization](#set-github-actions-permissions-for-an-organization)." OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_enable_selected_repository_github_actions_organization(org, repository_id)
Get organization membership for a user
In order to get a user's membership with an organization, the authenticated user must be an organization member. The `state` parameter in the response can be used to identify the user's membership status.
orgs_get_membership_for_user(org, username) -> {direct_membership, enterprise_teams_providing_indirect_membership, organization, organization_url, ...}
Set organization membership for a user
Only authenticated organization owners can add a member to the organization or update the member's role. * If the authenticated user is _adding_ a member to the organization, the invited user will receive an email inviting them to the organization. The user's [membership status](https://docs.github.com/rest/orgs/members#get-organization-membership-for-a-user) will be `pending` until they accept the invitation. * Authenticated users can _update_ a user's membership by passing the `role` parameter. If the authenticated user changes a member's role to `admin`, the affected user will receive an email notifying them that they've been made an organization owner. If the authenticated user changes an owner's role to `member`, no email will be sent. **Rate limits** To prevent abuse, organization owners are limited to creating 50 organization invitations for an organization within a 24 hour period. If the organization is more than one month old or on a paid plan, the limit is 500 invitations per 24 hour period.
orgs_set_membership_for_user(org, username, role?) -> {direct_membership, enterprise_teams_providing_indirect_membership, organization, organization_url, ...}
List GitHub-hosted runners in a group for an organization
Lists the GitHub-hosted runners in an organization group. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_list_github_hosted_runners_in_group_for_org(org, runner_group_id, page?, per_page?) -> {runners, total_count}
List installations for the authenticated app
The permissions the installation has are included under the `permissions` key. You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_list_installations(outdated?, page?, per_page?, since?) -> [{}]
Delete a user migration archive
Deletes a previous migration archive. Downloadable migration archives are automatically deleted after seven days. Migration metadata, which is returned in the [List user migrations](https://docs.github.com/rest/migrations/users#list-user-migrations) and [Get a user migration status](https://docs.github.com/rest/migrations/users#get-a-user-migration-status) endpoints, will continue to be available even after an archive is deleted.
migrations_delete_archive_for_authenticated_user(migration_id)
Get the license for a repository
This method returns the contents of the repository's license file, if one is detected. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw contents of the license. - **`application/vnd.github.html+json`**: Returns the license contents in HTML. Markup languages are rendered to HTML using GitHub's open-source [Markup library](https://github.com/github/markup).
licenses_get_for_repo(owner, repo, ref?) -> {_links, content, download_url, encoding, ...}
Get a repository secret
Gets a single repository secret without revealing its encrypted value. The authenticated user must have collaborator access to the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_repo_secret(owner, repo, secret_name) -> {created_at, name, updated_at}
Create or update a repository secret
Creates or updates a repository secret with an encrypted value. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)." Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_create_or_update_repo_secret(encrypted_value, key_id, owner, repo, secret_name) -> {}
List repository rule suites
Lists suites of rule evaluations at the repository level. For more information, see "[Managing rulesets for a repository](https://docs.github.com/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#viewing-insights-for-rulesets)."
repos_get_repo_rule_suites(owner, repo, actor_name?, page?, per_page?, ref?, rule_suite_result?, time_period?) -> [{actor_id, actor_name, after_sha, before_sha, ...}]
List app installations for an organization
Lists all GitHub Apps in an organization. The installation count includes all GitHub Apps installed on repositories in the organization. The authenticated user must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:read` scope to use this endpoint.
orgs_list_app_installations(org, page?, per_page?) -> {installations, total_count}
List social accounts for the authenticated user
Lists all of your social accounts.
users_list_social_accounts_for_authenticated_user(page?, per_page?) -> [{}]
Add social accounts for the authenticated user
Add one or more social accounts to the authenticated user's profile. OAuth app tokens and personal access tokens (classic) need the `user` scope to use this endpoint.
users_add_social_account_for_authenticated_user(account_urls) -> [{}]
Update a label
Updates a label using the given label name.
issues_update_label(name, owner, repo, color?, description?, new_name?) -> {color, default, description, id, ...}
Set user access restrictions
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Replaces the list of people that have push access to this branch. This removes all people that previously had push access and grants push access to the new list of people. | Type | Description | | ------- | ----------------------------------------------------------------------------------------------------------------------------- | | `array` | Usernames for people who can have push access. **Note**: The list of users, apps, and teams in total is limited to 100 items. |
repos_set_user_access_restrictions(branch, owner, repo, users) -> [{}]
Get users with access to the protected branch
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Lists the people who have push access to this branch.
repos_get_users_with_access_to_protected_branch(branch, owner, repo) -> [{}]
Remove user access restrictions
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Removes the ability of a user to push to this branch. | Type | Description | | ------- | --------------------------------------------------------------------------------------------------------------------------------------------- | | `array` | Usernames of the people who should no longer have push access. **Note**: The list of users, apps, and teams in total is limited to 100 items. |
repos_remove_user_access_restrictions(branch, owner, repo, users) -> [{}]
Get time stats by actor
Get the number of API requests and rate-limited requests made within an organization by a specific actor within a specified time period.
api_insights_get_time_stats_by_actor(actor_id, actor_type, min_timestamp, org, timestamp_increment, max_timestamp?) -> [{rate_limited_request_count, timestamp, total_request_count}]
List reactions for an issue
List the reactions to an [issue](https://docs.github.com/rest/issues/issues#get-an-issue).
reactions_list_for_issue(issue_number, owner, repo, content?, page?, per_page?) -> [{}]
Create reaction for an issue
Create a reaction to an [issue](https://docs.github.com/rest/issues/issues#get-an-issue). A response with an HTTP `200` status means that you already added the reaction type to this issue.
reactions_create_for_issue(content, issue_number, owner, repo) -> {content, created_at, id, node_id, ...}
List jobs for a workflow run attempt
Lists jobs for a specific workflow run attempt. You can use parameters to narrow the list of results. For more information about using parameters, see [Parameters](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#parameters). Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
actions_list_jobs_for_workflow_run_attempt(attempt_number, owner, repo, run_id, page?, per_page?) -> {jobs, total_count}
Delete a package version for the authenticated user
Deletes a specific package version for a package owned by the authenticated user. If the package is public and the package version has more than 5,000 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance. The authenticated user must have admin permissions in the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `read:packages` and `delete:packages` scopes to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_delete_package_version_for_authenticated_user(package_name, package_type, package_version_id)
Accept a repository invitation
repos_accept_invitation_for_authenticated_user(invitation_id)
Decline a repository invitation
repos_decline_invitation_for_authenticated_user(invitation_id)
Lists the repositories Dependabot can access in an organization
Lists repositories that organization admins have allowed Dependabot to access when updating dependencies. > [!NOTE] > This operation supports both server-to-server and user-to-server access. Unauthorized users will not see the existence of this endpoint.
dependabot_repository_access_for_org(org, page?, per_page?) -> {accessible_repositories, default_level}
Updates Dependabot's repository access list for an organization
Updates repositories according to the list of repositories that organization admins have given Dependabot access to when they've updated dependencies. > [!NOTE] > This operation supports both server-to-server and user-to-server access. Unauthorized users will not see the existence of this endpoint. **Example request body:** ```json { "repository_ids_to_add": [123, 456], "repository_ids_to_remove": [789] } ```
dependabot_update_repository_access_for_org(org, repository_ids_to_add?, repository_ids_to_remove?)
Closing down - List tag protection states for a repository
> [!WARNING] > **Closing down notice:** This operation is closing down and will be removed after August 30, 2024. Use the "[Repository Rulesets](https://docs.github.com/rest/repos/rules#get-all-repository-rulesets)" endpoint instead. This returns the tag protection states of a repository. This information is only available to repository administrators.
repos_list_tag_protection(owner, repo) -> [{}]
Set a code security configuration as a default for an organization
Sets a code security configuration as a default to be applied to new repositories in your organization. This configuration will be applied to the matching repository type (all, none, public, private and internal) by default when they are created. The authenticated user must be an administrator or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `write:org` scope to use this endpoint.
code_security_set_configuration_as_default(configuration_id, org, default_for_new_repos?) -> {configuration, default_for_new_repos}
Restore a package for a user
Restores an entire package for a user. You can restore a deleted package under the following conditions: - The package was deleted within the last 30 days. - The same package namespace and version is still available and not reused for a new package. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first. If the `package_type` belongs to a GitHub Packages registry that supports granular permissions, the authenticated user must have admin permissions to the package. For the list of these registries, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#granular-permissions-for-userorganization-scoped-packages)." OAuth app tokens and personal access tokens (classic) need the `read:packages` and `write:packages` scopes to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_restore_package_for_user(package_name, package_type, username, token?)
List available machine types for a repository
List the machine types available for a given repository based on its configuration. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_repo_machines_for_authenticated_user(owner, repo, client_ip?, location?, ref?) -> {machines, total_count}
List discussions
List all discussions on a team's page. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `GET /organizations/{org_id}/team/{team_id}/discussions`. OAuth app tokens and personal access tokens (classic) need the `read:discussion` scope to use this endpoint.
teams_list_discussions_in_org(org, team_slug, direction?, page?, per_page?, pinned?) -> [{}]
List selected repositories for an organization secret
Lists all repositories that have been selected when the `visibility` for repository access to a secret is set to `selected`. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
dependabot_list_selected_repos_for_org_secret(org, secret_name, page?, per_page?) -> {repositories, total_count}
Get an enterprise team
Gets a team using the team's slug. To create the slug, GitHub replaces special characters in the name string, changes all words to lowercase, and replaces spaces with a `-` separator and adds the "ent:" prefix. For example, "My TEam Näme" would become `ent:my-team-name`.
enterprise_teams_get(enterprise, team_slug) -> {created_at, description, group_id, group_name, ...}
List environments
Lists the environments for a repository. Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
repos_get_all_environments(owner, repo, page?, per_page?) -> {environments, total_count}
Get summary stats by user
Get overall statistics of API requests within the organization for a user.
api_insights_get_summary_stats_by_user(min_timestamp, org, user_id, max_timestamp?) -> {rate_limited_request_count, total_request_count}
Get a custom image definition for GitHub Actions Hosted Runners
Get a custom image definition for GitHub Actions Hosted Runners. OAuth tokens and personal access tokens (classic) need the `manage_runners:org` scope to use this endpoint.
actions_get_custom_image_for_org(image_definition_id, org) -> {id, latest_version, name, platform, ...}
Delete a deployment
If the repository only has one deployment, you can delete the deployment regardless of its status. If the repository has more than one deployment, you can only delete inactive deployments. This ensures that repositories with multiple deployments will always have an active deployment. To set a deployment as inactive, you must: * Create a new deployment that is active so that the system has a record of the current state, then delete the previously active deployment. * Mark the active deployment as inactive by adding any non-successful deployment status. For more information, see "[Create a deployment](https://docs.github.com/rest/deployments/deployments/#create-a-deployment)" and "[Create a deployment status](https://docs.github.com/rest/deployments/statuses#create-a-deployment-status)." OAuth app tokens and personal access tokens (classic) need the `repo` or `repo_deployment` scope to use this endpoint.
repos_delete_deployment(deployment_id, owner, repo)
Create an organization invitation
Invite people to an organization by using their GitHub user ID or their email address. In order to create invitations in an organization, the authenticated user must be an organization owner. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)."
orgs_create_invitation(org, email?, invitee_id?, role?, team_ids?) -> {created_at, email, failed_at, failed_reason, ...}
Review requests to access organization resources with fine-grained personal access tokens
Approves or denies multiple pending requests to access organization resources via a fine-grained personal access token. Only GitHub Apps can use this endpoint.
orgs_review_pat_grant_requests_in_bulk(action, org, pat_request_ids?, reason?)
