octokit/rest.js

Usage

Import the Octokit constructor based on your platform.

Browsers

Load @octokit/rest directly from esm.sh
<script type="module">
  import { Octokit } from "https://esm.sh/@octokit/rest";
</script>

Node

Install with npm install @octokit/rest
const { Octokit } = require("@octokit/rest");
// or: import { Octokit } from "@octokit/rest";

const { Octokit } = require("@octokit/rest");

Now instantiate your octokit API. All options are optional, but authentication is strongly encouraged.

const octokit = new Octokit({

You can set auth to a personal access token string.

Learn more about authentication.

  auth: "secret123",

Setting a user agent is required. It defaults to octokit/rest.js v1.2.3 where v1.2.3 is the current version of @octokit/rest, but you should set it to something that identifies your app or script.

  userAgent: 'myApp v1.2.3',

API Previews can be enabled globally by setting the previews option. They can be set per-request as well.

Learn more about API Previews.

  previews: ['jean-grey', 'symmetra'],

A default time zone can be enabled by setting the timeZone option.

  timeZone: 'Europe/Amsterdam',

Learn more about using time zones with the GitHub API.

In order to use Octokit with GitHub Enterprise, set the baseUrl option.

  baseUrl: 'https://api.github.com',

For custom logging, pass an object with debug, info, warn and error methods as the log option.

Learn more about logging and debugging.

  log: {
    debug: () => {},
    info: () => {},
    warn: console.warn,
    error: console.error
  },

Custom request options can be passed as request.* options. See @octokit/request options. The same options can be passed to each endpoint request method.

  request: {
    agent: undefined,
    fetch: undefined,
    timeout: 0
  }
})

Most of GitHub’s REST API endpoints have matching methods. All endpoint methods are asynchronous, in order to use await in the code examples, we wrap them into an anonymous async function.

(async () => {

For example to retrieve a pull request, use octokit.rest.pulls.get(). We recommend to use the search above to find the endpoint method you are looking for

const { data: pullRequest } = await octokit.rest.pulls.get({
  owner: "octokit",
  repo: "rest.js",
  pull_number: 123,
});

Some API endpoints support alternative response formats, see Media types. For example, to request the above pull request in a diff format, pass the mediaType.format option.

Learn more about request formats.

const { data: diff } = await octokit.rest.pulls.get({
  owner: "octokit",
  repo: "rest.js",
  pull_number: 123,
  mediaType: {
    format: "diff",
  },
});

For the API endpoints that do not have a matching method, such as the root endpoint or legacy endpoints, you can send custom requests.

Learn more about custom requests.

const { data: root } = await octokit.request("GET /");

You can also register custom endpoint methods, which is particularly useful if you participate in a private beta.

Learn more about custom endpoint methods.

await octokit.registerEndpoints({
  misc: {
    getRoot: {
      method: "GET",
      url: "/",
    },
  },
});

Some endpoints return a list which has to be paginated in order to retrieve the complete data set.

Learn more about pagination.

  octokit.paginate(octokit.rest.issues.listForRepo, {
    owner: 'octokit',
    repo: 'rest.js'
  })
    .then(issues => {
      // issues is an array of all issue objects
    })
})

You can add more functionality with plugins. We recommend the retry and throttling plugins.

Learn more about throttling, automatic retries and building your own Plugins.

import { retry } from "@octokit/plugin-retry";
import { throttling } from "@octokit/plugin-throttling";

const MyOctokit = Octokit.plugin(retry, throttling);

Octokit.plugin() returns a new constructor. The same options can be passed to the constructor. The options are passed on to all plugin functions as the 2nd argument.

const myOctokit = new MyOctokit({
  auth: "secret123",
  throttle: {
    onRateLimit: (retryAfter, options) => {
      myOctokit.log.warn(
        `Request quota exhausted for request ${options.method} ${options.url}`,
      );

      if (options.request.retryCount === 0) {
        // only retries once
        myOctokit.log.info(`Retrying after ${retryAfter} seconds!`);
        return true;
      }
    },
    onSecondaryRateLimit: (retryAfter, options, octokit) => {
      // does not retry, only logs a warning
      octokit.log.warn(
        `Secondary quota detected for request ${options.method} ${options.url}`,
      );
    },
  },
  retry: {
    doNotRetry: ["429"],
  },
});

Authentication

Authentication is optional for some REST API endpoints accessing public data, but is required for GraphQL queries. Using authentication also increases your API rate limit.

GitHub supports different authentication strategies:

  1. Personal access token (create). This is the default authentication strategy. Set the options.auth option to the token in new Octokit(options). Learn more about the built-in @octokit/auth-token authentication strategy.
  2. OAuth Apps: authenticate using user access token created by an OAuth app, to which you granted selected permissions, or as the OAuth App itself (OAuth using client_id and client_secret). Learn more about the optional @octokit/auth-oauth-app authentication strategy
  3. GitHub Apps: authenticate using an installation access token or as GitHub App itself. Learn more about the optional @octokit/auth-app authentication strategy.
  4. GitHub Actions: authenticate using the GITHUB_TOKEN secret which is provided to GitHub Actions Workflows. Learn more about the optional @octokit/auth-action authentication strategy.

Learn more about all official and community authentication strategies.

By default, @octokit/rest authenticates using the token authentication strategy. Pass in a token using options.auth. It can be a personal access token, an OAuth token, an installation access token or a JSON Web Token for GitHub App authentication. The Authorization request header will be set according to the type of token.

const { Octokit } = require("@octokit/rest");

const octokit = new Octokit({
  auth: "mypersonalaccesstoken123",
});

// sends request with `Authorization: token mypersonalaccesstoken123` header
const { data } = await octokit.request("/user");

To use a different authentication strategy, set options.authStrategy. Here is an example for GitHub App authentication

const { Octokit } = require("@octokit/rest");
const { createAppAuth } = require("@octokit/auth-app");

const appOctokit = new Octokit({
  authStrategy: createAppAuth,
  auth: {
    appId: 123,
    privateKey: process.env.PRIVATE_KEY,
    // optional: this will make appOctokit authenticate as app (JWT)
    //           or installation (access token), depending on the request URL
    installationId: 123,
  },
});

const { data } = await appOctokit.request("/app");

The .auth() method returned by the current authentication strategy can be accessed at octokit.auth(). Example

const { token } = await appOctokit.auth({
  type: "installation",
  // defaults to `options.auth.installationId` set in the constructor
  installationId: 123,
});

Previews

To enable any of GitHub’s API Previews, pass the previews option to the GitHub constructor

const octokit = new Octokit({
  previews: ["mercy-preview"],
});

Previews can also be enabled for a single request by passing the mediaType.preview option

const {
  data: { topics },
} = await octokit.rest.repos.get({
  owner: "octokit",
  repo: "rest.js",
  mediaType: {
    previews: ["symmetra"],
  },
});

Request formats & aborts

Some API endpoints support alternative response formats, see Media types.

For example, to request a pull request as diff format, set the mediaType.format option

const { data: prDiff } = await octokit.rest.pulls.get({
  owner: "octokit",
  repo: "rest.js",
  pull_number: 1278,
  mediaType: {
    format: "diff",
  },
});

The AbortController interface can be used to abort one or more requests as and when desired. When the request is initiated, an AbortSignal instance can be passed as an option inside the request's options object. For usage in Node, the abort-controller package can be used.

const controller = new AbortController();
const { data: prDiff } = await octokit.rest.pulls.get({
  owner: "octokit",
  repo: "rest.js",
  pull_number: 1278,
  request: {
    signal: controller.signal,
  },
});

Use controller.abort() to abort the request when desired.

Custom requests

To send custom requests you can use the lower-level octokit.request() method

octokit.request("GET /");

The baseUrl, headers and other defaults are already set. For more information on the octokit.request() API see octokit/request.js

All the endpoint methods such as octokit.rest.repos.get() are aliases of octokit.request() with pre-bound default options. So you can use the @octokit/request API to get the default options or get generic request option to use with your preferred request library.

const defaultOptions = octokit.rest.repos.get.endpoint.DEFAULTS;
const requestOptions = octokit.rest.repos.get.endpoint({
  owner: "octokit",
  repo: "rest.js",
});

Note that authentication is not applied when retrieving request options from the *.endpoint APIs.

Pagination

All endpoint methods starting with .list* do not return all results at once but instead return the first 30 items by default, see also GitHub’s REST API pagination documentation.

To automatically receive all results across all pages, you can use the octokit.paginate() method:

octokit
  .paginate("GET /repos/{owner}/{repo}/issues", {
    owner: "octokit",
    repo: "rest.js",
  })
  .then((issues) => {
    // issues is an array of all issue objects. It is not wrapped in a { data, headers, status, url } object
    // like results from `octokit.request()` or any of the endpoint methods such as `octokit.rest.issues.listForRepo()`
  });

octokit.paginate() accepts the same options as octokit.request(). You can optionally pass an additional function to map the results from each response. The map must return a new value, usually an array with mapped data.

Note: the map function is called with the { data, headers, status, url } response object. The data property is guaranteed to be an array of the result items, even for list endpoints that respond with an object instead of an array, such as the search endpoints.

octokit
  .paginate(
    "GET /repos/{owner}/{repo}/issues",
    { owner: "octokit", repo: "rest.js" },
    (response) => response.data.map((issue) => issue.title),
  )
  .then((issueTitles) => {
    // issueTitles is now an array with the titles only
  });

To stop paginating early, you can call the done() function passed as 2nd argument to the response map function. Note that you still have to return the value you want to map the response to, otherwise the last response will be mapped to undefined.

octokit.paginate(
  "GET /repos/{owner}/{repo}/issues",
  { owner: "octokit", repo: "rest.js" },
  (response, done) => {
    if (response.data.find((issue) => issue.body.includes("something"))) {
      done();
    }
    return response.data;
  },
);

To paginate responses for one of the registered endpoint methods such as octokit.rest.issues.listForRepo() you can pass the method directly as first argument to octokit.paginate:

octokit
  .paginate(octokit.rest.issues.listForRepo, {
    owner: "octokit",
    repo: "rest.js",
  })
  .then((issues) => {
    // issues is an array of all issue objects
  });

If your runtime environment supports async iterators (such as most modern browsers and Node 10+), you can iterate through each response

for await (const response of octokit.paginate.iterator(
  octokit.rest.issues.listForRepo,
  {
    owner: "octokit",
    repo: "rest.js",
  },
)) {
  // do whatever you want with each response, break out of the loop, etc.
}

octokit.paginate.iterator() accepts the same options as octokit.paginate().

Hooks

You can customize Octokit’s request lifecycle with hooks. Available methods are

octokit.hook.before("request", async (options) => {
  validate(options);
});
octokit.hook.after("request", async (response, options) => {
  console.log(`${options.method} ${options.url}: ${response.status}`);
});
octokit.hook.error("request", async (error, options) => {
  if (error.status === 304) {
    return findInCache(error.response.headers.etag);
  }

  throw error;
});
octokit.hook.wrap("request", async (request, options) => {
  // add logic before, after, catch errors or replace the request altogether
  return request(options);
});

See before-after-hook for more details on the 4 methods.

Custom endpoint methods

Note: octokit.registerEndpoints() has been deprecated.