Remove assignees from an issue
Removes one or more assignees from an issue.
issues_remove_assignees(issue_number, owner, repo, assignees?) -> {labels_url, title, comments, id, ...}
List matching references
Returns an array of references from your Git database that match the supplied name. The `:ref` in the URL must be formatted as `heads/<branch name>` for branches and `tags/<tag name>` for tags. If the `:ref` doesn't exist in the repository, but existing refs start with `:ref`, they will be returned as an array. When you use this endpoint without providing a `:ref`, it will return an array of all the references from your Git database, including notes and stashes if they exist on the server. Anything in the namespace is returned, not just `heads` and `tags`. > [!NOTE] > You need to explicitly [request a pull request](https://docs.github.com/rest/pulls/pulls#get-a-pull-request) to trigger a test merge commit, which checks the mergeability of pull requests. For more information, see "[Checking mergeability of pull requests](https://docs.github.com/rest/guides/getting-started-with-the-git-database-api#checking-mergeability-of-pull-requests)". If you request matching references for a branch named `feature` but the branch `feature` doesn't exist, the response can still include other matching head refs that start with the word `feature`, such as `featureA` and `featureB`.
git_list_matching_refs(owner, ref, repo) -> [{}]
Create commit signature protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. When authenticated with admin or owner permissions to the repository, you can use this endpoint to require signed commits on a branch. You must enable branch protection to require signed commits.
repos_create_commit_signature_protection(branch, owner, repo) -> {enabled, url}
Remove a custom label from a self-hosted runner for a repository
Remove a custom label from a self-hosted runner configured in a repository. Returns the remaining labels from the runner. This endpoint returns a `404 Not Found` status if the custom label is not present on the runner. Authenticated users must have admin access to the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_remove_custom_label_from_self_hosted_runner_for_repo(name, owner, repo, runner_id)
Get a package for a user
Gets a specific package metadata for a public package owned by a user. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_get_package_for_user(package_name, package_type, username) -> {created_at, html_url, id, name, ...}
Create or update a repository secret
Creates or updates a repository development environment secret with an encrypted value. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)." OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint. The associated user must be a repository admin.
codespaces_create_or_update_repo_secret(owner, repo, secret_name, encrypted_value?, key_id?) -> {}
List locations for a secret scanning alert
Lists all locations for a given secret scanning alert for an eligible repository. The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` or `security_events` scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the `public_repo` scope instead.
secret_scanning_list_locations_for_alert(alert_number, owner, repo, page?, per_page?) -> [{}]
Check if immutable releases are enabled for a repository
Shows whether immutable releases are enabled or disabled. Also identifies whether immutability is being enforced by the repository owner. The authenticated user must have admin read access to the repository.
repos_check_immutable_releases(owner, repo) -> {enabled, enforced_by_owner}
List organizations for a user
List [public organization memberships](https://docs.github.com/articles/publicizing-or-concealing-organization-membership) for the specified user. This method only lists _public_ memberships, regardless of authentication. If you need to fetch all of the organization memberships (public and private) for the authenticated user, use the [List organizations for the authenticated user](https://docs.github.com/rest/orgs/orgs#list-organizations-for-the-authenticated-user) API instead.
orgs_list_for_user(username, page?, per_page?) -> [{}]
Delete a reference
Deletes the provided reference.
git_delete_ref(owner, ref, repo)
List comments for a pull request review
Lists comments for a specific pull request review. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_list_comments_for_review(owner, pull_number, repo, review_id, page?, per_page?) -> [{}]
Get self-hosted runners settings for an organization
Gets the settings for self-hosted runners for an organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope or the "Actions policies" fine-grained permission to use this endpoint.
actions_get_self_hosted_runners_permissions_organization(org) -> {enabled_repositories, selected_repositories_url}
List repositories a fine-grained personal access token has access to
Lists the repositories a fine-grained personal access token has access to. Only GitHub Apps can use this endpoint.
orgs_list_pat_grant_repositories(org, pat_id, page?, per_page?) -> [{}]
Get team membership for a user
Team members will include the members of child teams. To get a user's membership with a team, the team must be visible to the authenticated user. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `GET /organizations/{org_id}/team/{team_id}/memberships/{username}`. > [!NOTE] > The response contains the `state` of the membership and the member's `role`. The `role` for organization owners is set to `maintainer`. For more information about `maintainer` roles, see [Create a team](https://docs.github.com/rest/teams/teams#create-a-team).
teams_get_membership_for_user_in_org(org, team_slug, username) -> {role, state, url}
Remove dependency an issue is blocked by
You can use the REST API to remove a dependency that an issue is blocked by. Removing content too quickly using this endpoint may result in secondary rate limiting. For more information, see [Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits) and [Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api). This endpoint supports the following custom media types. For more information, see [Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types). - **`application/vnd.github.raw+json`**: Returns the raw Markdown body. Response will include `body`. This is the default if you do not pass a specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the Markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's Markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_remove_dependency_blocked_by(issue_id, issue_number, owner, repo) -> {labels_url, title, comments, id, ...}
Get a repository README for a directory
Gets the README from a repository directory. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw file contents. This is the default if you do not specify a media type. - **`application/vnd.github.html+json`**: Returns the README in HTML. Markup languages are rendered to HTML using GitHub's open-source [Markup library](https://github.com/github/markup).
repos_get_readme_in_directory(dir, owner, repo, ref?) -> {_links, content, download_url, encoding, ...}
Get an environment variable
Gets a specific variable in an environment. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_environment_variable(environment_name, name, owner, repo) -> {created_at, name, updated_at, value}
Add user access restrictions
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Grants the specified people push access for this branch. | Type | Description | | ------- | ----------------------------------------------------------------------------------------------------------------------------- | | `array` | Usernames for people who can have push access. **Note**: The list of users, apps, and teams in total is limited to 100 items. |
repos_add_user_access_restrictions(branch, owner, repo, users) -> [{}]
Update issue type for an organization
Updates an issue type for an organization. You can find out more about issue types in [Managing issue types in an organization](https://docs.github.com/issues/tracking-your-work-with-issues/configuring-issues/managing-issue-types-in-an-organization). To use this endpoint, the authenticated user must be an administrator for the organization. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_update_issue_type(is_enabled, issue_type_id, name, org, color?, description?) -> {color, created_at, description, id, ...}
Get Copilot metrics for an organization
Use this endpoint to see a breakdown of aggregated metrics for various GitHub Copilot features. See the response schema tab for detailed metrics definitions. > [!NOTE] > This endpoint will only return results for a given day if the organization contained **five or more members with active Copilot licenses** on that day, as evaluated at the end of that day. The response contains metrics for up to 100 days prior. Metrics are processed once per day for the previous day, and the response will only include data up until yesterday. In order for an end user to be counted towards these metrics, they must have telemetry enabled in their IDE. To access this endpoint, the Copilot Metrics API access policy must be enabled for the organization. Only organization owners and owners and billing managers of the parent enterprise can view Copilot metrics. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot`, `read:org`, or `read:enterprise` scopes to use this endpoint.
copilot_copilot_metrics_for_organization(org, page?, per_page?, since?, until?) -> [{}]
Create a repository dispatch event
You can use this endpoint to trigger a webhook event called `repository_dispatch` when you want activity that happens outside of GitHub to trigger a GitHub Actions workflow or GitHub App webhook. You must configure your GitHub Actions workflow or GitHub App to run when the `repository_dispatch` event occurs. For an example `repository_dispatch` webhook payload, see "[RepositoryDispatchEvent](https://docs.github.com/webhooks/event-payloads/#repository_dispatch)." The `client_payload` parameter is available for any extra information that your workflow might need. This parameter is a JSON payload that will be passed on when the webhook event is dispatched. For example, the `client_payload` can include a message that a user would like to send using a GitHub Actions workflow. Or the `client_payload` can be used as a test to debug your workflow. This input example shows how you can use the `client_payload` as a test to debug your workflow. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_create_dispatch_event(event_type, owner, repo, client_payload?)
List organization repositories
Lists repositories for the specified organization. > [!NOTE] > In order to see the `security_and_analysis` block for a repository you must have admin permissions for the repository or be an owner or security manager for the organization that owns the repository. For more information, see "[Managing security managers in your organization](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)."
repos_list_for_org(org, direction?, page?, per_page?, sort?, type?) -> [{}]
List environment variables
Lists all environment variables. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_list_environment_variables(environment_name, owner, repo, page?, per_page?) -> {total_count, variables}
List deployment branch policies
Lists the deployment branch policies for an environment. Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
repos_list_deployment_branch_policies(environment_name, owner, repo, page?, per_page?) -> {branch_policies, total_count}
List assignments for a classroom
Lists GitHub Classroom assignments for a classroom. Assignments will only be returned if the current user is an administrator of the GitHub Classroom.
classroom_list_assignments_for_a_classroom(classroom_id, page?, per_page?) -> [{}]
List public events for a network of repositories
> [!NOTE] > This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.
activity_list_public_events_for_repo_network(owner, repo, page?, per_page?) -> [{}]
Update a custom code security configuration for an enterprise
Updates a code security configuration in an enterprise. The authenticated user must be an administrator of the enterprise in order to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:enterprise` scope to use this endpoint.
code_security_update_enterprise_configuration(configuration_id, enterprise, advanced_security?, code_scanning_default_setup?, code_scanning_default_setup_options?, code_scanning_delegated_alert_dismissal?, code_scanning_options?, code_security?, dependabot_alerts?, dependabot_security_updates?, dependency_graph?, dependency_graph_autosubmit_action?, dependency_graph_autosubmit_action_options?, description?, enforcement?, name?, private_vulnerability_reporting?, secret_protection?, secret_scanning?, secret_scanning_delegated_alert_dismissal?, secret_scanning_generic_secrets?, secret_scanning_non_provider_patterns?, secret_scanning_push_protection?, secret_scanning_validity_checks?) -> {advanced_security, code_scanning_default_setup, code_scanning_default_setup_options, code_scanning_delegated_alert_dismissal, ...}
Review a request to access organization resources with a fine-grained personal access token
Approves or denies a pending request to access organization resources via a fine-grained personal access token. Only GitHub Apps can use this endpoint.
orgs_review_pat_grant_request(action, org, pat_request_id, reason?)
Create a public SSH key for the authenticated user
Adds a public SSH key to the authenticated user's GitHub account. OAuth app tokens and personal access tokens (classic) need the `write:public_key` scope to use this endpoint.
users_create_public_ssh_key_for_authenticated_user(key, title?) -> {created_at, id, key, last_used, ...}
Delete attestations by ID
Delete an artifact attestation by unique ID that is associated with a repository owned by an org.
orgs_delete_attestations_by_id(attestation_id, org)
Set GitHub Actions permissions for a repository
Sets the GitHub Actions permissions policy for enabling GitHub Actions and allowed actions and reusable workflows in the repository. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_set_github_actions_permissions_repository(enabled, owner, repo, allowed_actions?, sha_pinning_required?)
Get default workflow permissions for an organization
Gets the default workflow permissions granted to the `GITHUB_TOKEN` when running workflows in an organization, as well as whether GitHub Actions can submit approving pull request reviews. For more information, see "[Setting the permissions of the GITHUB_TOKEN for your organization](https://docs.github.com/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization)." OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_get_github_actions_default_workflow_permissions_organization(org) -> {can_approve_pull_request_reviews, default_workflow_permissions}
Lock an issue
Users with push access can lock an issue or pull request's conversation. Note that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see "[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method)."
issues_lock(issue_number, owner, repo, lock_reason?)
List dependencies an issue is blocking
You can use the REST API to list the dependencies an issue is blocking. This endpoint supports the following custom media types. For more information, see [Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types). - **`application/vnd.github.raw+json`**: Returns the raw Markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the Markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's Markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_list_dependencies_blocking(issue_number, owner, repo, page?, per_page?) -> [{}]
List gists for a user
Lists public gists for the specified user:
gists_list_for_user(username, page?, per_page?, since?) -> [{}]
Get an image version of a custom image for GitHub Actions Hosted Runners
Get an image version of a custom image for GitHub Actions Hosted Runners. OAuth tokens and personal access tokens (classic) need the `manage_runners:org` scope to use this endpoint.
actions_get_custom_image_version_for_org(image_definition_id, org, version) -> {created_on, size_gb, state, state_details, ...}
Delete a pull request comment reaction
> [!NOTE] > You can also specify a repository by `repository_id` using the route `DELETE /repositories/:repository_id/pulls/comments/:comment_id/reactions/:reaction_id.` Delete a reaction to a [pull request review comment](https://docs.github.com/rest/pulls/comments#get-a-review-comment-for-a-pull-request).
reactions_delete_for_pull_request_comment(comment_id, owner, reaction_id, repo)
Get default attributes for a codespace
Gets the default attributes for codespaces created by the user with the repository. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_pre_flight_with_repo_for_authenticated_user(owner, repo, client_ip?, ref?) -> {billable_owner, defaults}
Unstar a repository for the authenticated user
Unstar a repository that the authenticated user has previously starred.
activity_unstar_repo_for_authenticated_user(owner, repo)
Get a Dependabot alert
OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the `public_repo` scope instead.
dependabot_get_alert(alert_number, owner, repo) -> {auto_dismissed_at, created_at, dependency, dismissal_request, ...}
List commit comments for a repository
Lists the commit comments for a specified repository. Comments are ordered by ascending ID. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
repos_list_commit_comments_for_repo(owner, repo, page?, per_page?) -> [{}]
Get rules for a branch
Returns all active rules that apply to the specified branch. The branch does not need to exist; rules that would apply to a branch with that name will be returned. All active rules that apply will be returned, regardless of the level at which they are configured (e.g. repository or organization). Rules in rulesets with "evaluate" or "disabled" enforcement statuses are not returned.
repos_get_branch_rules(branch, owner, repo, page?, per_page?) -> [{}]
Update an organization variable
Updates an organization variable that you can reference in a GitHub Actions workflow. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_update_org_variable(name, org, name?, selected_repository_ids?, value?, visibility?)
List reactions for a commit comment
List the reactions to a [commit comment](https://docs.github.com/rest/commits/comments#get-a-commit-comment).
reactions_list_for_commit_comment(comment_id, owner, repo, content?, page?, per_page?) -> [{}]
List self-hosted runner groups for an organization
Lists all self-hosted runner groups configured in an organization and inherited from an enterprise. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
actions_list_self_hosted_runner_groups_for_org(org, page?, per_page?, visible_to_repository?) -> {runner_groups, total_count}
List team members (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [`List team members`](https://docs.github.com/rest/teams/members#list-team-members) endpoint. Team members will include the members of child teams.
teams_list_members_legacy(team_id, page?, per_page?, role?) -> [{}]
List labels for issues in a milestone
Lists labels for issues in a milestone.
issues_list_labels_for_milestone(milestone_number, owner, repo, page?, per_page?) -> [{}]
Create configuration for a just-in-time runner for an organization
Generates a configuration that can be passed to the runner application at startup. The authenticated user must have admin access to the organization. OAuth tokens and personal access tokens (classic) need the`admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_generate_runner_jitconfig_for_org(labels, name, org, runner_group_id, work_folder?)
List teams for the authenticated user
List all of the teams across all of the organizations to which the authenticated user belongs. OAuth app tokens and personal access tokens (classic) need the `user`, `repo`, or `read:org` scope to use this endpoint. When using a fine-grained personal access token, the resource owner of the token must be a single organization, and the response will only include the teams from that organization.
teams_list_for_authenticated_user(page?, per_page?) -> [{}]
Get the status of an autofix for a code scanning alert
Gets the status and description of an autofix for a code scanning alert. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_get_autofix(alert_number, owner, repo) -> {description, started_at, status}
Delete a repository webhook
Delete a webhook for an organization. The authenticated user must be a repository owner, or have admin access in the repository, to delete the webhook.
repos_delete_webhook(hook_id, owner, repo)
Upload an analysis as SARIF data
Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. For troubleshooting information, see "[Troubleshooting SARIF uploads](https://docs.github.com/code-security/code-scanning/troubleshooting-sarif)." There are two places where you can upload code scanning results. - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see "[Triaging code scanning alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests)." - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see "[Managing code scanning alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository)." You must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example: ``` gzip -c analysis-data.sarif | base64 -w0 ``` SARIF upload supports a maximum number of entries per the following data objects, and an analysis will be rejected if any of these objects is above its maximum value. For some objects, there are additional values over which the entries will be ignored while keeping the most important entries whenever applicable. To get the most out of your analysis when it includes data above the supported limits, try to optimize the analysis configuration. For example, for the CodeQL tool, identify and remove the most noisy queries. For more information, see "[SARIF results exceed one or more limits](https://docs.github.com/code-security/code-scanning/troubleshooting-sarif/results-exceed-limit)." | **SARIF data** | **Maximum values** | **Additional limits** | |----------------------------------|:------------------:|----------------------------------------------------------------------------------| | Runs per file | 20 | | | Results per run | 25,000 | Only the top 5,000 results will be included, prioritized by severity. | | Rules per run | 25,000 | | | Tool extensions per run | 100 | | | Thread Flow Locations per result | 10,000 | Only the top 1,000 Thread Flow Locations will be included, using prioritization. | | Location per result | 1,000 | Only 100 locations will be included. | | Tags per rule | 20 | Only 10 tags will be included. | The `202 Accepted` response includes an `id` value. You can use this ID to check the status of the upload by using it in the `/sarifs/{sarif_id}` endpoint. For more information, see "[Get information about a SARIF upload](/rest/code-scanning/code-scanning#get-information-about-a-sarif-upload)." OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories. This endpoint is limited to 1,000 requests per hour for each user or app installation calling it.
code_scanning_upload_sarif(commit_sha, owner, ref, repo, sarif, checkout_uri?, started_at?, tool_name?, validate?)
Create an autofix for a code scanning alert
Creates an autofix for a code scanning alert. If a new autofix is to be created as a result of this request or is currently being generated, then this endpoint will return a 202 Accepted response. If an autofix already exists for a given alert, then this endpoint will return a 200 OK response. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_create_autofix(alert_number, owner, repo) -> {description, started_at, status}
Get all custom properties for an organization
Gets all custom properties defined for an organization. Organization members can read these properties.
orgs_custom_properties_for_repos_get_organization_definitions(org) -> [{}]
List labels for a self-hosted runner for an organization
Lists all labels for a self-hosted runner configured in an organization. Authenticated users must have admin access to the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_list_labels_for_self_hosted_runner_for_org(org, runner_id)
List dependencies an issue is blocked by
You can use the REST API to list the dependencies an issue is blocked by. This endpoint supports the following custom media types. For more information, see [Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types). - **`application/vnd.github.raw+json`**: Returns the raw Markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the Markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's Markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_list_dependencies_blocked_by(issue_number, owner, repo, page?, per_page?) -> [{}]
Get admin branch protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation.
repos_get_admin_branch_protection(branch, owner, repo) -> {enabled, url}
Get a hosted compute network configuration for an organization
Gets a hosted compute network configuration configured in an organization. OAuth app tokens and personal access tokens (classic) need the `read:network_configurations` scope to use this endpoint.
hosted_compute_get_network_configuration_for_org(network_configuration_id, org) -> {compute_service, created_on, id, name, ...}
Get billing usage report for an organization
Gets a report of the total usage for an organization. To use this endpoint, you must be an administrator of an organization within an enterprise or an organization account. **Note:** This endpoint is only available to organizations with access to the enhanced billing platform. For more information, see "[About the enhanced billing platform](https://docs.github.com/billing/using-the-new-billing-platform)."
billing_get_github_billing_usage_report_org(org, day?, month?, year?)
List runner applications for a repository
Lists binaries for the runner application that you can download and run. Authenticated users must have admin access to the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_list_runner_applications_for_repo(owner, repo) -> [{}]
Remove team membership for a user
To remove a membership between a user and a team, the authenticated user must have 'admin' permissions to the team or be an owner of the organization that the team is associated with. Removing team membership does not delete the user, it just removes their membership from the team. Team synchronization is available for organizations using GitHub Enterprise Cloud. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. > [!NOTE] > When you have team synchronization set up for a team with your organization's identity provider (IdP), you will see an error if you attempt to use the API for making changes to the team's membership. If you have access to manage group membership in your IdP, you can manage GitHub team membership through your identity provider, which automatically adds and removes team members in an organization. For more information, see "[Synchronizing teams between your identity provider and GitHub](https://docs.github.com/articles/synchronizing-teams-between-your-identity-provider-and-github/)." > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `DELETE /organizations/{org_id}/team/{team_id}/memberships/{username}`.
teams_remove_membership_for_user_in_org(org, team_slug, username)
Set allowed actions and reusable workflows for a repository
Sets the actions and reusable workflows that are allowed in a repository. To use this endpoint, the repository permission policy for `allowed_actions` must be configured to `selected`. For more information, see "[Set GitHub Actions permissions for a repository](#set-github-actions-permissions-for-a-repository)." OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_set_allowed_actions_repository(owner, repo, github_owned_allowed?, patterns_allowed?, verified_allowed?)