Instead of

await octokit.registerEndpoints({
  misc: {
    getRoot: {
      method: "GET",
      url: "/",
    },
  },
});

do

Object.assign(octokit.misc, {
  getRoot: octokit.request.defaults({
    method: "GET",
    url: "/",
  }),
});

If you use octokit.registerEndpoints() in a plugin, return an object instead:

function myPlugin(octokit, options) {
  return {
    misc: {
      octokit.request.defaults({ method: "GET", url: "/" })
    }
  }
}

You can register custom endpoint methods such as octokit.rest.repos.get() using the octokit.registerEndpoints(routes) method

octokit.registerEndpoints({
  foo: {
    bar: {
      method: "PATCH",
      url: "/repos/{owner}/{repo}/foo",
      headers: {
        accept: "application/vnd.github.foo-bar-preview+json",
      },
      params: {
        owner: {
          required: true,
          type: "string",
        },
        repo: {
          required: true,
          type: "string",
        },
        baz: {
          required: true,
          type: "string",
          enum: ["qux", "quux", "quuz"],
        },
      },
    },
  },
});

octokit.foo.bar({
  owner: "octokit",
  repo: "rest.js",
  baz: "quz",
});

This is useful when you participate in private beta features and prefer the convenience of methods for the new endpoints instead of using octokit.request().

Plugins

You can customize and extend Octokit’s functionality using plugins

// index.js
const { Octokit } = require("@octokit/rest");
const MyOctokit = Octokit.plugin(
  require("./lib/my-plugin"),
  require("octokit-plugin-example"),
);

// lib/my-plugin.js
module.exports = (octokit, options = { greeting: "Hello" }) => {
  // hook into the request lifecycle
  octokit.hook.wrap("request", async (request, options) => {
    const time = Date.now();
    const response = await request(options);
    octokit.log.info(
      `${options.method} ${options.url} – ${response.status} in ${
        Date.now() - time
      }ms`,
    );
    return response;
  });

  // add a custom method: octokit.helloWorld()
  return {
    helloWorld: () => console.log(`${options.greeting}, world!`),
  };
};

.plugin accepts a function or an array of functions.

We recommend using Octokit’s log methods to help users of your plugin with debugging.

You can add new methods to the octokit instance passed as the first argument to the plugin function. The 2nd argument is the options object passed to the constructor when instantiating the octokit client.

const octokit = new MyOctokit({ greeting: "Hola" });
octokit.helloWorld();
// Hola, world!

Throttling

When you send too many requests in too little time you will likely hit errors due to rate and/or abuse limits.

In order to automatically throttle requests as recommended in GitHub’s best practices for integrators, we recommend you install the @octokit/plugin-throttling plugin.

The throttle.onSecondaryRateLimit and throttle.onRateLimit options are required.

Return true from these functions to automatically retry the request after retryAfter seconds. Return false or undefined to skip retry and throw the error. For rate limit errors, retryAfter defaults to seconds until X-RateLimit-Reset. For abuse errors, retryAfter defaults to the retry-after header but is a minimum of five seconds.

const { Octokit } = require("@octokit/rest");
const { throttling } = require("@octokit/plugin-throttling");
const MyOctokit = Octokit.plugin(throttling);

const octokit = new MyOctokit({
  auth: "token " + process.env.TOKEN,
  throttle: {
    onRateLimit: (retryAfter, options) => {
      octokit.log.warn(
        `Request quota exhausted for request ${options.method} ${options.url}`,
      );

      // Retry twice after hitting a rate limit error, then give up
      if (options.request.retryCount <= 2) {
        console.log(`Retrying after ${retryAfter} seconds!`);
        return true;
      }
    },
    onSecondaryRateLimit: (retryAfter, options, octokit) => {
      // does not retry, only logs a warning
      octokit.log.warn(
        `Secondary quota detected for request ${options.method} ${options.url}`,
      );
    },
  },
});

Automatic retries

Many common request errors can be easily remediated by retrying the request. We recommend installing the @octokit/plugin-retry plugin for Automatic retries in these cases

const { Octokit } = require("@octokit/rest");
const { retry } = require("@octokit/plugin-retry");
const MyOctokit = Octokit.plugin(retry);

const octokit = new MyOctokit();

// all requests sent with the `octokit` instance are now retried up to 3 times for recoverable errors.

Logging

Octokit has 4 built-in log methods

  1. octokit.log.debug(message[, additionalInfo])
  2. octokit.log.info(message[, additionalInfo])
  3. octokit.log.warn(message[, additionalInfo])
  4. octokit.log.error(message[, additionalInfo])

They can be configured using the log client option. By default, octokit.log.debug() and octokit.log.info() are no-ops, while the other two call console.warn() and console.error() respectively.

This is useful if you build reusable plugins.

Debug

The simplest way to receive debug information is to set the log client option to console.

const octokit = require("@octokit/rest")({
  log: console,
});

octokit.request("/");

This will log

request { method: 'GET',
  baseUrl: 'https://api.github.com',
  headers:
   { accept: 'application/vnd.github.v3+json',
     'user-agent':
      'octokit.js/0.0.0-development Node.js/10.15.0 (macOS Mojave; x64)' },
  request: {},
  url: '/' }
GET / - 200 in 514ms

If you like to support a configurable log level, we recommend using the console-log-level module

const octokit = require("@octokit/rest")({
  log: require("console-log-level")({ level: "info" }),
});

octokit.request("/");

This will only log

GET / - 200 in 514ms

Actions

Add custom labels to a self-hosted runner for an organization

Adds custom labels to a self-hosted runner configured in an organization.

Authenticated users must have admin access to the organization to use this endpoint.

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.actions.addCustomLabelsToSelfHostedRunnerForOrg({
  org,
  runner_id,
  labels,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

labelsyes

The names of the custom labels to add to the runner.

See also: GitHub Developer Guide documentation.

Add custom labels to a self-hosted runner for a repository

Adds custom labels to a self-hosted runner configured in a repository.

Authenticated users must have admin access to the organization to use this endpoint.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.addCustomLabelsToSelfHostedRunnerForRepo({
  owner,
  repo,
  runner_id,
  labels,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

labelsyes

The names of the custom labels to add to the runner.

See also: GitHub Developer Guide documentation.

Add selected repository to an organization secret

Adds a repository to an organization secret when the visibility for repository access is set to selected. For more information about setting the visibility, see Create or update an organization secret.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.addSelectedRepoToOrgSecret({
  org,
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

Add selected repository to an organization variable

Adds a repository to an organization variable that is available to selected repositories. Organization variables that are available to selected repositories have their visibility field set to selected.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.addSelectedRepoToOrgVariable({
  org,
  name,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameyes

The name of the variable.

repository_idyes

See also: GitHub Developer Guide documentation.

Approve a workflow run for a fork pull request

Approves a workflow run for a pull request from a public fork of a first time contributor. For more information, see "Approving workflow runs from public forks."

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.approveWorkflowRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Cancel a workflow run

Cancels a workflow run using its id.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.cancelWorkflowRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Create an environment variable

Create an environment variable that you can reference in a GitHub Actions workflow.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.createEnvironmentVariable({
  repository_id,
  environment_name,
  name,
  value,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment. The name must be URL encoded. For example, any slashes in the name must be replaced with %2F.

nameyes

The name of the variable.

valueyes

The value of the variable.

See also: GitHub Developer Guide documentation.

Create or update an environment secret

Creates or updates an environment secret with an encrypted value. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API."

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.createOrUpdateEnvironmentSecret({
  repository_id,
  environment_name,
  secret_name,
  encrypted_value,
  key_id,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment. The name must be URL encoded. For example, any slashes in the name must be replaced with %2F.

secret_nameyes

The name of the secret.

encrypted_valueyes

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get an environment public key endpoint.

key_idyes

ID of the key you used to encrypt the secret.

See also: GitHub Developer Guide documentation.

Create or update an organization secret

Creates or updates an organization secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the secrets organization permission to use this endpoint.

Example encrypting a secret using Node.js

Encrypt your secret using the tweetsodium library.

const sodium = require('tweetsodium');

const key = "base64-encoded-public-key";
const value = "plain-text-secret";

// Convert the message and key to Uint8Array's (Buffer implements that interface)
const messageBytes = Buffer.from(value);
const keyBytes = Buffer.from(key, 'base64');

// Encrypt using LibSodium.
const encryptedBytes = sodium.seal(messageBytes, keyBytes);

// Base64 the encrypted secret
const encrypted = Buffer.from(encryptedBytes).toString('base64');

console.log(encrypted);

Example encrypting a secret using Python

Encrypt your secret using pynacl with Python 3.

from base64 import b64encode
from nacl import encoding, public

def encrypt(public_key: str, secret_value: str) -> str:
  """Encrypt a Unicode string using the public key."""
  public_key = public.PublicKey(public_key.encode("utf-8"), encoding.Base64Encoder())
  sealed_box = public.SealedBox(public_key)
  encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))
  return b64encode(encrypted).decode("utf-8")

Example encrypting a secret using C#

Encrypt your secret using the Sodium.Core package.

var secretValue = System.Text.Encoding.UTF8.GetBytes("mySecret");
var publicKey = Convert.FromBase64String("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvvcCU=");

var sealedPublicKeyBox = Sodium.SealedPublicKeyBox.Create(secretValue, publicKey);

Console.WriteLine(Convert.ToBase64String(sealedPublicKeyBox));

Example encrypting a secret using Ruby

Encrypt your secret using the rbnacl gem.

require "rbnacl"
require "base64"

key = Base64.decode64("+ZYvJDZMHUfBkJdyq5Zm9SKqeuBQ4sj+6sfjlH4CgG0=")
public_key = RbNaCl::PublicKey.new(key)

box = RbNaCl::Boxes::Sealed.from_public_key(public_key)
encrypted_secret = box.encrypt("my_secret")

# Print the base64 encoded secret
puts Base64.strict_encode64(encrypted_secret)
octokit.rest.actions.createOrUpdateOrgSecret({
  org,
  secret_name,
  visibility,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

encrypted_valueno

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get an organization public key endpoint.

key_idno

ID of the key you used to encrypt the secret.

visibilityyes

Which type of organization repositories have access to the organization secret. selected means only the repositories specified by selected_repository_ids can access the secret.

selected_repository_idsno

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can manage the list of selected repositories using the List selected repositories for an organization secret, Set selected repositories for an organization secret, and Remove selected repository from an organization secret endpoints.

See also: GitHub Developer Guide documentation.

Create or update a repository secret

Creates or updates a repository secret with an encrypted value. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API."

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.createOrUpdateRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

secret_nameyes

The name of the secret.

encrypted_valueno

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get a repository public key endpoint.

key_idno

ID of the key you used to encrypt the secret.

See also: GitHub Developer Guide documentation.

Create an organization variable

Creates an organization variable that you can reference in a GitHub Actions workflow.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.createOrgVariable({
  org,
  name,
  value,
  visibility,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameyes

The name of the variable.

valueyes

The value of the variable.

visibilityyes

The type of repositories in the organization that can access the variable. selected means only the repositories specified by selected_repository_ids can access the variable.

selected_repository_idsno

An array of repository ids that can access the organization variable. You can only provide a list of repository ids when the visibility is set to selected.

See also: GitHub Developer Guide documentation.

Create a registration token for an organization

Returns a token that you can pass to the config script. The token expires after one hour.

For example, you can replace TOKEN in the following example with the registration token provided by this endpoint to configure your self-hosted runner:

./config.sh --url https://github.com/octo-org --token TOKEN

Authenticated users must have admin access to the organization to use this endpoint.

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.createRegistrationTokenForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Create a registration token for a repository

Returns a token that you can pass to the config script. The token expires after one hour.

For example, you can replace TOKEN in the following example with the registration token provided by this endpoint to configure your self-hosted runner:

./config.sh --url https://github.com/octo-org --token TOKEN

Authenticated users must have admin access to the repository to use this endpoint.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.createRegistrationTokenForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Create a remove token for an organization

Returns a token that you can pass to the config script to remove a self-hosted runner from an organization. The token expires after one hour.