Get a self-hosted runner for a repository
Gets a specific self-hosted runner configured in a repository. Authenticated users must have admin access to the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_self_hosted_runner_for_repo(owner, repo, runner_id) -> {busy, ephemeral, id, labels, ...}
Create a discussion
Creates a new discussion post on a team's page. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `POST /organizations/{org_id}/team/{team_id}/discussions`. OAuth app tokens and personal access tokens (classic) need the `write:discussion` scope to use this endpoint.
teams_create_discussion_in_org(body, org, team_slug, title, private?) -> {author, body, body_html, body_version, ...}
List gist comments
Lists the comments on a gist. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown. This is the default if you do not pass any specific media type. - **`application/vnd.github.base64+json`**: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
gists_list_comments(gist_id, page?, per_page?) -> [{}]
Get the combined status for a specific reference
Users with pull access in a repository can access a combined view of commit statuses for a given ref. The ref can be a SHA, a branch name, or a tag name. Additionally, a combined `state` is returned. The `state` is one of: * **failure** if any of the contexts report as `error` or `failure` * **pending** if there are no statuses or a context is `pending` * **success** if the latest status for all contexts is `success`
repos_get_combined_status_for_ref(owner, ref, repo, page?, per_page?) -> {commit_url, repository, sha, state, ...}
Get a workflow run attempt
Gets a specific workflow run attempt. Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
actions_get_workflow_run_attempt(attempt_number, owner, repo, run_id, exclude_pull_requests?) -> {run_number, previous_attempt_url, id, head_repository, ...}
List user account issues assigned to the authenticated user
List issues across owned and member repositories assigned to the authenticated user. > [!NOTE] > GitHub's REST API considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the `pull_request` key. Be aware that the `id` of a pull request returned from "Issues" endpoints will be an _issue id_. To find out the pull request id, use the "[List pull requests](https://docs.github.com/rest/pulls/pulls#list-pull-requests)" endpoint. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_list_for_authenticated_user(direction?, filter?, labels?, page?, per_page?, since?, sort?, state?) -> [{}]
Delete a package for the authenticated user
Deletes a package owned by the authenticated user. You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact GitHub support for further assistance. OAuth app tokens and personal access tokens (classic) need the `read:packages` and `delete:packages` scopes to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_delete_package_for_authenticated_user(package_name, package_type)
List organization members
List all users who are members of an organization. If the authenticated user is also a member of this organization then both concealed and public members will be returned.
orgs_list_members(org, filter?, page?, per_page?, role?) -> [{}]
List selected repositories for an organization secret
Lists all repositories that have been selected when the `visibility` for repository access to a secret is set to `selected`. Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_list_selected_repos_for_org_secret(org, secret_name, page?, per_page?) -> {repositories, total_count}
Get a repository rule suite
Gets information about a suite of rule evaluations from within a repository. For more information, see "[Managing rulesets for a repository](https://docs.github.com/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#viewing-insights-for-rulesets)."
repos_get_repo_rule_suite(owner, repo, rule_suite_id) -> {actor_id, actor_name, after_sha, before_sha, ...}
Set default workflow permissions for a repository
Sets the default workflow permissions granted to the `GITHUB_TOKEN` when running workflows in a repository, and sets if GitHub Actions can submit approving pull request reviews. For more information, see "[Setting the permissions of the GITHUB_TOKEN for your repository](https://docs.github.com/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository)." OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_set_github_actions_default_workflow_permissions_repository(owner, repo, can_approve_pull_request_reviews?, default_workflow_permissions?)
Update a review comment for a pull request
Edits the content of a specified review comment. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_update_review_comment(body, comment_id, owner, repo) -> {_links, author_association, body, body_html, ...}
Update a release asset
Users with push access to the repository can edit a release asset.
repos_update_release_asset(asset_id, owner, repo, label?, name?, state?) -> {browser_download_url, content_type, created_at, digest, ...}
Add an organization assignment
Assign an enterprise team to an organization.
enterprise_team_organizations_add(enterprise, enterprise-team, org) -> {avatar_url, description, events_url, hooks_url, ...}
Update a budget for an organization
> [!NOTE] > This endpoint is in public preview and is subject to change. Updates an existing budget for an organization. The authenticated user must be an organization admin or billing manager.
billing_update_budget_org(budget_id, org, budget_alerting?, budget_amount?, budget_entity_name?, budget_product_sku?, budget_scope?, budget_type?, prevent_further_usage?) -> {budget, message}
Unlock an organization repository
Unlocks a repository that was locked for migration. You should unlock each migrated repository and [delete them](https://docs.github.com/rest/repos/repos#delete-a-repository) when the migration is complete and you no longer need the source data.
migrations_unlock_repo_for_org(migration_id, org, repo_name)
Get an organization secret
Gets a single organization secret without revealing its encrypted value. The authenticated user must have collaborator access to a repository to create, update, or read secrets OAuth tokens and personal access tokens (classic) need the`admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_org_secret(org, secret_name) -> {created_at, name, selected_repositories_url, updated_at, ...}
Check organization membership for a user
Check if a user is, publicly or privately, a member of the organization.
orgs_check_membership_for_user(org, username)
Check if permissions defined by a devcontainer have been accepted by the authenticated user
Checks whether the permissions defined by a given devcontainer configuration have been accepted by the authenticated user. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_check_permissions_for_devcontainer(devcontainer_path, owner, ref, repo) -> {accepted}
List pending team invitations (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [`List pending team invitations`](https://docs.github.com/rest/teams/members#list-pending-team-invitations) endpoint. The return hash contains a `role` field which refers to the Organization Invitation role and will be one of the following values: `direct_member`, `admin`, `billing_manager`, `hiring_manager`, or `reinstate`. If the invitee is not a GitHub member, the `login` field in the return hash will be `null`.
teams_list_pending_invitations_legacy(team_id, page?, per_page?) -> [{}]
Set private repo fork PR workflow settings for a repository
Sets the settings for whether workflows from fork pull requests can run on a private repository. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_set_private_repo_fork_pr_workflows_settings_repository(owner, repo, run_workflows_from_fork_pull_requests, require_approval_for_fork_pr_workflows?, send_secrets_and_variables?, send_write_tokens_to_workflows?)
Search users
Find users via various criteria. This method returns up to 100 results [per page](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api). When searching for users, you can get text match metadata for the issue **login**, public **email**, and **name** fields when you pass the `text-match` media type. For more details about highlighting search results, see [Text match metadata](https://docs.github.com/rest/search/search#text-match-metadata). For more details about how to receive highlighted search results, see [Text match metadata](https://docs.github.com/rest/search/search#text-match-metadata). For example, if you're looking for a list of popular users, you might try this query: `q=tom+repos:%3E42+followers:%3E1000` This query searches for users with the name `tom`. The results are restricted to users with more than 42 repositories and over 1,000 followers. This endpoint does not accept authentication and will only include publicly visible users. As an alternative, you can use the GraphQL API. The GraphQL API requires authentication and will return private users, including Enterprise Managed Users (EMUs), that you are authorized to view. For more information, see "[GraphQL Queries](https://docs.github.com/graphql/reference/queries#search)."
search_users(q, order?, page?, per_page?, sort?) -> {incomplete_results, items, total_count}
Get a gist comment
Gets a comment on a gist. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown. This is the default if you do not pass any specific media type. - **`application/vnd.github.base64+json`**: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
gists_get_comment(comment_id, gist_id) -> {author_association, body, created_at, id, ...}
List repositories requested to be accessed by a fine-grained personal access token
Lists the repositories a fine-grained personal access token request is requesting access to. Only GitHub Apps can use this endpoint.
orgs_list_pat_grant_request_repositories(org, pat_request_id, page?, per_page?) -> [{}]
Get a DNS health check for GitHub Pages
Gets a health check of the DNS settings for the `CNAME` record configured for a repository's GitHub Pages. The first request to this endpoint returns a `202 Accepted` status and starts an asynchronous background task to get the results for the domain. After the background task completes, subsequent requests to this endpoint return a `200 OK` status with the health check results in the response. The authenticated user must be a repository administrator, maintainer, or have the 'manage GitHub Pages settings' permission to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_get_pages_health_check(owner, repo) -> {alt_domain, domain}
List private registries for an organization
Lists all private registry configurations available at the organization-level without revealing their encrypted values. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
private_registries_list_org_private_registries(org, page?, per_page?) -> {configurations, total_count}
List instances of a code scanning alert
Lists all instances of the specified code scanning alert. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint with private or public repositories, or the `public_repo` scope to use this endpoint with only public repositories.
code_scanning_list_alert_instances(alert_number, owner, repo, page?, per_page?, pr?, ref?) -> [{}]
List Dependabot alerts for an organization
Lists Dependabot alerts for an organization. The authenticated user must be an owner or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `security_events` scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the `public_repo` scope instead.
dependabot_list_alerts_for_org(org, after?, artifact_registry?, artifact_registry_url?, before?, direction?, ecosystem?, epss_percentage?, has?, package?, per_page?, runtime_risk?, scope?, severity?, sort?, state?) -> [{}]
List attestation repositories
List repositories owned by the provided organization that have created at least one attested artifact Results will be sorted in ascending order by repository ID
orgs_list_attestation_repositories(org, after?, before?, per_page?, predicate_type?) -> [{id, name}]
Set GitHub Actions cache retention limit for an enterprise
Sets GitHub Actions cache retention limit for an enterprise. All organizations and repositories under this enterprise may not set a higher cache retention limit. OAuth tokens and personal access tokens (classic) need the `admin:enterprise` scope to use this endpoint.
actions_set_actions_cache_retention_limit_for_enterprise(enterprise, max_cache_retention_days?)
Get GitHub Actions cache usage for a repository
Gets GitHub Actions cache usage for a repository. The data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated. Anyone with read access to the repository can use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_actions_cache_usage(owner, repo) -> {active_caches_count, active_caches_size_in_bytes, full_name}
Add team access restrictions
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Grants the specified teams push access for this branch. You can also give push access to child teams.
repos_add_team_access_restrictions(branch, owner, repo) -> [{}]
List workflow runs for a workflow
List all workflow runs for a workflow. You can replace `workflow_id` with the workflow file name. For example, you could use `main.yaml`. You can use parameters to narrow the list of results. For more information about using parameters, see [Parameters](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#parameters). Anyone with read access to the repository can use this endpoint OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository. This endpoint will return up to 1,000 results for each search when using the following parameters: `actor`, `branch`, `check_suite_id`, `created`, `event`, `head_sha`, `status`.
actions_list_workflow_runs(owner, repo, workflow_id, actor?, branch?, check_suite_id?, created?, event?, exclude_pull_requests?, head_sha?, page?, per_page?, status?) -> {total_count, workflow_runs}
Review pending deployments for a workflow run
Approve or reject pending deployments that are waiting on approval by a required reviewer. Required reviewers with read access to the repository contents and deployments can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_review_pending_deployments_for_run(comment, environment_ids, owner, repo, run_id, state) -> [{}]
List labels for an issue
Lists all labels for an issue.
issues_list_labels_on_issue(issue_number, owner, repo, page?, per_page?) -> [{}]
Get Copilot seat assignment details for a user
> [!NOTE] > This endpoint is in public preview and is subject to change. Gets the GitHub Copilot seat details for a member of an organization who currently has access to GitHub Copilot. The seat object contains information about the user's most recent Copilot activity. Users must have telemetry enabled in their IDE for Copilot in the IDE activity to be reflected in `last_activity_at`. For more information about activity data, see [Metrics data properties for GitHub Copilot](https://docs.github.com/copilot/reference/metrics-data). Only organization owners can view Copilot seat assignment details for members of their organization. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:org` scopes to use this endpoint.