For example, you can replace TOKEN in the following example with the registration token provided by this endpoint to remove your self-hosted runner from an organization:

./config.sh remove --token TOKEN

Authenticated users must have admin access to the organization to use this endpoint.

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.createRemoveTokenForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Create a remove token for a repository

Returns a token that you can pass to the config script to remove a self-hosted runner from an repository. The token expires after one hour.

For example, you can replace TOKEN in the following example with the registration token provided by this endpoint to remove your self-hosted runner from an organization:

./config.sh remove --token TOKEN

Authenticated users must have admin access to the repository to use this endpoint.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.createRemoveTokenForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Create a repository variable

Creates a repository variable that you can reference in a GitHub Actions workflow.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.createRepoVariable({
  owner,
  repo,
  name,
  value,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

nameyes

The name of the variable.

valueyes

The value of the variable.

See also: GitHub Developer Guide documentation.

Create a workflow dispatch event

You can use this endpoint to manually trigger a GitHub Actions workflow run. You can replace workflow_id with the workflow file name. For example, you could use main.yaml.

You must configure your GitHub Actions workflow to run when the workflow_dispatch webhook event occurs. The inputs are configured in the workflow file. For more information about how to configure the workflow_dispatch event in the workflow file, see "Events that trigger workflows."

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.createWorkflowDispatch({
  owner,
  repo,
  workflow_id,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

workflow_idyes

The ID of the workflow. You can also pass the workflow file name as a string.

refyes

The git reference for the workflow. The reference can be a branch or tag name.

inputsno

Input keys and values configured in the workflow file. The maximum number of properties is 10. Any default properties configured in the workflow file will be used when inputs are omitted.

inputs.*no

See also: GitHub Developer Guide documentation.

Delete a GitHub Actions cache for a repository (using a cache ID)

Deletes a GitHub Actions cache for a repository, using a cache ID.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteActionsCacheById({
  owner,
  repo,
  cache_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

cache_idyes

The unique identifier of the GitHub Actions cache.

See also: GitHub Developer Guide documentation.

Delete GitHub Actions caches for a repository (using a cache key)

Deletes one or more GitHub Actions caches for a repository, using a complete cache key. By default, all caches that match the provided key are deleted, but you can optionally provide a Git ref to restrict deletions to caches that match both the provided key and the Git ref.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteActionsCacheByKey({
  owner,
  repo,
  key,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

keyyes

A key for identifying the cache.

refno

The full Git reference for narrowing down the cache. The ref for a branch should be formatted as refs/heads/<branch name>. To reference a pull request use refs/pull/<number>/merge.

See also: GitHub Developer Guide documentation.

Delete an artifact

Deletes an artifact for a workflow run. OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteArtifact({
  owner,
  repo,
  artifact_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

artifact_idyes

The unique identifier of the artifact.

See also: GitHub Developer Guide documentation.

Delete an environment secret

Deletes a secret in an environment using the secret name.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteEnvironmentSecret({
  repository_id,
  environment_name,
  secret_name,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment. The name must be URL encoded. For example, any slashes in the name must be replaced with %2F.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Delete an environment variable

Deletes an environment variable using the variable name.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteEnvironmentVariable({
  repository_id,
  name,
  environment_name,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

nameyes

The name of the variable.

environment_nameyes

The name of the environment. The name must be URL encoded. For example, any slashes in the name must be replaced with %2F.

See also: GitHub Developer Guide documentation.

Delete an organization secret

Deletes a secret in an organization using the secret name.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Delete an organization variable

Deletes an organization variable using the variable name.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteOrgVariable({
  org,
  name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameyes

The name of the variable.

See also: GitHub Developer Guide documentation.

Delete a repository secret

Deletes a secret in a repository using the secret name.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Delete a repository variable

Deletes a repository variable using the variable name.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteRepoVariable({
  owner,
  repo,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

nameyes

The name of the variable.

See also: GitHub Developer Guide documentation.

Delete a self-hosted runner from an organization

Forces the removal of a self-hosted runner from an organization. You can use this endpoint to completely remove the runner when the machine you were using no longer exists.

Authenticated users must have admin access to the organization to use this endpoint.

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteSelfHostedRunnerFromOrg({
  org,
  runner_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Delete a self-hosted runner from a repository

Forces the removal of a self-hosted runner from a repository. You can use this endpoint to completely remove the runner when the machine you were using no longer exists.

Authenticated users must have admin access to the repository to use this endpoint.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteSelfHostedRunnerFromRepo({
  owner,
  repo,
  runner_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Delete a workflow run

Deletes a specific workflow run.

Anyone with write access to the repository can use this endpoint.

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteWorkflowRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Delete workflow run logs

Deletes all logs for a workflow run.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.deleteWorkflowRunLogs({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Disable a selected repository for GitHub Actions in an organization

Removes a repository from the list of selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for enabled_repositories must be configured to selected. For more information, see "Set GitHub Actions permissions for an organization."

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.actions.disableSelectedRepositoryGithubActionsOrganization({
  org,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

repository_idyes

The unique identifier of the repository.

See also: GitHub Developer Guide documentation.

Disable a workflow

Disables a workflow and sets the state of the workflow to disabled_manually. You can replace workflow_id with the workflow file name. For example, you could use main.yaml.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.disableWorkflow({
  owner,
  repo,
  workflow_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

workflow_idyes

The ID of the workflow. You can also pass the workflow file name as a string.

See also: GitHub Developer Guide documentation.

Download an artifact

Gets a redirect URL to download an archive for a repository. This URL expires after 1 minute. Look for Location: in the response header to find the URL for the download. The :archive_format must be zip.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.downloadArtifact({
  owner,
  repo,
  artifact_id,
  archive_format,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

artifact_idyes

The unique identifier of the artifact.

archive_formatyes

See also: GitHub Developer Guide documentation.

Download job logs for a workflow run

Gets a redirect URL to download a plain text file of logs for a workflow job. This link expires after 1 minute. Look for Location: in the response header to find the URL for the download.

Anyone with read access to the repository can use this endpoint.

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.downloadJobLogsForWorkflowRun({
  owner,
  repo,
  job_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

job_idyes

The unique identifier of the job.

See also: GitHub Developer Guide documentation.

Download workflow run attempt logs

Gets a redirect URL to download an archive of log files for a specific workflow run attempt. This link expires after 1 minute. Look for Location: in the response header to find the URL for the download.

Anyone with read access to the repository can use this endpoint.

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.downloadWorkflowRunAttemptLogs({
  owner,
  repo,
  run_id,
  attempt_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

attempt_numberyes

The attempt number of the workflow run.

See also: GitHub Developer Guide documentation.

Download workflow run logs

Gets a redirect URL to download an archive of log files for a workflow run. This link expires after 1 minute. Look for Location: in the response header to find the URL for the download.

Anyone with read access to the repository can use this endpoint.

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.downloadWorkflowRunLogs({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Enable a selected repository for GitHub Actions in an organization

Adds a repository to the list of selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for enabled_repositories must be must be configured to selected. For more information, see "Set GitHub Actions permissions for an organization."

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.actions.enableSelectedRepositoryGithubActionsOrganization({
  org,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

repository_idyes

The unique identifier of the repository.

See also: GitHub Developer Guide documentation.

Enable a workflow

Enables a workflow and sets the state of the workflow to active. You can replace workflow_id with the workflow file name. For example, you could use main.yaml.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.enableWorkflow({
  owner,
  repo,
  workflow_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

workflow_idyes

The ID of the workflow. You can also pass the workflow file name as a string.

See also: GitHub Developer Guide documentation.

Force cancel a workflow run

Cancels a workflow run and bypasses conditions that would otherwise cause a workflow execution to continue, such as an always() condition on a job. You should only use this endpoint to cancel a workflow run when the workflow run is not responding to POST /repos/{owner}/{repo}/actions/runs/{run_id}/cancel.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.forceCancelWorkflowRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Create configuration for a just-in-time runner for an organization

Generates a configuration that can be passed to the runner application at startup.

The authenticated user must have admin access to the organization.

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.generateRunnerJitconfigForOrg({
  org,
  name,
  runner_group_id,
  labels,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameyes

The name of the new runner.

runner_group_idyes

The ID of the runner group to register the runner to.

labelsyes

The names of the custom labels to add to the runner. Minimum items: 1. Maximum items: 100.

work_folderno

The working directory to be used for job execution, relative to the runner install directory.

See also: GitHub Developer Guide documentation.

Create configuration for a just-in-time runner for a repository

Generates a configuration that can be passed to the runner application at startup.

The authenticated user must have admin access to the repository.

OAuth tokens and personal access tokens (classic) need therepo scope to use this endpoint.

octokit.rest.actions.generateRunnerJitconfigForRepo({
  owner,
  repo,
  name,
  runner_group_id,
  labels,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

nameyes

The name of the new runner.

runner_group_idyes

The ID of the runner group to register the runner to.

labelsyes

The names of the custom labels to add to the runner. Minimum items: 1. Maximum items: 100.

work_folderno

The working directory to be used for job execution, relative to the runner install directory.

See also: GitHub Developer Guide documentation.

List GitHub Actions caches for a repository

Lists the GitHub Actions caches for a repository.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getActionsCacheList({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

refno

The full Git reference for narrowing down the cache. The ref for a branch should be formatted as refs/heads/<branch name>. To reference a pull request use refs/pull/<number>/merge.

keyno

An explicit key or prefix for identifying the cache

sortno

The property to sort the results by. created_at means when the cache was created. last_accessed_at means when the cache was last accessed. size_in_bytes is the size of the cache in bytes.

directionno

The direction to sort the results by.

See also: GitHub Developer Guide documentation.

Get GitHub Actions cache usage for a repository

Gets GitHub Actions cache usage for a repository. The data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.

Anyone with read access to the repository can use this endpoint.

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getActionsCacheUsage({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List repositories with GitHub Actions cache usage for an organization

Lists repositories and their GitHub Actions cache usage for an organization. The data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.

OAuth tokens and personal access tokens (classic) need the read:org scope to use this endpoint.

octokit.rest.actions.getActionsCacheUsageByRepoForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

Get GitHub Actions cache usage for an organization

Gets the total GitHub Actions cache usage for an organization. The data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.

OAuth tokens and personal access tokens (classic) need the read:org scope to use this endpoint.

octokit.rest.actions.getActionsCacheUsageForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get allowed actions and reusable workflows for an organization

Gets the selected actions and reusable workflows that are allowed in an organization. To use this endpoint, the organization permission policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for an organization."

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.actions.getAllowedActionsOrganization({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get allowed actions and reusable workflows for a repository

Gets the settings for selected actions and reusable workflows that are allowed in a repository. To use this endpoint, the repository policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for a repository."

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getAllowedActionsRepository({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get an artifact

Gets a specific artifact for a workflow run.

Anyone with read access to the repository can use this endpoint.

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getArtifact({
  owner,
  repo,
  artifact_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

artifact_idyes

The unique identifier of the artifact.

See also: GitHub Developer Guide documentation.

Get the customization template for an OIDC subject claim for a repository

Gets the customization template for an OpenID Connect (OIDC) subject claim. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the organization_administration:read permission to use this endpoint.

octokit.rest.actions.getCustomOidcSubClaimForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get an environment public key

Get the public key for an environment, which you need to encrypt environment secrets. You need to encrypt a secret before you can create or update secrets.

Anyone with read access to the repository can use this endpoint.