copilot_get_copilot_seat_details_for_user(org, username) -> {assignee, assigning_team, created_at, last_activity_at, ...}
List repository contributors
Lists contributors to the specified repository and sorts them by the number of commits per contributor in descending order. This endpoint may return information that is a few hours old because the GitHub REST API caches contributor data to improve performance. GitHub identifies contributors by author email address. This endpoint groups contribution counts by GitHub user, which includes all associated email addresses. To improve performance, only the first 500 author email addresses in the repository link to GitHub users. The rest will appear as anonymous contributors without associated GitHub user information.
repos_list_contributors(owner, repo, anon?, page?, per_page?) -> [{}]
Fork a gist
gists_fork(gist_id) -> {comments, comments_enabled, comments_url, commits_url, ...}
Add or update team repository permissions
To add a repository to a team or update the team's permission on a repository, the authenticated user must have admin access to the repository, and must be able to see the team. The repository must be owned by the organization, or a direct fork of a repository owned by the organization. You will get a `422 Unprocessable Entity` status if you attempt to add a repository to a team that is not owned by the organization. Note that, if you choose not to pass any parameters, you'll need to set `Content-Length` to zero when calling out to this endpoint. For more information, see "[HTTP method](https://docs.github.com/rest/guides/getting-started-with-the-rest-api#http-method)." > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `PUT /organizations/{org_id}/team/{team_id}/repos/{owner}/{repo}`. For more information about the permission levels, see "[Repository permission levels for an organization](https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-levels-for-repositories-owned-by-an-organization)".
teams_add_or_update_repo_permissions_in_org(org, owner, repo, team_slug, permission?)
Create reaction for a pull request review comment
Create a reaction to a [pull request review comment](https://docs.github.com/rest/pulls/comments#get-a-review-comment-for-a-pull-request). A response with an HTTP `200` status means that you already added the reaction type to this pull request review comment.
reactions_create_for_pull_request_review_comment(comment_id, content, owner, repo) -> {content, created_at, id, node_id, ...}
Create or update an environment
Create or update an environment with protection rules, such as required reviewers. For more information about environment protection rules, see "[Environments](/actions/reference/environments#environment-protection-rules)." > [!NOTE] > To create or update name patterns that branches must match in order to deploy to this environment, see "[Deployment branch policies](/rest/deployments/branch-policies)." > [!NOTE] > To create or update secrets for an environment, see "[GitHub Actions secrets](/rest/actions/secrets)." OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_create_or_update_environment(environment_name, owner, repo, deployment_branch_policy?, prevent_self_review?, reviewers?, wait_timer?) -> {created_at, deployment_branch_policy, html_url, id, ...}
List discussions (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [`List discussions`](https://docs.github.com/rest/teams/discussions#list-discussions) endpoint. List all discussions on a team's page. OAuth app tokens and personal access tokens (classic) need the `read:discussion` scope to use this endpoint.
teams_list_discussions_legacy(team_id, direction?, page?, per_page?) -> [{}]
List fine-grained personal access tokens with access to organization resources
Lists approved fine-grained personal access tokens owned by organization members that can access organization resources. Only GitHub Apps can use this endpoint.
orgs_list_pat_grants(org, direction?, last_used_after?, last_used_before?, owner?, page?, per_page?, permission?, repository?, sort?, token_id?) -> [{}]
List repository teams
Lists the teams that have access to the specified repository and that are also visible to the authenticated user. For a public repository, a team is listed only if that team added the public repository explicitly. OAuth app tokens and personal access tokens (classic) need the `public_repo` or `repo` scope to use this endpoint with a public repository, and `repo` scope to use this endpoint with a private repository.
repos_list_teams(owner, repo, page?, per_page?) -> [{}]
Get repository ruleset history
Get the history of a repository ruleset.
repos_get_repo_ruleset_history(owner, repo, ruleset_id, page?, per_page?) -> [{}]
Get a repository README
Gets the preferred README for a repository. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw file contents. This is the default if you do not specify a media type. - **`application/vnd.github.html+json`**: Returns the README in HTML. Markup languages are rendered to HTML using GitHub's open-source [Markup library](https://github.com/github/markup).
repos_get_readme(owner, repo, ref?) -> {_links, content, download_url, encoding, ...}
Search commits
Find commits via various criteria on the default branch (usually `main`). This method returns up to 100 results [per page](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api). When searching for commits, you can get text match metadata for the **message** field when you provide the `text-match` media type. For more details about how to receive highlighted search results, see [Text match metadata](https://docs.github.com/rest/search/search#text-match-metadata). For example, if you want to find commits related to CSS in the [octocat/Spoon-Knife](https://github.com/octocat/Spoon-Knife) repository. Your query would look something like this: `q=repo:octocat/Spoon-Knife+css`
search_commits(q, order?, page?, per_page?, sort?) -> {incomplete_results, items, total_count}
Get apps with access to the protected branch
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Lists the GitHub Apps that have push access to this branch. Only GitHub Apps that are installed on the repository and that have been granted write access to the repository contents can be added as authorized actors on a protected branch.
repos_get_apps_with_access_to_protected_branch(branch, owner, repo) -> [{}]
List repository issues
List issues in a repository. Only open issues will be listed. > [!NOTE] > GitHub's REST API considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the `pull_request` key. Be aware that the `id` of a pull request returned from "Issues" endpoints will be an _issue id_. To find out the pull request id, use the "[List pull requests](https://docs.github.com/rest/pulls/pulls#list-pull-requests)" endpoint. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_list_for_repo(owner, repo, assignee?, creator?, direction?, labels?, mentioned?, milestone?, page?, per_page?, since?, sort?, state?, type?) -> [{}]
Get GitHub meta information
Returns meta information about GitHub, including a list of GitHub's IP addresses. For more information, see "[About GitHub's IP addresses](https://docs.github.com/articles/about-github-s-ip-addresses/)." The API's response also includes a list of GitHub's domain names. The values shown in the documentation's response are example values. You must always query the API directly to get the latest values. > [!NOTE] > This endpoint returns both IPv4 and IPv6 addresses. However, not all features support IPv6. You should refer to the specific documentation for each feature to determine if IPv6 is supported.
meta_get() -> {actions, actions_macos, api, codespaces, ...}
Update an organization webhook
Updates a webhook configured in an organization. When you update a webhook, the `secret` will be overwritten. If you previously had a `secret` set, you must provide the same `secret` or set a new `secret` or the secret will be removed. If you are only updating individual webhook `config` properties, use "[Update a webhook configuration for an organization](/rest/orgs/webhooks#update-a-webhook-configuration-for-an-organization)". You must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need `admin:org_hook` scope. OAuth apps cannot list, view, or edit webhooks that they did not create and users cannot list, view, or edit webhooks that were created by OAuth apps.
orgs_update_webhook(hook_id, org, active?, config?, events?, name?) -> {active, config, created_at, deliveries_url, ...}
Delete an organization secret
Deletes an organization development environment secret using the secret name. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_delete_org_secret(org, secret_name)
List email addresses for the authenticated user
Lists all of your email addresses, and specifies which one is visible to the public. OAuth app tokens and personal access tokens (classic) need the `user:email` scope to use this endpoint.
users_list_emails_for_authenticated_user(page?, per_page?) -> [{}]
Set the level of access for workflows outside of the repository
Sets the level of access that workflows outside of the repository have to actions and reusable workflows in the repository. This endpoint only applies to private repositories. For more information, see "[Allowing access to components in a private repository](https://docs.github.com/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository)". OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_set_workflow_access_to_repository(access_level, owner, repo)
List branches for HEAD commit
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Returns all branches where the given commit SHA is the HEAD, or latest commit for the branch.
repos_list_branches_for_head_commit(commit_sha, owner, repo) -> [{}]
List organization secrets
Lists all secrets available in an organization without revealing their encrypted values. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
dependabot_list_org_secrets(org, page?, per_page?) -> {secrets, total_count}
Delete commit signature protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. When authenticated with admin or owner permissions to the repository, you can use this endpoint to disable required signed commits on a branch. You must enable branch protection to require signed commits.
repos_delete_commit_signature_protection(branch, owner, repo)
Remove a custom label from a self-hosted runner for an organization
Remove a custom label from a self-hosted runner configured in an organization. Returns the remaining labels from the runner. This endpoint returns a `404 Not Found` status if the custom label is not present on the runner. Authenticated users must have admin access to the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_remove_custom_label_from_self_hosted_runner_for_org(name, org, runner_id)
Re-run a job from a workflow run
Re-run a job and its dependent jobs in a workflow run. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_re_run_job_for_workflow_run(job_id, owner, repo, enable_debug_logging?) -> {}
List artifact storage records
List a collection of artifact storage records with a given subject digest that are associated with repositories owned by an organization. The collection of storage records returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the `content:read` permission is required.
orgs_list_artifact_storage_records(org, subject_digest) -> {storage_records, total_count}
Reprioritize sub-issue
You can use the REST API to reprioritize a sub-issue to a different position in the parent list.
issues_reprioritize_sub_issue(issue_number, owner, repo, sub_issue_id, after_id?, before_id?) -> {labels_url, title, comments, id, ...}
Get GitHub Actions cache storage limit for an enterprise
Gets GitHub Actions cache storage limit for an enterprise. All organizations and repositories under this enterprise may not set a higher cache storage limit. OAuth tokens and personal access tokens (classic) need the `admin:enterprise` scope to use this endpoint.
actions_get_actions_cache_storage_limit_for_enterprise(enterprise) -> {max_cache_size_gb}
Get a GPG key for the authenticated user
View extended details for a single GPG key. OAuth app tokens and personal access tokens (classic) need the `read:gpg_key` scope to use this endpoint.
users_get_gpg_key_for_authenticated_user(gpg_key_id) -> {can_certify, can_encrypt_comms, can_encrypt_storage, can_sign, ...}
Reset a token
OAuth applications and GitHub applications with OAuth authorizations can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the "token" property in the response because changes take effect immediately. Invalid tokens will return `404 NOT FOUND`.
apps_reset_token(access_token, client_id) -> {app, created_at, expires_at, fingerprint, ...}
Get organization ruleset history
Get the history of an organization ruleset.
orgs_get_org_ruleset_history(org, ruleset_id, page?, per_page?) -> [{}]
Update information about a GitHub Pages site
Updates information for a GitHub Pages site. For more information, see "[About GitHub Pages](/github/working-with-github-pages/about-github-pages). The authenticated user must be a repository administrator, maintainer, or have the 'manage GitHub Pages settings' permission. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_update_information_about_pages_site(owner, repo, build_type?, cname?, https_enforced?, source?)