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getEnvironmentPublicKey({
  repository_id,
  environment_name,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment. The name must be URL encoded. For example, any slashes in the name must be replaced with %2F.

See also: GitHub Developer Guide documentation.

Get an environment secret

Gets a single environment secret without revealing its encrypted value.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getEnvironmentSecret({
  repository_id,
  environment_name,
  secret_name,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment. The name must be URL encoded. For example, any slashes in the name must be replaced with %2F.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get an environment variable

Gets a specific variable in an environment.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getEnvironmentVariable({
  repository_id,
  environment_name,
  name,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment. The name must be URL encoded. For example, any slashes in the name must be replaced with %2F.

nameyes

The name of the variable.

See also: GitHub Developer Guide documentation.

Get default workflow permissions for an organization

Gets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in an organization, as well as whether GitHub Actions can submit approving pull request reviews. For more information, see "Setting the permissions of the GITHUB_TOKEN for your organization."

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.actions.getGithubActionsDefaultWorkflowPermissionsOrganization({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get default workflow permissions for a repository

Gets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in a repository, as well as if GitHub Actions can submit approving pull request reviews. For more information, see "Setting the permissions of the GITHUB_TOKEN for your repository."

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getGithubActionsDefaultWorkflowPermissionsRepository({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get GitHub Actions permissions for an organization

Gets the GitHub Actions permissions policy for repositories and allowed actions and reusable workflows in an organization.

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.actions.getGithubActionsPermissionsOrganization({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get GitHub Actions permissions for a repository

Gets the GitHub Actions permissions policy for a repository, including whether GitHub Actions is enabled and the actions and reusable workflows allowed to run in the repository.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getGithubActionsPermissionsRepository({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a job for a workflow run

Gets a specific job in a workflow run.

Anyone with read access to the repository can use this endpoint.

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getJobForWorkflowRun({
  owner,
  repo,
  job_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

job_idyes

The unique identifier of the job.

See also: GitHub Developer Guide documentation.

Get an organization public key

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets.

The authenticated user must have collaborator access to a repository to create, update, or read secrets.

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getOrgPublicKey({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get an organization secret

Gets a single organization secret without revealing its encrypted value.

The authenticated user must have collaborator access to a repository to create, update, or read secrets

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get an organization variable

Gets a specific variable in an organization.

The authenticated user must have collaborator access to a repository to create, update, or read variables.

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getOrgVariable({
  org,
  name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameyes

The name of the variable.

See also: GitHub Developer Guide documentation.

Get pending deployments for a workflow run

Get all deployment environments for a workflow run that are waiting for protection rules to pass.

Anyone with read access to the repository can use this endpoint.

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getPendingDeploymentsForRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Get GitHub Actions permissions for a repository

Deprecated: This method has been renamed to actions.getGithubActionsPermissionsRepository

Gets the GitHub Actions permissions policy for a repository, including whether GitHub Actions is enabled and the actions and reusable workflows allowed to run in the repository.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getRepoPermissions({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a repository public key

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets.

Anyone with read access to the repository can use this endpoint.

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getRepoPublicKey({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a repository secret

Gets a single repository secret without revealing its encrypted value.

The authenticated user must have collaborator access to the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get a repository variable

Gets a specific variable in a repository.

The authenticated user must have collaborator access to the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getRepoVariable({
  owner,
  repo,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

nameyes

The name of the variable.

See also: GitHub Developer Guide documentation.

Get the review history for a workflow run

Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.getReviewsForRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Get a self-hosted runner for an organization

Gets a specific self-hosted runner configured in an organization.

Authenticated users must have admin access to the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.getSelfHostedRunnerForOrg({
  org,
  runner_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Get a self-hosted runner for a repository

Gets a specific self-hosted runner configured in a repository.

Authenticated users must have admin access to the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getSelfHostedRunnerForRepo({
  owner,
  repo,
  runner_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Get a workflow

Gets a specific workflow. You can replace workflow_id with the workflow file name. For example, you could use main.yaml.

Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.getWorkflow({
  owner,
  repo,
  workflow_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

workflow_idyes

The ID of the workflow. You can also pass the workflow file name as a string.

See also: GitHub Developer Guide documentation.

Get the level of access for workflows outside of the repository

Gets the level of access that workflows outside of the repository have to actions and reusable workflows in the repository. This endpoint only applies to private repositories. For more information, see "Allowing access to components in a private repository."

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.getWorkflowAccessToRepository({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a workflow run

Gets a specific workflow run.

Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.getWorkflowRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

exclude_pull_requestsno

If true pull requests are omitted from the response (empty array).

See also: GitHub Developer Guide documentation.

Get a workflow run attempt

Gets a specific workflow run attempt.

Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.getWorkflowRunAttempt({
  owner,
  repo,
  run_id,
  attempt_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

attempt_numberyes

The attempt number of the workflow run.

exclude_pull_requestsno

If true pull requests are omitted from the response (empty array).

See also: GitHub Developer Guide documentation.

Get workflow run usage

Gets the number of billable minutes and total run time for a specific workflow run. Billable minutes only apply to workflows in private repositories that use GitHub-hosted runners. Usage is listed for each GitHub-hosted runner operating system in milliseconds. Any job re-runs are also included in the usage. The usage does not include the multiplier for macOS and Windows runners and is not rounded up to the nearest whole minute. For more information, see "Managing billing for GitHub Actions".

Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.getWorkflowRunUsage({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Get workflow usage

Gets the number of billable minutes used by a specific workflow during the current billing cycle. Billable minutes only apply to workflows in private repositories that use GitHub-hosted runners. Usage is listed for each GitHub-hosted runner operating system in milliseconds. Any job re-runs are also included in the usage. The usage does not include the multiplier for macOS and Windows runners and is not rounded up to the nearest whole minute. For more information, see "Managing billing for GitHub Actions".

You can replace workflow_id with the workflow file name. For example, you could use main.yaml.

Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.getWorkflowUsage({
  owner,
  repo,
  workflow_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

workflow_idyes

The ID of the workflow. You can also pass the workflow file name as a string.

See also: GitHub Developer Guide documentation.

List artifacts for a repository

Lists all artifacts for a repository.

Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.listArtifactsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

nameno

The name field of an artifact. When specified, only artifacts with this name will be returned.

See also: GitHub Developer Guide documentation.

List environment secrets

Lists all secrets available in an environment without revealing their encrypted values.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.listEnvironmentSecrets({
  repository_id,
  environment_name,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment. The name must be URL encoded. For example, any slashes in the name must be replaced with %2F.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List environment variables

Lists all environment variables.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.listEnvironmentVariables({
  repository_id,
  environment_name,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment. The name must be URL encoded. For example, any slashes in the name must be replaced with %2F.

per_pageno

The number of results per page (max 30). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List jobs for a workflow run

Lists jobs for a workflow run. You can use parameters to narrow the list of results. For more information about using parameters, see Parameters.

Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.listJobsForWorkflowRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

filterno

Filters jobs by their completed_at timestamp. latest returns jobs from the most recent execution of the workflow run. all returns all jobs for a workflow run, including from old executions of the workflow run.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List jobs for a workflow run attempt

Lists jobs for a specific workflow run attempt. You can use parameters to narrow the list of results. For more information about using parameters, see Parameters.

Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.listJobsForWorkflowRunAttempt({
  owner,
  repo,
  run_id,
  attempt_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

attempt_numberyes

The attempt number of the workflow run.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List labels for a self-hosted runner for an organization

Lists all labels for a self-hosted runner configured in an organization.

Authenticated users must have admin access to the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.listLabelsForSelfHostedRunnerForOrg({
  org,
  runner_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

List labels for a self-hosted runner for a repository

Lists all labels for a self-hosted runner configured in a repository.

Authenticated users must have admin access to the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.listLabelsForSelfHostedRunnerForRepo({
  owner,
  repo,
  runner_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

List organization secrets

Lists all secrets available in an organization without revealing their encrypted values.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.listOrgSecrets({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List organization variables

Lists all organization variables.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.listOrgVariables({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 30). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repository organization secrets

Lists all organization secrets shared with a repository without revealing their encrypted values.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.listRepoOrganizationSecrets({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repository organization variables

Lists all organization variables shared with a repository.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.listRepoOrganizationVariables({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 30). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repository secrets

Lists all secrets available in a repository without revealing their encrypted values.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.listRepoSecrets({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repository variables

Lists all repository variables.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.listRepoVariables({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 30). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repository workflows

Lists the workflows in a repository.

Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.listRepoWorkflows({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List runner applications for an organization

Lists binaries for the runner application that you can download and run.

Authenticated users must have admin access to the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.listRunnerApplicationsForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List runner applications for a repository

Lists binaries for the runner application that you can download and run.

Authenticated users must have admin access to the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.listRunnerApplicationsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List selected repositories for an organization secret

Lists all repositories that have been selected when the visibility for repository access to a secret is set to selected.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.listSelectedReposForOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List selected repositories for an organization variable

Lists all repositories that can access an organization variable that is available to selected repositories.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.listSelectedReposForOrgVariable({
  org,
  name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameyes

The name of the variable.

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List selected repositories enabled for GitHub Actions in an organization

Lists the selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for enabled_repositories must be configured to selected. For more information, see "Set GitHub Actions permissions for an organization."

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.actions.listSelectedRepositoriesEnabledGithubActionsOrganization({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List self-hosted runners for an organization

Lists all self-hosted runners configured in an organization.

Authenticated users must have admin access to the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.listSelfHostedRunnersForOrg({
  org,
});

Parameters

namerequireddescription
nameno

The name of a self-hosted runner.

orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List self-hosted runners for a repository

Lists all self-hosted runners configured in a repository.

Authenticated users must have admin access to the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.listSelfHostedRunnersForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
nameno

The name of a self-hosted runner.

owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List workflow run artifacts

Lists artifacts for a workflow run.

Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.listWorkflowRunArtifacts({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

nameno

The name field of an artifact. When specified, only artifacts with this name will be returned.

See also: GitHub Developer Guide documentation.

List workflow runs for a workflow

List all workflow runs for a workflow. You can replace workflow_id with the workflow file name. For example, you could use main.yaml. You can use parameters to narrow the list of results. For more information about using parameters, see Parameters.

Anyone with read access to the repository can use this endpoint

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.listWorkflowRuns({
  owner,
  repo,
  workflow_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

workflow_idyes

The ID of the workflow. You can also pass the workflow file name as a string.

actorno

Returns someone's workflow runs. Use the login for the user who created the push associated with the check suite or workflow run.

branchno

Returns workflow runs associated with a branch. Use the name of the branch of the push.

eventno

Returns workflow run triggered by the event you specify. For example, push, pull_request or issue. For more information, see "Events that trigger workflows."

statusno

Returns workflow runs with the check run status or conclusion that you specify. For example, a conclusion can be success or a status can be in_progress. Only GitHub can set a status of waiting or requested.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

createdno

Returns workflow runs created within the given date-time range. For more information on the syntax, see "Understanding the search syntax."

exclude_pull_requestsno

If true pull requests are omitted from the response (empty array).

check_suite_idno

Returns workflow runs with the check_suite_id that you specify.

head_shano

Only returns workflow runs that are associated with the specified head_sha.

See also: GitHub Developer Guide documentation.

List workflow runs for a repository

Lists all workflow runs for a repository. You can use parameters to narrow the list of results. For more information about using parameters, see Parameters.

Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.listWorkflowRunsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

actorno

Returns someone's workflow runs. Use the login for the user who created the push associated with the check suite or workflow run.

branchno

Returns workflow runs associated with a branch. Use the name of the branch of the push.

eventno

Returns workflow run triggered by the event you specify. For example, push, pull_request or issue. For more information, see "Events that trigger workflows."

statusno

Returns workflow runs with the check run status or conclusion that you specify. For example, a conclusion can be success or a status can be in_progress. Only GitHub can set a status of waiting or requested.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

createdno

Returns workflow runs created within the given date-time range. For more information on the syntax, see "Understanding the search syntax."

exclude_pull_requestsno

If true pull requests are omitted from the response (empty array).

check_suite_idno

Returns workflow runs with the check_suite_id that you specify.

head_shano

Only returns workflow runs that are associated with the specified head_sha.

See also: GitHub Developer Guide documentation.

Re-run a job from a workflow run

Re-run a job and its dependent jobs in a workflow run.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.reRunJobForWorkflowRun({
  owner,
  repo,
  job_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

job_idyes

The unique identifier of the job.

enable_debug_loggingno

Whether to enable debug logging for the re-run.

See also: GitHub Developer Guide documentation.

Re-run a workflow

Re-runs your workflow run using its id.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.reRunWorkflow({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

enable_debug_loggingno

Whether to enable debug logging for the re-run.

See also: GitHub Developer Guide documentation.

Re-run failed jobs from a workflow run

Re-run all of the failed jobs and their dependent jobs in a workflow run using the id of the workflow run.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.reRunWorkflowFailedJobs({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

enable_debug_loggingno

Whether to enable debug logging for the re-run.

See also: GitHub Developer Guide documentation.

Remove all custom labels from a self-hosted runner for an organization

Remove all custom labels from a self-hosted runner configured in an organization. Returns the remaining read-only labels from the runner.

Authenticated users must have admin access to the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.removeAllCustomLabelsFromSelfHostedRunnerForOrg({
  org,
  runner_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Remove all custom labels from a self-hosted runner for a repository

Remove all custom labels from a self-hosted runner configured in a repository. Returns the remaining read-only labels from the runner.

Authenticated users must have admin access to the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.removeAllCustomLabelsFromSelfHostedRunnerForRepo({
  owner,
  repo,
  runner_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Remove a custom label from a self-hosted runner for an organization

Remove a custom label from a self-hosted runner configured in an organization. Returns the remaining labels from the runner.

This endpoint returns a 404 Not Found status if the custom label is not present on the runner.

Authenticated users must have admin access to the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.removeCustomLabelFromSelfHostedRunnerForOrg({
  org,
  runner_id,
  name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

nameyes

The name of a self-hosted runner's custom label.

See also: GitHub Developer Guide documentation.

Remove a custom label from a self-hosted runner for a repository

Remove a custom label from a self-hosted runner configured in a repository. Returns the remaining labels from the runner.

This endpoint returns a 404 Not Found status if the custom label is not present on the runner.

Authenticated users must have admin access to the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.removeCustomLabelFromSelfHostedRunnerForRepo({
  owner,
  repo,
  runner_id,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

nameyes

The name of a self-hosted runner's custom label.

See also: GitHub Developer Guide documentation.

Remove selected repository from an organization secret

Removes a repository from an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.removeSelectedRepoFromOrgSecret({
  org,
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

Remove selected repository from an organization variable

Removes a repository from an organization variable that is available to selected repositories. Organization variables that are available to selected repositories have their visibility field set to selected.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.removeSelectedRepoFromOrgVariable({
  org,
  name,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameyes

The name of the variable.

repository_idyes

See also: GitHub Developer Guide documentation.

Review custom deployment protection rules for a workflow run

Approve or reject custom deployment protection rules provided by a GitHub App for a workflow run. For more information, see "Using environments for deployment."

Note: GitHub Apps can only review their own custom deployment protection rules. To approve or reject pending deployments that are waiting for review from a specific person or team, see POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

octokit.rest.actions.reviewCustomGatesForRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Review pending deployments for a workflow run

Approve or reject pending deployments that are waiting on approval by a required reviewer.

Required reviewers with read access to the repository contents and deployments can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.reviewPendingDeploymentsForRun({
  owner,
  repo,
  run_id,
  environment_ids,
  state,
  comment,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

environment_idsyes

The list of environment ids to approve or reject

stateyes

Whether to approve or reject deployment to the specified environments.

commentyes

A comment to accompany the deployment review

See also: GitHub Developer Guide documentation.

Set allowed actions and reusable workflows for an organization

Sets the actions and reusable workflows that are allowed in an organization. To use this endpoint, the organization permission policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for an organization."

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.actions.setAllowedActionsOrganization({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

github_owned_allowedno

Whether GitHub-owned actions are allowed. For example, this includes the actions in the actions organization.

verified_allowedno

Whether actions from GitHub Marketplace verified creators are allowed. Set to true to allow all actions by GitHub Marketplace verified creators.

patterns_allowedno

Specifies a list of string-matching patterns to allow specific action(s) and reusable workflow(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*.

Note: The patterns_allowed setting only applies to public repositories.

See also: GitHub Developer Guide documentation.

Set allowed actions and reusable workflows for a repository

Sets the actions and reusable workflows that are allowed in a repository. To use this endpoint, the repository permission policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for a repository."

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.setAllowedActionsRepository({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

github_owned_allowedno

Whether GitHub-owned actions are allowed. For example, this includes the actions in the actions organization.

verified_allowedno

Whether actions from GitHub Marketplace verified creators are allowed. Set to true to allow all actions by GitHub Marketplace verified creators.

patterns_allowedno

Specifies a list of string-matching patterns to allow specific action(s) and reusable workflow(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*.

Note: The patterns_allowed setting only applies to public repositories.

See also: GitHub Developer Guide documentation.

Set custom labels for a self-hosted runner for an organization

Remove all previous custom labels and set the new custom labels for a specific self-hosted runner configured in an organization.

Authenticated users must have admin access to the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.setCustomLabelsForSelfHostedRunnerForOrg({
  org,
  runner_id,
  labels,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

labelsyes

The names of the custom labels to set for the runner. You can pass an empty array to remove all custom labels.

See also: GitHub Developer Guide documentation.

Set custom labels for a self-hosted runner for a repository

Remove all previous custom labels and set the new custom labels for a specific self-hosted runner configured in a repository.

Authenticated users must have admin access to the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.setCustomLabelsForSelfHostedRunnerForRepo({
  owner,
  repo,
  runner_id,
  labels,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

labelsyes

The names of the custom labels to set for the runner. You can pass an empty array to remove all custom labels.

See also: GitHub Developer Guide documentation.

Set the customization template for an OIDC subject claim for a repository

Sets the customization template and opt-in or opt-out flag for an OpenID Connect (OIDC) subject claim for a repository. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

octokit.rest.actions.setCustomOidcSubClaimForRepo({
  owner,
  repo,
  use_default,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

use_defaultyes

Whether to use the default template or not. If true, the include_claim_keys field is ignored.

include_claim_keysno

Array of unique strings. Each claim key can only contain alphanumeric characters and underscores.

See also: GitHub Developer Guide documentation.

Set default workflow permissions for an organization

Sets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in an organization, and sets if GitHub Actions can submit approving pull request reviews. For more information, see "Setting the permissions of the GITHUB_TOKEN for your organization."

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.actions.setGithubActionsDefaultWorkflowPermissionsOrganization({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

default_workflow_permissionsno

The default workflow permissions granted to the GITHUB_TOKEN when running workflows.

can_approve_pull_request_reviewsno

Whether GitHub Actions can approve pull requests. Enabling this can be a security risk.

See also: GitHub Developer Guide documentation.

Set default workflow permissions for a repository

Sets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in a repository, and sets if GitHub Actions can submit approving pull request reviews. For more information, see "Setting the permissions of the GITHUB_TOKEN for your repository."

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.setGithubActionsDefaultWorkflowPermissionsRepository({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

default_workflow_permissionsno

The default workflow permissions granted to the GITHUB_TOKEN when running workflows.

can_approve_pull_request_reviewsno

Whether GitHub Actions can approve pull requests. Enabling this can be a security risk.

See also: GitHub Developer Guide documentation.

Set GitHub Actions permissions for an organization

Sets the GitHub Actions permissions policy for repositories and allowed actions and reusable workflows in an organization.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.actions.setGithubActionsPermissionsOrganization({
  org,
  enabled_repositories,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

enabled_repositoriesyes

The policy that controls the repositories in the organization that are allowed to run GitHub Actions.

allowed_actionsno

The permissions policy that controls the actions and reusable workflows that are allowed to run.

See also: GitHub Developer Guide documentation.

Set GitHub Actions permissions for a repository

Sets the GitHub Actions permissions policy for enabling GitHub Actions and allowed actions and reusable workflows in the repository.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.setGithubActionsPermissionsRepository({
  owner,
  repo,
  enabled,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

enabledyes

Whether GitHub Actions is enabled on the repository.

allowed_actionsno

The permissions policy that controls the actions and reusable workflows that are allowed to run.

See also: GitHub Developer Guide documentation.

Set selected repositories for an organization secret

Replaces all repositories for an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret.

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.setSelectedReposForOrgSecret({
  org,
  secret_name,
  selected_repository_ids,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

selected_repository_idsyes

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can add and remove individual repositories using the Add selected repository to an organization secret and Remove selected repository from an organization secret endpoints.

See also: GitHub Developer Guide documentation.

Set selected repositories for an organization variable

Replaces all repositories for an organization variable that is available to selected repositories. Organization variables that are available to selected repositories have their visibility field set to selected.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.setSelectedReposForOrgVariable({
  org,
  name,
  selected_repository_ids,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameyes

The name of the variable.

selected_repository_idsyes

The IDs of the repositories that can access the organization variable.

See also: GitHub Developer Guide documentation.

Set selected repositories enabled for GitHub Actions in an organization

Replaces the list of selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for enabled_repositories must be configured to selected. For more information, see "Set GitHub Actions permissions for an organization."

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.actions.setSelectedRepositoriesEnabledGithubActionsOrganization({
  org,
  selected_repository_ids,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

selected_repository_idsyes

List of repository IDs to enable for GitHub Actions.

See also: GitHub Developer Guide documentation.

Set the level of access for workflows outside of the repository

Sets the level of access that workflows outside of the repository have to actions and reusable workflows in the repository. This endpoint only applies to private repositories. For more information, see "Allowing access to components in a private repository".

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.setWorkflowAccessToRepository({
  owner,
  repo,
  access_level,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

access_levelyes

Defines the level of access that workflows outside of the repository have to actions and reusable workflows within the repository.

none means the access is only possible from workflows in this repository. user level access allows sharing across user owned private repositories only. organization level access allows sharing across the organization.

See also: GitHub Developer Guide documentation.

Update an environment variable

Updates an environment variable that you can reference in a GitHub Actions workflow.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.updateEnvironmentVariable({
  repository_id,
  environment_name,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

nameno

The name of the variable.

environment_nameyes

The name of the environment. The name must be URL encoded. For example, any slashes in the name must be replaced with %2F.

valueno

The value of the variable.

See also: GitHub Developer Guide documentation.

Update an organization variable

Updates an organization variable that you can reference in a GitHub Actions workflow.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

octokit.rest.actions.updateOrgVariable({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameno

The name of the variable.

valueno

The value of the variable.

visibilityno

The type of repositories in the organization that can access the variable. selected means only the repositories specified by selected_repository_ids can access the variable.

selected_repository_idsno

An array of repository ids that can access the organization variable. You can only provide a list of repository ids when the visibility is set to selected.

See also: GitHub Developer Guide documentation.