Update an organization repository ruleset
Update a ruleset for an organization.
repos_update_org_ruleset(org, ruleset_id, bypass_actors?, conditions?, enforcement?, name?, rules?, target?) -> {_links, bypass_actors, conditions, created_at, ...}
Remove team membership for a user (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [Remove team membership for a user](https://docs.github.com/rest/teams/members#remove-team-membership-for-a-user) endpoint. Team synchronization is available for organizations using GitHub Enterprise Cloud. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. To remove a membership between a user and a team, the authenticated user must have 'admin' permissions to the team or be an owner of the organization that the team is associated with. Removing team membership does not delete the user, it just removes their membership from the team. > [!NOTE] > When you have team synchronization set up for a team with your organization's identity provider (IdP), you will see an error if you attempt to use the API for making changes to the team's membership. If you have access to manage group membership in your IdP, you can manage GitHub team membership through your identity provider, which automatically adds and removes team members in an organization. For more information, see "[Synchronizing teams between your identity provider and GitHub](https://docs.github.com/articles/synchronizing-teams-between-your-identity-provider-and-github/)."
teams_remove_membership_for_user_legacy(team_id, username)
Update organization pattern configurations
Updates the secret scanning pattern configurations for an organization. Personal access tokens (classic) need the `write:org` scope to use this endpoint.
secret_scanning_update_org_pattern_configs(org, custom_pattern_settings?, pattern_config_version?, provider_pattern_settings?) -> {pattern_config_version}
Create an environment variable
Create an environment variable that you can reference in a GitHub Actions workflow. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_create_environment_variable(environment_name, name, owner, repo, value) -> {}
Create an organization variable
Creates an organization variable that you can reference in a GitHub Actions workflow. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth tokens and personal access tokens (classic) need the`admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_create_org_variable(name, org, value, visibility, selected_repository_ids?) -> {}
Get a webhook configuration for an app
Returns the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see "[Creating a GitHub App](/developers/apps/creating-a-github-app)." You must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint.
apps_get_webhook_config_for_app() -> {content_type, insecure_ssl, secret, url}
Set selected repositories for an organization variable
Replaces all repositories for an organization variable that is available to selected repositories. Organization variables that are available to selected repositories have their `visibility` field set to `selected`. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_set_selected_repos_for_org_variable(name, org, selected_repository_ids)
Get a subscription plan for an account
Shows whether the user or organization account actively subscribes to a plan listed by the authenticated GitHub App. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change. GitHub Apps must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint. OAuth apps must use [basic authentication](https://docs.github.com/rest/authentication/authenticating-to-the-rest-api#using-basic-authentication) with their client ID and client secret to access this endpoint.
apps_get_subscription_plan_for_account(account_id) -> {email, id, login, marketplace_pending_change, ...}
List organizations for the authenticated user
List organizations for the authenticated user. For OAuth app tokens and personal access tokens (classic), this endpoint only lists organizations that your authorization allows you to operate on in some way (e.g., you can list teams with `read:org` scope, you can publicize your organization membership with `user` scope, etc.). Therefore, this API requires at least `user` or `read:org` scope for OAuth app tokens and personal access tokens (classic). Requests with insufficient scope will receive a `403 Forbidden` response. > [!NOTE] > Requests using a fine-grained access token will receive a `200 Success` response with an empty list.
orgs_list_for_authenticated_user(page?, per_page?) -> [{}]
Update repository preferences for check suites
Changes the default automatic flow when creating check suites. By default, a check suite is automatically created each time code is pushed to a repository. When you disable the automatic creation of check suites, you can manually [Create a check suite](https://docs.github.com/rest/checks/suites#create-a-check-suite). You must have admin permissions in the repository to set preferences for check suites.
checks_set_suites_preferences(owner, repo, auto_trigger_checks?) -> {preferences, repository}
List repositories starred by a user
Lists repositories a user has starred. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.star+json`**: Includes a timestamp of when the star was created.
activity_list_repos_starred_by_user(username, direction?, page?, per_page?, sort?)
Request a CVE for a repository security advisory
If you want a CVE identification number for the security vulnerability in your project, and don't already have one, you can request a CVE identification number from GitHub. For more information see "[Requesting a CVE identification number](https://docs.github.com/code-security/security-advisories/repository-security-advisories/publishing-a-repository-security-advisory#requesting-a-cve-identification-number-optional)." You may request a CVE for public repositories, but cannot do so for private repositories. In order to request a CVE for a repository security advisory, the authenticated user must be a security manager or administrator of that repository. OAuth app tokens and personal access tokens (classic) need the `repo` or `repository_advisories:write` scope to use this endpoint.
security_advisories_create_repository_advisory_cve_request(ghsa_id, owner, repo)
Get organization assignment
Check if an enterprise team is assigned to an organization
enterprise_team_organizations_get_assignment(enterprise, enterprise-team, org) -> {avatar_url, description, events_url, hooks_url, ...}
Get a commit object
Gets a Git [commit object](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). To get the contents of a commit, see "[Get a commit](/rest/commits/commits#get-a-commit)." **Signature verification object** The response will include a `verification` object that describes the result of verifying the commit's signature. The following fields are included in the `verification` object: | Name | Type | Description | | ---- | ---- | ----------- | | `verified` | `boolean` | Indicates whether GitHub considers the signature in this commit to be verified. | | `reason` | `string` | The reason for verified value. Possible values and their meanings are enumerated in the table below. | | `signature` | `string` | The signature that was extracted from the commit. | | `payload` | `string` | The value that was signed. | | `verified_at` | `string` | The date the signature was verified by GitHub. | These are the possible values for `reason` in the `verification` object: | Value | Description | | ----- | ----------- | | `expired_key` | The key that made the signature is expired. | | `not_signing_key` | The "signing" flag is not among the usage flags in the GPG key that made the signature. | | `gpgverify_error` | There was an error communicating with the signature verification service. | | `gpgverify_unavailable` | The signature verification service is currently unavailable. | | `unsigned` | The object does not include a signature. | | `unknown_signature_type` | A non-PGP signature was found in the commit. | | `no_user` | No user was associated with the `committer` email address in the commit. | | `unverified_email` | The `committer` email address in the commit was associated with a user, but the email address is not verified on their account. | | `bad_email` | The `committer` email address in the commit is not included in the identities of the PGP key that made the signature. | | `unknown_key` | The key that made the signature has not been registered with any user's account. | | `malformed_signature` | There was an error parsing the signature. | | `invalid` | The signature could not be cryptographically verified using the key whose key-id was found in the signature. | | `valid` | None of the above errors applied, so the signature is considered to be verified. |
git_get_commit(commit_sha, owner, repo) -> {author, committer, html_url, message, ...}
Closing down - Create a tag protection state for a repository
> [!WARNING] > **Closing down notice:** This operation is closing down and will be removed after August 30, 2024. Use the "[Repository Rulesets](https://docs.github.com/rest/repos/rules#create-a-repository-ruleset)" endpoint instead. This creates a tag protection state for a repository. This endpoint is only available to repository administrators.
repos_create_tag_protection(owner, pattern, repo) -> {created_at, enabled, id, pattern, ...}
Get a label
Gets a label using the given name.
issues_get_label(name, owner, repo) -> {color, default, description, id, ...}
Create or update custom properties for an organization
Creates new or updates existing custom properties defined for an organization in a batch. If the property already exists, the existing property will be replaced with the new values. Missing optional values will fall back to default values, previous values will be overwritten. E.g. if a property exists with `values_editable_by: org_and_repo_actors` and it's updated without specifying `values_editable_by`, it will be updated to default value `org_actors`. To use this endpoint, the authenticated user must be one of: - An administrator for the organization. - A user, or a user on a team, with the fine-grained permission of `custom_properties_org_definitions_manager` in the organization.
orgs_custom_properties_for_repos_create_or_update_organization_definitions(org, properties) -> [{}]
Enable or disable a security feature for an organization
> [!WARNING] > **Closing down notice:** The ability to enable or disable a security feature for all eligible repositories in an organization is closing down. Please use [code security configurations](https://docs.github.com/rest/code-security/configurations) instead. For more information, see the [changelog](https://github.blog/changelog/2024-07-22-deprecation-of-api-endpoint-to-enable-or-disable-a-security-feature-for-an-organization/). Enables or disables the specified security feature for all eligible repositories in an organization. For more information, see "[Managing security managers in your organization](https://docs.github.com/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)." The authenticated user must be an organization owner or be member of a team with the security manager role to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `admin:org`, `write:org`, or `repo` scopes to use this endpoint.
orgs_enable_or_disable_security_product_on_all_org_repos(enablement, org, security_product)
List repository notifications for the authenticated user
Lists all notifications for the current user in the specified repository.
activity_list_repo_notifications_for_authenticated_user(owner, repo, all?, before?, page?, participating?, per_page?, since?) -> [{}]
Delete a deployment branch policy
Deletes a deployment branch or tag policy for an environment. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
repos_delete_deployment_branch_policy(branch_policy_id, environment_name, owner, repo)
Re-run a workflow
Re-runs your workflow run using its `id`. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_re_run_workflow(owner, repo, run_id, enable_debug_logging?) -> {}
Set a repository subscription
If you would like to watch a repository, set `subscribed` to `true`. If you would like to ignore notifications made within a repository, set `ignored` to `true`. If you would like to stop watching a repository, [delete the repository's subscription](https://docs.github.com/rest/activity/watching#delete-a-repository-subscription) completely.
activity_set_repo_subscription(owner, repo, ignored?, subscribed?) -> {created_at, ignored, reason, repository_url, ...}
List selected repositories for immutable releases enforcement
List all of the repositories that have been selected for immutable releases enforcement in an organization. OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
orgs_get_immutable_releases_settings_repositories(org, page?, per_page?) -> {repositories, total_count}
Get a webhook delivery for an organization webhook
Returns a delivery for a webhook configured in an organization. You must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need `admin:org_hook` scope. OAuth apps cannot list, view, or edit webhooks that they did not create and users cannot list, view, or edit webhooks that were created by OAuth apps.
orgs_get_webhook_delivery(delivery_id, hook_id, org) -> {action, delivered_at, duration, event, ...}
List user migrations
Lists all migrations a user has started.
migrations_list_for_authenticated_user(page?, per_page?) -> [{}]
Get a webhook configuration for an organization
Returns the webhook configuration for an organization. To get more information about the webhook, including the `active` state and `events`, use "[Get an organization webhook ](/rest/orgs/webhooks#get-an-organization-webhook)." You must be an organization owner to use this endpoint. OAuth app tokens and personal access tokens (classic) need `admin:org_hook` scope. OAuth apps cannot list, view, or edit webhooks that they did not create and users cannot list, view, or edit webhooks that were created by OAuth apps.
orgs_get_webhook_config_for_org(hook_id, org) -> {content_type, insecure_ssl, secret, url}
Update a team (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [Update a team](https://docs.github.com/rest/teams/teams#update-a-team) endpoint. To edit a team, the authenticated user must either be an organization owner or a team maintainer. > [!NOTE] > With nested teams, the `privacy` for parent teams cannot be `secret`.
teams_update_legacy(name, team_id, description?, notification_setting?, parent_team_id?, permission?, privacy?) -> {created_at, description, enterprise_id, html_url, ...}
Get a thread subscription for the authenticated user
This checks to see if the current user is subscribed to a thread. You can also [get a repository subscription](https://docs.github.com/rest/activity/watching#get-a-repository-subscription). Note that subscriptions are only generated if a user is participating in a conversation--for example, they've replied to the thread, were **@mentioned**, or manually subscribe to a thread.