Update a repository variable

Updates a repository variable that you can reference in a GitHub Actions workflow.

Authenticated users must have collaborator access to a repository to create, update, or read variables.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.actions.updateRepoVariable({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

nameno

The name of the variable.

valueno

The value of the variable.

See also: GitHub Developer Guide documentation.

Activity

Check if a repository is starred by the authenticated user

Whether the authenticated user has starred the repository.

octokit.rest.activity.checkRepoIsStarredByAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Delete a repository subscription

This endpoint should only be used to stop watching a repository. To control whether or not you wish to receive notifications from a repository, set the repository's subscription manually.

octokit.rest.activity.deleteRepoSubscription({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Delete a thread subscription

Mutes all future notifications for a conversation until you comment on the thread or get an @mention. If you are watching the repository of the thread, you will still receive notifications. To ignore future notifications for a repository you are watching, use the Set a thread subscription endpoint and set ignore to true.

octokit.rest.activity.deleteThreadSubscription({
  thread_id,
});

Parameters

namerequireddescription
thread_idyes

The unique identifier of the notification thread. This corresponds to the value returned in the id field when you retrieve notifications (for example with the GET /notifications operation).

See also: GitHub Developer Guide documentation.

Get feeds

GitHub provides several timeline resources in Atom format. The Feeds API lists all the feeds available to the authenticated user:

  • Timeline: The GitHub global public timeline
  • User: The public timeline for any user, using uri_template. For more information, see "Hypermedia."
  • Current user public: The public timeline for the authenticated user
  • Current user: The private timeline for the authenticated user
  • Current user actor: The private timeline for activity created by the authenticated user
  • Current user organizations: The private timeline for the organizations the authenticated user is a member of.
  • Security advisories: A collection of public announcements that provide information about security-related vulnerabilities in software on GitHub.

Note: Private feeds are only returned when authenticating via Basic Auth since current feed URIs use the older, non revocable auth tokens.

octokit.rest.activity.getFeeds();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get a repository subscription

Gets information about whether the authenticated user is subscribed to the repository.

octokit.rest.activity.getRepoSubscription({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a thread

Gets information about a notification thread.

octokit.rest.activity.getThread({
  thread_id,
});

Parameters

namerequireddescription
thread_idyes

The unique identifier of the notification thread. This corresponds to the value returned in the id field when you retrieve notifications (for example with the GET /notifications operation).

See also: GitHub Developer Guide documentation.

Get a thread subscription for the authenticated user

This checks to see if the current user is subscribed to a thread. You can also get a repository subscription.

Note that subscriptions are only generated if a user is participating in a conversation--for example, they've replied to the thread, were @mentioned, or manually subscribe to a thread.

octokit.rest.activity.getThreadSubscriptionForAuthenticatedUser({
  thread_id,
});

Parameters

namerequireddescription
thread_idyes

The unique identifier of the notification thread. This corresponds to the value returned in the id field when you retrieve notifications (for example with the GET /notifications operation).

See also: GitHub Developer Guide documentation.

List events for the authenticated user

If you are authenticated as the given user, you will see your private events. Otherwise, you'll only see public events.

octokit.rest.activity.listEventsForAuthenticatedUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List notifications for the authenticated user

List all notifications for the current user, sorted by most recently updated.

octokit.rest.activity.listNotificationsForAuthenticatedUser();

Parameters

namerequireddescription
allno

If true, show notifications marked as read.

participatingno

If true, only shows notifications in which the user is directly participating or mentioned.

sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

beforeno

Only show notifications updated before the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

per_pageno

The number of results per page (max 50). For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List organization events for the authenticated user

This is the user's organization dashboard. You must be authenticated as the user to view this.

octokit.rest.activity.listOrgEventsForAuthenticatedUser({
  username,
  org,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List public events

We delay the public events feed by five minutes, which means the most recent event returned by the public events API actually occurred at least five minutes ago.

octokit.rest.activity.listPublicEvents();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List public events for a network of repositories

octokit.rest.activity.listPublicEventsForRepoNetwork({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List public events for a user

octokit.rest.activity.listPublicEventsForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List public organization events

octokit.rest.activity.listPublicOrgEvents({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List events received by the authenticated user

These are events that you've received by watching repositories and following users. If you are authenticated as the given user, you will see private events. Otherwise, you'll only see public events.

octokit.rest.activity.listReceivedEventsForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List public events received by a user

octokit.rest.activity.listReceivedPublicEventsForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repository events

Note: This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.

octokit.rest.activity.listRepoEvents({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repository notifications for the authenticated user

Lists all notifications for the current user in the specified repository.

octokit.rest.activity.listRepoNotificationsForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

allno

If true, show notifications marked as read.

participatingno

If true, only shows notifications in which the user is directly participating or mentioned.

sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

beforeno

Only show notifications updated before the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repositories starred by the authenticated user

Lists repositories the authenticated user has starred.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.star+json: Includes a timestamp of when the star was created.
octokit.rest.activity.listReposStarredByAuthenticatedUser();

Parameters

namerequireddescription
sortno

The property to sort the results by. created means when the repository was starred. updated means when the repository was last pushed to.

directionno

The direction to sort the results by.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repositories starred by a user

Lists repositories a user has starred.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.star+json: Includes a timestamp of when the star was created.
octokit.rest.activity.listReposStarredByUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

sortno

The property to sort the results by. created means when the repository was starred. updated means when the repository was last pushed to.

directionno

The direction to sort the results by.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repositories watched by a user

Lists repositories a user is watching.

octokit.rest.activity.listReposWatchedByUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List stargazers

Lists the people that have starred the repository.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.star+json: Includes a timestamp of when the star was created.
octokit.rest.activity.listStargazersForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repositories watched by the authenticated user

Lists repositories the authenticated user is watching.

octokit.rest.activity.listWatchedReposForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List watchers

Lists the people watching the specified repository.

octokit.rest.activity.listWatchersForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

Mark notifications as read

Marks all notifications as "read" for the current user. If the number of notifications is too large to complete in one request, you will receive a 202 Accepted status and GitHub will run an asynchronous process to mark notifications as "read." To check whether any "unread" notifications remain, you can use the List notifications for the authenticated user endpoint and pass the query parameter all=false.

octokit.rest.activity.markNotificationsAsRead();

Parameters

namerequireddescription
last_read_atno

Describes the last point that notifications were checked. Anything updated since this time will not be marked as read. If you omit this parameter, all notifications are marked as read. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. Default: The current timestamp.

readno

Whether the notification has been read.

See also: GitHub Developer Guide documentation.

Mark repository notifications as read

Marks all notifications in a repository as "read" for the current user. If the number of notifications is too large to complete in one request, you will receive a 202 Accepted status and GitHub will run an asynchronous process to mark notifications as "read." To check whether any "unread" notifications remain, you can use the List repository notifications for the authenticated user endpoint and pass the query parameter all=false.

octokit.rest.activity.markRepoNotificationsAsRead({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

last_read_atno

Describes the last point that notifications were checked. Anything updated since this time will not be marked as read. If you omit this parameter, all notifications are marked as read. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. Default: The current timestamp.

See also: GitHub Developer Guide documentation.

Mark a thread as done

Marks a thread as "done." Marking a thread as "done" is equivalent to marking a notification in your notification inbox on GitHub as done: https://github.com/notifications.

octokit.rest.activity.markThreadAsDone({
  thread_id,
});

Parameters

namerequireddescription
thread_idyes

The unique identifier of the notification thread. This corresponds to the value returned in the id field when you retrieve notifications (for example with the GET /notifications operation).

See also: GitHub Developer Guide documentation.

Mark a thread as read

Marks a thread as "read." Marking a thread as "read" is equivalent to clicking a notification in your notification inbox on GitHub: https://github.com/notifications.

octokit.rest.activity.markThreadAsRead({
  thread_id,
});

Parameters

namerequireddescription
thread_idyes

The unique identifier of the notification thread. This corresponds to the value returned in the id field when you retrieve notifications (for example with the GET /notifications operation).

See also: GitHub Developer Guide documentation.

Set a repository subscription

If you would like to watch a repository, set subscribed to true. If you would like to ignore notifications made within a repository, set ignored to true. If you would like to stop watching a repository, delete the repository's subscription completely.

octokit.rest.activity.setRepoSubscription({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

subscribedno

Determines if notifications should be received from this repository.

ignoredno

Determines if all notifications should be blocked from this repository.

See also: GitHub Developer Guide documentation.

Set a thread subscription

If you are watching a repository, you receive notifications for all threads by default. Use this endpoint to ignore future notifications for threads until you comment on the thread or get an @mention.

You can also use this endpoint to subscribe to threads that you are currently not receiving notifications for or to subscribed to threads that you have previously ignored.

Unsubscribing from a conversation in a repository that you are not watching is functionally equivalent to the Delete a thread subscription endpoint.

octokit.rest.activity.setThreadSubscription({
  thread_id,
});

Parameters

namerequireddescription
thread_idyes

The unique identifier of the notification thread. This corresponds to the value returned in the id field when you retrieve notifications (for example with the GET /notifications operation).

ignoredno

Whether to block all notifications from a thread.

See also: GitHub Developer Guide documentation.

Star a repository for the authenticated user

Note that you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP method."

octokit.rest.activity.starRepoForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Unstar a repository for the authenticated user

Unstar a repository that the authenticated user has previously starred.

octokit.rest.activity.unstarRepoForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Apps

Add a repository to an app installation

Deprecated: This method has been renamed to apps.addRepoToInstallationForAuthenticatedUser

Add a single repository to an installation. The authenticated user must have admin access to the repository.

octokit.rest.apps.addRepoToInstallation({
  installation_id,
  repository_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

repository_idyes

The unique identifier of the repository.

See also: GitHub Developer Guide documentation.

Add a repository to an app installation

Add a single repository to an installation. The authenticated user must have admin access to the repository.

octokit.rest.apps.addRepoToInstallationForAuthenticatedUser({
  installation_id,
  repository_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

repository_idyes

The unique identifier of the repository.

See also: GitHub Developer Guide documentation.

Check a token

OAuth applications and GitHub applications with OAuth authorizations can use this API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use Basic Authentication to use this endpoint, where the username is the application client_id and the password is its client_secret. Invalid tokens will return 404 NOT FOUND.

octokit.rest.apps.checkToken({
  client_id,
  access_token,
});

Parameters

namerequireddescription
client_idyes

The client ID of the GitHub app.

access_tokenyes

The access_token of the OAuth or GitHub application.

See also: GitHub Developer Guide documentation.

Create a GitHub App from a manifest

Use this endpoint to complete the handshake necessary when implementing the GitHub App Manifest flow. When you create a GitHub App with the manifest flow, you receive a temporary code used to retrieve the GitHub App's id, pem (private key), and webhook_secret.

octokit.rest.apps.createFromManifest({
  code,
});

Parameters

namerequireddescription
codeyes

See also: GitHub Developer Guide documentation.

Create an installation access token for an app

Creates an installation access token that enables a GitHub App to make authenticated API requests for the app's installation on an organization or individual account. Installation tokens expire one hour from the time you create them. Using an expired token produces a status code of 401 - Unauthorized, and requires creating a new installation token. By default the installation token has access to all repositories that the installation can access.

Optionally, you can use the repositories or repository_ids body parameters to specify individual repositories that the installation access token can access. If you don't use repositories or repository_ids to grant access to specific repositories, the installation access token will have access to all repositories that the installation was granted access to. The installation access token cannot be granted access to repositories that the installation was not granted access to. Up to 500 repositories can be listed in this manner.