activity_get_thread_subscription_for_authenticated_user(thread_id) -> {created_at, ignored, reason, repository_url, ...}
Get team membership for a user (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [Get team membership for a user](https://docs.github.com/rest/teams/members#get-team-membership-for-a-user) endpoint. Team members will include the members of child teams. To get a user's membership with a team, the team must be visible to the authenticated user. **Note:** The response contains the `state` of the membership and the member's `role`. The `role` for organization owners is set to `maintainer`. For more information about `maintainer` roles, see [Create a team](https://docs.github.com/rest/teams/teams#create-a-team).
teams_get_membership_for_user_legacy(team_id, username) -> {role, state, url}
Get all deployment protection rules for an environment
Gets all custom deployment protection rules that are enabled for an environment. Anyone with read access to the repository can use this endpoint. For more information about environments, see "[Using environments for deployment](https://docs.github.com/actions/deployment/targeting-different-environments/using-environments-for-deployment)." For more information about the app that is providing this custom deployment rule, see the [documentation for the `GET /apps/{app_slug}` endpoint](https://docs.github.com/rest/apps/apps#get-an-app). OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
repos_get_all_deployment_protection_rules(environment_name, owner, repo) -> {custom_deployment_protection_rules, total_count}
Get all status check contexts
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation.
repos_get_all_status_check_contexts(branch, owner, repo) -> [{}]
Update an issue comment
You can use the REST API to update comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_update_comment(body, comment_id, owner, repo) -> {author_association, body, body_html, body_text, ...}
List projects for user
List all projects owned by a specific user accessible by the authenticated user.
projects_list_for_user(username, after?, before?, per_page?, q?) -> [{}]
Get an autolink reference of a repository
This returns a single autolink reference by ID that was configured for the given repository. Information about autolinks are only available to repository administrators.
repos_get_autolink(autolink_id, owner, repo) -> {id, is_alphanumeric, key_prefix, updated_at, ...}
Download an organization migration archive
Fetches the URL to a migration archive.
migrations_download_archive_for_org(migration_id, org)
List custom deployment rule integrations available for an environment
Gets all custom deployment protection rule integrations that are available for an environment. The authenticated user must have admin or owner permissions to the repository to use this endpoint. For more information about environments, see "[Using environments for deployment](https://docs.github.com/actions/deployment/targeting-different-environments/using-environments-for-deployment)." For more information about the app that is providing this custom deployment rule, see "[GET an app](https://docs.github.com/rest/apps/apps#get-an-app)". OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
repos_list_custom_deployment_rule_integrations(environment_name, owner, repo, page?, per_page?) -> {available_custom_deployment_protection_rule_integrations, total_count}
Mark repository notifications as read
Marks all notifications in a repository as "read" for the current user. If the number of notifications is too large to complete in one request, you will receive a `202 Accepted` status and GitHub will run an asynchronous process to mark notifications as "read." To check whether any "unread" notifications remain, you can use the [List repository notifications for the authenticated user](https://docs.github.com/rest/activity/notifications#list-repository-notifications-for-the-authenticated-user) endpoint and pass the query parameter `all=false`.
activity_mark_repo_notifications_as_read(owner, repo, last_read_at?)
List reactions for a release
List the reactions to a [release](https://docs.github.com/rest/releases/releases#get-a-release).
reactions_list_for_release(owner, release_id, repo, content?, page?, per_page?) -> [{}]
Check team permissions for a repository (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [Check team permissions for a repository](https://docs.github.com/rest/teams/teams#check-team-permissions-for-a-repository) endpoint. > [!NOTE] > Repositories inherited through a parent team will also be checked. You can also get information about the specified repository, including what permissions the team grants on it, by passing the following custom [media type](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types/) via the `Accept` header:
teams_check_permissions_for_repo_legacy(owner, repo, team_id) -> {labels_url, keys_url, fork, owner, ...}
Re-run failed jobs from a workflow run
Re-run all of the failed jobs and their dependent jobs in a workflow run using the `id` of the workflow run. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_re_run_workflow_failed_jobs(owner, repo, run_id, enable_debug_logging?) -> {}
List deployment statuses
Users with pull access can view deployment statuses for a deployment:
repos_list_deployment_statuses(deployment_id, owner, repo, page?, per_page?) -> [{}]
List organization variables
Lists all organization variables. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_list_org_variables(org, page?, per_page?) -> {total_count, variables}
Get contextual information for a user
Provides hovercard information. You can find out more about someone in relation to their pull requests, issues, repositories, and organizations. The `subject_type` and `subject_id` parameters provide context for the person's hovercard, which returns more information than without the parameters. For example, if you wanted to find out more about `octocat` who owns the `Spoon-Knife` repository, you would use a `subject_type` value of `repository` and a `subject_id` value of `1300192` (the ID of the `Spoon-Knife` repository). OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
users_get_context_for_user(username, subject_id?, subject_type?) -> {contexts}
Get an organization public key
Gets a public key for an organization, which is required in order to encrypt secrets. You need to encrypt the value of a secret before you can create or update secrets. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
codespaces_get_org_public_key(org) -> {created_at, id, key, key_id, ...}
List plans (stubbed)
Lists all plans that are part of your GitHub Marketplace listing. GitHub Apps must use a [JWT](https://docs.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app) to access this endpoint. OAuth apps must use [basic authentication](https://docs.github.com/rest/authentication/authenticating-to-the-rest-api#using-basic-authentication) with their client ID and client secret to access this endpoint.
apps_list_plans_stubbed(page?, per_page?) -> [{}]
Get GitHub Actions cache usage for an organization
Gets the total GitHub Actions cache usage for an organization. The data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated. OAuth tokens and personal access tokens (classic) need the `read:org` scope to use this endpoint.
actions_get_actions_cache_usage_for_org(org) -> {total_active_caches_count, total_active_caches_size_in_bytes}
Create a repository security advisory
Creates a new repository security advisory. In order to create a draft repository security advisory, the authenticated user must be a security manager or administrator of that repository. OAuth app tokens and personal access tokens (classic) need the `repo` or `repository_advisories:write` scope to use this endpoint.
security_advisories_create_repository_advisory(description, owner, repo, summary, vulnerabilities, credits?, cve_id?, cvss_vector_string?, cwe_ids?, severity?, start_private_fork?) -> {author, closed_at, collaborating_teams, collaborating_users, ...}
Create a code security configuration
Creates a code security configuration in an organization. The authenticated user must be an administrator or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `write:org` scope to use this endpoint.
code_security_create_configuration(description, name, org, advanced_security?, code_scanning_default_setup?, code_scanning_default_setup_options?, code_scanning_delegated_alert_dismissal?, code_scanning_options?, code_security?, dependabot_alerts?, dependabot_security_updates?, dependency_graph?, dependency_graph_autosubmit_action?, dependency_graph_autosubmit_action_options?, enforcement?, private_vulnerability_reporting?, secret_protection?, secret_scanning?, secret_scanning_delegated_alert_dismissal?, secret_scanning_delegated_bypass?, secret_scanning_delegated_bypass_options?, secret_scanning_generic_secrets?, secret_scanning_non_provider_patterns?, secret_scanning_push_protection?, secret_scanning_validity_checks?) -> {advanced_security, code_scanning_default_setup, code_scanning_default_setup_options, code_scanning_delegated_alert_dismissal, ...}
Get the customization template for an OIDC subject claim for a repository
Gets the customization template for an OpenID Connect (OIDC) subject claim. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_get_custom_oidc_sub_claim_for_repo(owner, repo) -> {include_claim_keys, use_default}
Update a repository security advisory
Update a repository security advisory using its GitHub Security Advisory (GHSA) identifier. In order to update any security advisory, the authenticated user must be a security manager or administrator of that repository, or a collaborator on the repository security advisory. OAuth app tokens and personal access tokens (classic) need the `repo` or `repository_advisories:write` scope to use this endpoint.
security_advisories_update_repository_advisory(ghsa_id, owner, repo, collaborating_teams?, collaborating_users?, credits?, cve_id?, cvss_vector_string?, cwe_ids?, description?, severity?, state?, summary?, vulnerabilities?) -> {author, closed_at, collaborating_teams, collaborating_users, ...}
Create a repository variable
Creates a repository variable that you can reference in a GitHub Actions workflow. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_create_repo_variable(name, owner, repo, value) -> {}
List organization secrets
Lists all secrets available in an organization without revealing their encrypted values. Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint. If the repository is private, the `repo` scope is also required.
actions_list_org_secrets(org, page?, per_page?) -> {secrets, total_count}
Get a workflow
Gets a specific workflow. You can replace `workflow_id` with the workflow file name. For example, you could use `main.yaml`. Anyone with read access to the repository can use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
actions_get_workflow(owner, repo, workflow_id) -> {badge_url, created_at, deleted_at, html_url, ...}
Delete a discussion
Delete a discussion from a team's page. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `DELETE /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}`. OAuth app tokens and personal access tokens (classic) need the `write:discussion` scope to use this endpoint.
teams_delete_discussion_in_org(discussion_number, org, team_slug)
Create draft item for user owned project
Create draft issue item for the specified user owned project.
projects_create_draft_item_for_authenticated_user(project_number, title, user_id, body?) -> {archived_at, content, content_type, created_at, ...}
Delete a discussion (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [`Delete a discussion`](https://docs.github.com/rest/teams/discussions#delete-a-discussion) endpoint. Delete a discussion from a team's page. OAuth app tokens and personal access tokens (classic) need the `write:discussion` scope to use this endpoint.
teams_delete_discussion_legacy(discussion_number, team_id)
Get a package version for a user
Gets a specific package version for a public package owned by a specified user. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_get_package_version_for_user(package_name, package_type, package_version_id, username) -> {created_at, deleted_at, description, html_url, ...}
Get a deploy key
repos_get_deploy_key(key_id, owner, repo) -> {added_by, created_at, enabled, id, ...}
Delete package version for a user
Deletes a specific package version for a user. If the package is public and the package version has more than 5,000 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance. If the `package_type` belongs to a GitHub Packages registry that supports granular permissions, the authenticated user must have admin permissions to the package. For the list of these registries, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#granular-permissions-for-userorganization-scoped-packages)." OAuth app tokens and personal access tokens (classic) need the `read:packages` and `delete:packages` scopes to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_delete_package_version_for_user(package_name, package_type, package_version_id, username)
List package versions for a package owned by the authenticated user
Lists package versions for a package owned by the authenticated user. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_get_all_package_versions_for_package_owned_by_authenticated_user(package_name, package_type, page?, per_page?, state?) -> [{}]
List issue events
Lists all events for an issue.
issues_list_events(issue_number, owner, repo, page?, per_page?) -> [{}]
Update a GitHub-hosted runner for an organization
Updates a GitHub-hosted runner for an organization. OAuth app tokens and personal access tokens (classic) need the `manage_runners:org` scope to use this endpoint.
actions_update_hosted_runner_for_org(hosted_runner_id, org, enable_static_ip?, image_version?, maximum_runners?, name?, runner_group_id?) -> {id, image_details, image_gen, last_active_on, ...}
Update an environment variable
Updates an environment variable that you can reference in a GitHub Actions workflow. Authenticated users must have collaborator access to a repository to create, update, or read variables. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_update_environment_variable(environment_name, name, owner, repo, name?, value?)