Optionally, use the permissions body parameter to specify the permissions that the installation access token should have. If permissions is not specified, the installation access token will have all of the permissions that were granted to the app. The installation access token cannot be granted permissions that the app was not granted.

When using the repository or permission parameters to reduce the access of the token, the complexity of the token is increased due to both the number of permissions in the request and the number of repositories the token will have access to. If the complexity is too large, the token will fail to be issued. If this occurs, the error message will indicate the maximum number of repositories that should be requested. For the average application requesting 8 permissions, this limit is around 5000 repositories. With fewer permissions requested, more repositories are supported.

You must use a JWT to access this endpoint.

octokit.rest.apps.createInstallationAccessToken({
  installation_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

repositoriesno

List of repository names that the token should have access to

repository_idsno

List of repository IDs that the token should have access to

permissionsno

The permissions granted to the user access token.

permissions.actionsno

The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts.

permissions.administrationno

The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation.

permissions.checksno

The level of permission to grant the access token for checks on code.

permissions.codespacesno

The level of permission to grant the access token to create, edit, delete, and list Codespaces.

permissions.contentsno

The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges.

permissions.dependabot_secretsno

The leve of permission to grant the access token to manage Dependabot secrets.

permissions.deploymentsno

The level of permission to grant the access token for deployments and deployment statuses.

permissions.environmentsno

The level of permission to grant the access token for managing repository environments.

permissions.issuesno

The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones.

permissions.metadatano

The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata.

permissions.packagesno

The level of permission to grant the access token for packages published to GitHub Packages.

permissions.pagesno

The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds.

permissions.pull_requestsno

The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges.

permissions.repository_custom_propertiesno

The level of permission to grant the access token to view and edit custom properties for a repository, when allowed by the property.

permissions.repository_hooksno

The level of permission to grant the access token to manage the post-receive hooks for a repository.

permissions.repository_projectsno

The level of permission to grant the access token to manage repository projects, columns, and cards.

permissions.secret_scanning_alertsno

The level of permission to grant the access token to view and manage secret scanning alerts.

permissions.secretsno

The level of permission to grant the access token to manage repository secrets.

permissions.security_eventsno

The level of permission to grant the access token to view and manage security events like code scanning alerts.

permissions.single_fileno

The level of permission to grant the access token to manage just a single file.

permissions.statusesno

The level of permission to grant the access token for commit statuses.

permissions.vulnerability_alertsno

The level of permission to grant the access token to manage Dependabot alerts.

permissions.workflowsno

The level of permission to grant the access token to update GitHub Actions workflow files.

permissions.membersno

The level of permission to grant the access token for organization teams and members.

permissions.organization_administrationno

The level of permission to grant the access token to manage access to an organization.

permissions.organization_custom_rolesno

The level of permission to grant the access token for custom repository roles management.

permissions.organization_custom_org_rolesno

The level of permission to grant the access token for custom organization roles management.

permissions.organization_custom_propertiesno

The level of permission to grant the access token for custom property management.

permissions.organization_copilot_seat_managementno

The level of permission to grant the access token for managing access to GitHub Copilot for members of an organization with a Copilot Business subscription. This property is in beta and is subject to change.

permissions.organization_announcement_bannersno

The level of permission to grant the access token to view and manage announcement banners for an organization.

permissions.organization_eventsno

The level of permission to grant the access token to view events triggered by an activity in an organization.

permissions.organization_hooksno

The level of permission to grant the access token to manage the post-receive hooks for an organization.

permissions.organization_personal_access_tokensno

The level of permission to grant the access token for viewing and managing fine-grained personal access token requests to an organization.

permissions.organization_personal_access_token_requestsno

The level of permission to grant the access token for viewing and managing fine-grained personal access tokens that have been approved by an organization.

permissions.organization_planno

The level of permission to grant the access token for viewing an organization's plan.

permissions.organization_projectsno

The level of permission to grant the access token to manage organization projects and projects beta (where available).

permissions.organization_packagesno

The level of permission to grant the access token for organization packages published to GitHub Packages.

permissions.organization_secretsno

The level of permission to grant the access token to manage organization secrets.

permissions.organization_self_hosted_runnersno

The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization.

permissions.organization_user_blockingno

The level of permission to grant the access token to view and manage users blocked by the organization.

permissions.team_discussionsno

The level of permission to grant the access token to manage team discussions and related comments.

permissions.email_addressesno

The level of permission to grant the access token to manage the email addresses belonging to a user.

permissions.followersno

The level of permission to grant the access token to manage the followers belonging to a user.

permissions.git_ssh_keysno

The level of permission to grant the access token to manage git SSH keys.

permissions.gpg_keysno

The level of permission to grant the access token to view and manage GPG keys belonging to a user.

permissions.interaction_limitsno

The level of permission to grant the access token to view and manage interaction limits on a repository.

permissions.profileno

The level of permission to grant the access token to manage the profile settings belonging to a user.

permissions.starringno

The level of permission to grant the access token to list and manage repositories a user is starring.

See also: GitHub Developer Guide documentation.

Delete an app authorization

OAuth and GitHub application owners can revoke a grant for their application and a specific user. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password. You must also provide a valid OAuth access_token as an input parameter and the grant for the token's owner will be deleted. Deleting an application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on the application authorizations settings screen within GitHub.

octokit.rest.apps.deleteAuthorization({
  client_id,
  access_token,
});

Parameters

namerequireddescription
client_idyes

The client ID of the GitHub app.

access_tokenyes

The OAuth access token used to authenticate to the GitHub API.

See also: GitHub Developer Guide documentation.

Delete an installation for the authenticated app

Uninstalls a GitHub App on a user, organization, or business account. If you prefer to temporarily suspend an app's access to your account's resources, then we recommend the "Suspend an app installation" endpoint.

You must use a JWT to access this endpoint.

octokit.rest.apps.deleteInstallation({
  installation_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

See also: GitHub Developer Guide documentation.

Delete an app token

OAuth or GitHub application owners can revoke a single token for an OAuth application or a GitHub application with an OAuth authorization. You must use Basic Authentication when accessing this endpoint, using the application's client_id and client_secret as the username and password.

octokit.rest.apps.deleteToken({
  client_id,
  access_token,
});

Parameters

namerequireddescription
client_idyes

The client ID of the GitHub app.

access_tokenyes

The OAuth access token used to authenticate to the GitHub API.

See also: GitHub Developer Guide documentation.

Get the authenticated app

Returns the GitHub App associated with the authentication credentials used. To see how many app installations are associated with this GitHub App, see the installations_count in the response. For more details about your app's installations, see the "List installations for the authenticated app" endpoint.

You must use a JWT to access this endpoint.

octokit.rest.apps.getAuthenticated();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get an app

Note: The :app_slug is just the URL-friendly name of your GitHub App. You can find this on the settings page for your GitHub App (e.g., https://github.com/settings/apps/:app_slug).

octokit.rest.apps.getBySlug({
  app_slug,
});

Parameters

namerequireddescription
app_slugyes

See also: GitHub Developer Guide documentation.

Get an installation for the authenticated app

Enables an authenticated GitHub App to find an installation's information using the installation id.

You must use a JWT to access this endpoint.

octokit.rest.apps.getInstallation({
  installation_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

See also: GitHub Developer Guide documentation.

Get an organization installation for the authenticated app

Enables an authenticated GitHub App to find the organization's installation information.

You must use a JWT to access this endpoint.

octokit.rest.apps.getOrgInstallation({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a repository installation for the authenticated app

Enables an authenticated GitHub App to find the repository's installation information. The installation's account type will be either an organization or a user account, depending which account the repository belongs to.

You must use a JWT to access this endpoint.

octokit.rest.apps.getRepoInstallation({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a subscription plan for an account

Shows whether the user or organization account actively subscribes to a plan listed by the authenticated GitHub App. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth apps must use basic authentication with their client ID and client secret to access this endpoint.

octokit.rest.apps.getSubscriptionPlanForAccount({
  account_id,
});

Parameters

namerequireddescription
account_idyes

account_id parameter

See also: GitHub Developer Guide documentation.

Get a subscription plan for an account (stubbed)

Shows whether the user or organization account actively subscribes to a plan listed by the authenticated GitHub App. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth apps must use basic authentication with their client ID and client secret to access this endpoint.

octokit.rest.apps.getSubscriptionPlanForAccountStubbed({
  account_id,
});

Parameters

namerequireddescription
account_idyes

account_id parameter

See also: GitHub Developer Guide documentation.

Get a user installation for the authenticated app

Enables an authenticated GitHub App to find the user’s installation information.

You must use a JWT to access this endpoint.

octokit.rest.apps.getUserInstallation({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get a webhook configuration for an app

Returns the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see "Creating a GitHub App."

You must use a JWT to access this endpoint.

octokit.rest.apps.getWebhookConfigForApp();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get a delivery for an app webhook

Returns a delivery for the webhook configured for a GitHub App.

You must use a JWT to access this endpoint.

octokit.rest.apps.getWebhookDelivery({
  delivery_id,
});

Parameters

namerequireddescription
delivery_idyes

See also: GitHub Developer Guide documentation.

List accounts for a plan

Returns user and organization accounts associated with the specified plan, including free plans. For per-seat pricing, you see the list of accounts that have purchased the plan, including the number of seats purchased. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth apps must use basic authentication with their client ID and client secret to access this endpoint.

octokit.rest.apps.listAccountsForPlan({
  plan_id,
});

Parameters

namerequireddescription
plan_idyes

The unique identifier of the plan.

sortno

The property to sort the results by.

directionno

To return the oldest accounts first, set to asc. Ignored without the sort parameter.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List accounts for a plan (stubbed)

Returns repository and organization accounts associated with the specified plan, including free plans. For per-seat pricing, you see the list of accounts that have purchased the plan, including the number of seats purchased. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth apps must use basic authentication with their client ID and client secret to access this endpoint.

octokit.rest.apps.listAccountsForPlanStubbed({
  plan_id,
});

Parameters

namerequireddescription
plan_idyes

The unique identifier of the plan.

sortno

The property to sort the results by.

directionno

To return the oldest accounts first, set to asc. Ignored without the sort parameter.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repositories accessible to the user access token

List repositories that the authenticated user has explicit permission (:read, :write, or :admin) to access for an installation.

The authenticated user has explicit permission to access repositories they own, repositories where they are a collaborator, and repositories that they can access through an organization membership.

The access the user has to each repository is included in the hash under the permissions key.

octokit.rest.apps.listInstallationReposForAuthenticatedUser({
  installation_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List installation requests for the authenticated app

Lists all the pending installation requests for the authenticated GitHub App.

octokit.rest.apps.listInstallationRequestsForAuthenticatedApp();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List installations for the authenticated app

You must use a JWT to access this endpoint.

The permissions the installation has are included under the permissions key.

octokit.rest.apps.listInstallations();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

outdatedno

See also: GitHub Developer Guide documentation.

List app installations accessible to the user access token

Lists installations of your GitHub App that the authenticated user has explicit permission (:read, :write, or :admin) to access.

The authenticated user has explicit permission to access repositories they own, repositories where they are a collaborator, and repositories that they can access through an organization membership.

You can find the permissions for the installation under the permissions key.

octokit.rest.apps.listInstallationsForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List plans

Lists all plans that are part of your GitHub Marketplace listing.

GitHub Apps must use a JWT to access this endpoint. OAuth apps must use basic authentication with their client ID and client secret to access this endpoint.

octokit.rest.apps.listPlans();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List plans (stubbed)

Lists all plans that are part of your GitHub Marketplace listing.