Restore a package for the authenticated user
Restores a package owned by the authenticated user. You can restore a deleted package under the following conditions: - The package was deleted within the last 30 days. - The same package namespace and version is still available and not reused for a new package. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first. OAuth app tokens and personal access tokens (classic) need the `read:packages` and `write:packages` scopes to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_restore_package_for_authenticated_user(package_name, package_type, token?)
Review custom deployment protection rules for a workflow run
Approve or reject custom deployment protection rules provided by a GitHub App for a workflow run. For more information, see "[Using environments for deployment](https://docs.github.com/actions/deployment/targeting-different-environments/using-environments-for-deployment)." > [!NOTE] > GitHub Apps can only review their own custom deployment protection rules. To approve or reject pending deployments that are waiting for review from a specific person or team, see [`POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments`](/rest/actions/workflow-runs#review-pending-deployments-for-a-workflow-run). OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
actions_review_custom_gates_for_run(owner, repo, run_id)
Set interaction restrictions for an organization
Temporarily restricts interactions to a certain type of GitHub user in any public repository in the given organization. You must be an organization owner to set these restrictions. Setting the interaction limit at the organization level will overwrite any interaction limits that are set for individual repositories owned by the organization.
interactions_set_restrictions_for_org(limit, org, expiry?) -> {expires_at, limit, origin}
List package versions for a package owned by a user
Lists package versions for a public package owned by a specified user. OAuth app tokens and personal access tokens (classic) need the `read:packages` scope to use this endpoint. For more information, see "[About permissions for GitHub Packages](https://docs.github.com/packages/learn-github-packages/about-permissions-for-github-packages#permissions-for-repository-scoped-packages)."
packages_get_all_package_versions_for_package_owned_by_user(package_name, package_type, username) -> [{}]
List app installations accessible to the user access token
Lists installations of your GitHub App that the authenticated user has explicit permission (`:read`, `:write`, or `:admin`) to access. The authenticated user has explicit permission to access repositories they own, repositories where they are a collaborator, and repositories that they can access through an organization membership. You can find the permissions for the installation under the `permissions` key.
apps_list_installations_for_authenticated_user(page?, per_page?) -> {installations, total_count}
Update a codespace for the authenticated user
Updates a codespace owned by the authenticated user. Currently only the codespace's machine type and recent folders can be modified using this endpoint. If you specify a new machine type it will be applied the next time your codespace is started. OAuth app tokens and personal access tokens (classic) need the `codespace` scope to use this endpoint.
codespaces_update_for_authenticated_user(codespace_name, display_name?, machine?, recent_folders?) -> {billable_owner, created_at, devcontainer_path, display_name, ...}
Retrieve a code security configuration of an enterprise
Gets a code security configuration available in an enterprise. The authenticated user must be an administrator of the enterprise in order to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `read:enterprise` scope to use this endpoint.
code_security_get_single_configuration_for_enterprise(configuration_id, enterprise) -> {advanced_security, code_scanning_default_setup, code_scanning_default_setup_options, code_scanning_delegated_alert_dismissal, ...}
Set team access restrictions
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. Replaces the list of teams that have push access to this branch. This removes all teams that previously had push access and grants push access to the new list of teams. Team restrictions include child teams.
repos_set_team_access_restrictions(branch, owner, repo) -> [{}]
List repository organization secrets
Lists all organization secrets shared with a repository without revealing their encrypted values. Authenticated users must have collaborator access to a repository to create, update, or read secrets. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_list_repo_organization_secrets(owner, repo, page?, per_page?) -> {secrets, total_count}
Get a review comment for a pull request
Provides details for a specified review comment. This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github-commitcomment.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github-commitcomment.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github-commitcomment.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github-commitcomment.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
pulls_get_review_comment(comment_id, owner, repo) -> {_links, author_association, body, body_html, ...}
Get the weekly commit count
Returns the total commit counts for the `owner` and total commit counts in `all`. `all` is everyone combined, including the `owner` in the last 52 weeks. If you'd like to get the commit counts for non-owners, you can subtract `owner` from `all`. The array order is oldest week (index 0) to most recent week. The most recent week is seven days ago at UTC midnight to today at UTC midnight.
repos_get_participation_stats(owner, repo) -> {all, owner}
Create reaction for a release
Create a reaction to a [release](https://docs.github.com/rest/releases/releases#get-a-release). A response with a `Status: 200 OK` means that you already added the reaction type to this release.
reactions_create_for_release(content, owner, release_id, repo) -> {content, created_at, id, node_id, ...}
Create a remove token for an organization
Returns a token that you can pass to the `config` script to remove a self-hosted runner from an organization. The token expires after one hour. For example, you can replace `TOKEN` in the following example with the registration token provided by this endpoint to remove your self-hosted runner from an organization: ``` ./config.sh remove --token TOKEN ``` Authenticated users must have admin access to the organization to use this endpoint. OAuth tokens and personal access tokens (classic) need the`admin:org` scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
actions_create_remove_token_for_org(org) -> {expires_at, permissions, repositories, repository_selection, ...}
Check if Dependabot security updates are enabled for a repository
Shows whether Dependabot security updates are enabled, disabled or paused for a repository. The authenticated user must have admin read access to the repository. For more information, see "[Configuring Dependabot security updates](https://docs.github.com/articles/configuring-automated-security-fixes)".
repos_check_automated_security_fixes(owner, repo) -> {enabled, paused}
Get commit signature protection
Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see [GitHub's products](https://docs.github.com/github/getting-started-with-github/githubs-products) in the GitHub Help documentation. When authenticated with admin or owner permissions to the repository, you can use this endpoint to check whether a branch requires signed commits. An enabled status of `true` indicates you must sign commits on this branch. For more information, see [Signing commits with GPG](https://docs.github.com/articles/signing-commits-with-gpg) in GitHub Help. > [!NOTE] > You must enable branch protection to require signed commits.
repos_get_commit_signature_protection(branch, owner, repo) -> {enabled, url}
Remove a repository from a team (Legacy)
> [!WARNING] > **Endpoint closing down notice:** This endpoint route is closing down and will be removed from the Teams API. We recommend migrating your existing code to use the new [Remove a repository from a team](https://docs.github.com/rest/teams/teams#remove-a-repository-from-a-team) endpoint. If the authenticated user is an organization owner or a team maintainer, they can remove any repositories from the team. To remove a repository from a team as an organization member, the authenticated user must have admin access to the repository and must be able to see the team. NOTE: This does not delete the repository, it just removes it from the team.
teams_remove_repo_legacy(owner, repo, team_id)
Update a pull request branch
Updates the pull request branch with the latest upstream changes by merging HEAD from the base branch into the pull request branch. Note: If making a request on behalf of a GitHub App you must also have permissions to write the contents of the head repository.
pulls_update_branch(owner, pull_number, repo, expected_head_sha?)
Delete a custom image from the organization
Delete a custom image from the organization. OAuth tokens and personal access tokens (classic) need the `manage_runners:org` scope to use this endpoint.
actions_delete_custom_image_from_org(image_definition_id, org)
Create a push protection bypass
Creates a bypass for a previously push protected secret. The authenticated user must be the original author of the committed secret. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
secret_scanning_create_push_protection_bypass(owner, placeholder_id, reason, repo) -> {expire_at, reason, token_type}
Create an issue
Any user with pull access to a repository can create an issue. If [issues are disabled in the repository](https://docs.github.com/articles/disabling-issues/), the API returns a `410 Gone` status. This endpoint triggers [notifications](https://docs.github.com/github/managing-subscriptions-and-notifications-on-github/about-notifications). Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "[Rate limits for the API](https://docs.github.com/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-secondary-rate-limits)" and "[Best practices for using the REST API](https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api)." This endpoint supports the following custom media types. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)." - **`application/vnd.github.raw+json`**: Returns the raw markdown body. Response will include `body`. This is the default if you do not pass any specific media type. - **`application/vnd.github.text+json`**: Returns a text only representation of the markdown body. Response will include `body_text`. - **`application/vnd.github.html+json`**: Returns HTML rendered from the body's markdown. Response will include `body_html`. - **`application/vnd.github.full+json`**: Returns raw, text, and HTML representations. Response will include `body`, `body_text`, and `body_html`.
issues_create(owner, repo, title, assignee?, assignees?, body?, labels?, milestone?, type?) -> {labels_url, title, comments, id, ...}
List check suites for a Git reference
Lists check suites for a commit `ref`. The `ref` can be a SHA, branch name, or a tag name. > [!NOTE] > The endpoints to manage checks only look for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty `pull_requests` array and a `null` value for `head_branch`. OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint on a private repository.
checks_list_suites_for_ref(owner, ref, repo, app_id?, check_name?, page?, per_page?) -> {check_suites, total_count}
Upload a release asset
This endpoint makes use of a [Hypermedia relation](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#hypermedia) to determine which URL to access. The endpoint you call to upload release assets is specific to your release. Use the `upload_url` returned in the response of the [Create a release endpoint](https://docs.github.com/rest/releases/releases#create-a-release) to upload a release asset. You need to use an HTTP client which supports [SNI](http://en.wikipedia.org/wiki/Server_Name_Indication) to make calls to this endpoint. Most libraries will set the required `Content-Length` header automatically. Use the required `Content-Type` header to provide the media type of the asset. For a list of media types, see [Media Types](https://www.iana.org/assignments/media-types/media-types.xhtml). For example: `application/zip` GitHub expects the asset data in its raw binary form, rather than JSON. You will send the raw binary content of the asset as the request body. Everything else about the endpoint is the same as the rest of the API. For example, you'll still need to pass your authentication to be able to upload an asset. When an upstream failure occurs, you will receive a `502 Bad Gateway` status. This may leave an empty asset with a state of `starter`. It can be safely deleted. **Notes:** * GitHub renames asset filenames that have special characters, non-alphanumeric characters, and leading or trailing periods. The "[List release assets](https://docs.github.com/rest/releases/assets#list-release-assets)" endpoint lists the renamed filenames. For more information and help, contact [GitHub Support](https://support.github.com/contact?tags=dotcom-rest-api). * To find the `release_id` query the [`GET /repos/{owner}/{repo}/releases/latest` endpoint](https://docs.github.com/rest/releases/releases#get-the-latest-release). * If you upload an asset with the same filename as another uploaded asset, you'll receive an error and must delete the old file before you can re-upload the new asset.
repos_upload_release_asset(name, owner, release_id, repo, label?) -> {browser_download_url, content_type, created_at, digest, ...}
List team repositories
Lists a team's repositories visible to the authenticated user. > [!NOTE] > You can also specify a team by `org_id` and `team_id` using the route `GET /organizations/{org_id}/team/{team_id}/repos`.
teams_list_repos_in_org(org, team_slug, page?, per_page?) -> [{}]
List project fields for user
List all fields for a specific user-owned project.
projects_list_fields_for_user(project_number, username, after?, before?, per_page?) -> [{}]
Links
No external links available.
Authentication
-
Basic Auth
-
Bearer Token
-
Oauth2_authorization_code (Primary)