GitHub Apps must use a JWT to access this endpoint. OAuth apps must use basic authentication with their client ID and client secret to access this endpoint.

octokit.rest.apps.listPlansStubbed();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repositories accessible to the app installation

List repositories that an app installation can access.

octokit.rest.apps.listReposAccessibleToInstallation();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List subscriptions for the authenticated user

Lists the active subscriptions for the authenticated user.

octokit.rest.apps.listSubscriptionsForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List subscriptions for the authenticated user (stubbed)

Lists the active subscriptions for the authenticated user.

octokit.rest.apps.listSubscriptionsForAuthenticatedUserStubbed();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List deliveries for an app webhook

Returns a list of webhook deliveries for the webhook configured for a GitHub App.

You must use a JWT to access this endpoint.

octokit.rest.apps.listWebhookDeliveries();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

cursorno

Used for pagination: the starting delivery from which the page of deliveries is fetched. Refer to the link header for the next and previous page cursors.

redeliveryno

See also: GitHub Developer Guide documentation.

Redeliver a delivery for an app webhook

Redeliver a delivery for the webhook configured for a GitHub App.

You must use a JWT to access this endpoint.

octokit.rest.apps.redeliverWebhookDelivery({
  delivery_id,
});

Parameters

namerequireddescription
delivery_idyes

See also: GitHub Developer Guide documentation.

Remove a repository from an app installation

Deprecated: This method has been renamed to apps.removeRepoFromInstallationForAuthenticatedUser

Remove a single repository from an installation. The authenticated user must have admin access to the repository. The installation must have the repository_selection of selected.

octokit.rest.apps.removeRepoFromInstallation({
  installation_id,
  repository_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

repository_idyes

The unique identifier of the repository.

See also: GitHub Developer Guide documentation.

Remove a repository from an app installation

Remove a single repository from an installation. The authenticated user must have admin access to the repository. The installation must have the repository_selection of selected.

octokit.rest.apps.removeRepoFromInstallationForAuthenticatedUser({
  installation_id,
  repository_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

repository_idyes

The unique identifier of the repository.

See also: GitHub Developer Guide documentation.

Reset a token

OAuth applications and GitHub applications with OAuth authorizations can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the "token" property in the response because changes take effect immediately. You must use Basic Authentication when accessing this endpoint, using the application's client_id and client_secret as the username and password. Invalid tokens will return 404 NOT FOUND.

octokit.rest.apps.resetToken({
  client_id,
  access_token,
});

Parameters

namerequireddescription
client_idyes

The client ID of the GitHub app.

access_tokenyes

The access_token of the OAuth or GitHub application.

See also: GitHub Developer Guide documentation.

Revoke an installation access token

Revokes the installation token you're using to authenticate as an installation and access this endpoint.

Once an installation token is revoked, the token is invalidated and cannot be used. Other endpoints that require the revoked installation token must have a new installation token to work. You can create a new token using the "Create an installation access token for an app" endpoint.

octokit.rest.apps.revokeInstallationAccessToken();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Create a scoped access token

Use a non-scoped user access token to create a repository-scoped and/or permission-scoped user access token. You can specify which repositories the token can access and which permissions are granted to the token.

Invalid tokens will return 404 NOT FOUND.

You must use Basic Authentication when accessing this endpoint, using the client_id and client_secret of the GitHub App as the username and password.

octokit.rest.apps.scopeToken({
  client_id,
  access_token,
});

Parameters

namerequireddescription
client_idyes

The client ID of the GitHub app.

access_tokenyes

The access token used to authenticate to the GitHub API.

targetno

The name of the user or organization to scope the user access token to. Required unless target_id is specified.

target_idno

The ID of the user or organization to scope the user access token to. Required unless target is specified.

repositoriesno

The list of repository names to scope the user access token to. repositories may not be specified if repository_ids is specified.

repository_idsno

The list of repository IDs to scope the user access token to. repository_ids may not be specified if repositories is specified.

permissionsno

The permissions granted to the user access token.

permissions.actionsno

The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts.

permissions.administrationno

The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation.

permissions.checksno

The level of permission to grant the access token for checks on code.

permissions.codespacesno

The level of permission to grant the access token to create, edit, delete, and list Codespaces.

permissions.contentsno

The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges.

permissions.dependabot_secretsno

The leve of permission to grant the access token to manage Dependabot secrets.

permissions.deploymentsno

The level of permission to grant the access token for deployments and deployment statuses.

permissions.environmentsno

The level of permission to grant the access token for managing repository environments.

permissions.issuesno

The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones.

permissions.metadatano

The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata.

permissions.packagesno

The level of permission to grant the access token for packages published to GitHub Packages.

permissions.pagesno

The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds.

permissions.pull_requestsno

The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges.

permissions.repository_custom_propertiesno

The level of permission to grant the access token to view and edit custom properties for a repository, when allowed by the property.

permissions.repository_hooksno

The level of permission to grant the access token to manage the post-receive hooks for a repository.

permissions.repository_projectsno

The level of permission to grant the access token to manage repository projects, columns, and cards.

permissions.secret_scanning_alertsno

The level of permission to grant the access token to view and manage secret scanning alerts.

permissions.secretsno

The level of permission to grant the access token to manage repository secrets.

permissions.security_eventsno

The level of permission to grant the access token to view and manage security events like code scanning alerts.

permissions.single_fileno

The level of permission to grant the access token to manage just a single file.

permissions.statusesno

The level of permission to grant the access token for commit statuses.

permissions.vulnerability_alertsno

The level of permission to grant the access token to manage Dependabot alerts.

permissions.workflowsno

The level of permission to grant the access token to update GitHub Actions workflow files.

permissions.membersno

The level of permission to grant the access token for organization teams and members.

permissions.organization_administrationno

The level of permission to grant the access token to manage access to an organization.

permissions.organization_custom_rolesno

The level of permission to grant the access token for custom repository roles management.

permissions.organization_custom_org_rolesno

The level of permission to grant the access token for custom organization roles management.

permissions.organization_custom_propertiesno

The level of permission to grant the access token for custom property management.

permissions.organization_copilot_seat_managementno

The level of permission to grant the access token for managing access to GitHub Copilot for members of an organization with a Copilot Business subscription. This property is in beta and is subject to change.

permissions.organization_announcement_bannersno

The level of permission to grant the access token to view and manage announcement banners for an organization.

permissions.organization_eventsno

The level of permission to grant the access token to view events triggered by an activity in an organization.

permissions.organization_hooksno

The level of permission to grant the access token to manage the post-receive hooks for an organization.

permissions.organization_personal_access_tokensno

The level of permission to grant the access token for viewing and managing fine-grained personal access token requests to an organization.

permissions.organization_personal_access_token_requestsno

The level of permission to grant the access token for viewing and managing fine-grained personal access tokens that have been approved by an organization.

permissions.organization_planno

The level of permission to grant the access token for viewing an organization's plan.

permissions.organization_projectsno

The level of permission to grant the access token to manage organization projects and projects beta (where available).

permissions.organization_packagesno

The level of permission to grant the access token for organization packages published to GitHub Packages.

permissions.organization_secretsno

The level of permission to grant the access token to manage organization secrets.

permissions.organization_self_hosted_runnersno

The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization.

permissions.organization_user_blockingno

The level of permission to grant the access token to view and manage users blocked by the organization.

permissions.team_discussionsno

The level of permission to grant the access token to manage team discussions and related comments.

permissions.email_addressesno

The level of permission to grant the access token to manage the email addresses belonging to a user.

permissions.followersno

The level of permission to grant the access token to manage the followers belonging to a user.

permissions.git_ssh_keysno

The level of permission to grant the access token to manage git SSH keys.

permissions.gpg_keysno

The level of permission to grant the access token to view and manage GPG keys belonging to a user.

permissions.interaction_limitsno

The level of permission to grant the access token to view and manage interaction limits on a repository.

permissions.profileno

The level of permission to grant the access token to manage the profile settings belonging to a user.

permissions.starringno

The level of permission to grant the access token to list and manage repositories a user is starring.

See also: GitHub Developer Guide documentation.

Suspend an app installation

Suspends a GitHub App on a user, organization, or business account, which blocks the app from accessing the account's resources. When a GitHub App is suspended, the app's access to the GitHub API or webhook events is blocked for that account.

You must use a JWT to access this endpoint.

octokit.rest.apps.suspendInstallation({
  installation_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

See also: GitHub Developer Guide documentation.

Unsuspend an app installation

Removes a GitHub App installation suspension.

You must use a JWT to access this endpoint.

octokit.rest.apps.unsuspendInstallation({
  installation_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

See also: GitHub Developer Guide documentation.

Update a webhook configuration for an app

Updates the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see "Creating a GitHub App."

You must use a JWT to access this endpoint.

octokit.rest.apps.updateWebhookConfigForApp();

Parameters

namerequireddescription
urlno

The URL to which the payloads will be delivered.

content_typeno

The media type used to serialize the payloads. Supported values include json and form. The default is form.

secretno

If provided, the secret will be used as the key to generate the HMAC hex digest value for delivery signature headers.

insecure_sslno

See also: GitHub Developer Guide documentation.

Billing

Get GitHub Actions billing for an organization

Gets the summary of the free and paid GitHub Actions minutes used.

Paid minutes only apply to workflows in private repositories that use GitHub-hosted runners. Minutes used is listed for each GitHub-hosted runner operating system. Any job re-runs are also included in the usage. The usage returned includes any minute multipliers for macOS and Windows runners, and is rounded up to the nearest whole minute. For more information, see "Managing billing for GitHub Actions".

OAuth app tokens and personal access tokens (classic) need the repo or admin:org scope to use this endpoint.

octokit.rest.billing.getGithubActionsBillingOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get GitHub Actions billing for a user

Gets the summary of the free and paid GitHub Actions minutes used.

Paid minutes only apply to workflows in private repositories that use GitHub-hosted runners. Minutes used is listed for each GitHub-hosted runner operating system. Any job re-runs are also included in the usage. The usage returned includes any minute multipliers for macOS and Windows runners, and is rounded up to the nearest whole minute. For more information, see "Managing billing for GitHub Actions".

OAuth app tokens and personal access tokens (classic) need the user scope to use this endpoint.

octokit.rest.billing.getGithubActionsBillingUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get GitHub Packages billing for an organization

Gets the free and paid storage used for GitHub Packages in gigabytes.

Paid minutes only apply to packages stored for private repositories. For more information, see "Managing billing for GitHub Packages."

OAuth app tokens and personal access tokens (classic) need the repo or admin:org scope to use this endpoint.

octokit.rest.billing.getGithubPackagesBillingOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get GitHub Packages billing for a user

Gets the free and paid storage used for GitHub Packages in gigabytes.

Paid minutes only apply to packages stored for private repositories. For more information, see "Managing billing for GitHub Packages."

OAuth app tokens and personal access tokens (classic) need the user scope to use this endpoint.

octokit.rest.billing.getGithubPackagesBillingUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get shared storage billing for an organization

Gets the estimated paid and estimated total storage used for GitHub Actions and GitHub Packages.

Paid minutes only apply to packages stored for private repositories. For more information, see "Managing billing for GitHub Packages."

OAuth app tokens and personal access tokens (classic) need the repo or admin:org scope to use this endpoint.

octokit.rest.billing.getSharedStorageBillingOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get shared storage billing for a user

Gets the estimated paid and estimated total storage used for GitHub Actions and GitHub Packages.

Paid minutes only apply to packages stored for private repositories. For more information, see "Managing billing for GitHub Packages."

OAuth app tokens and personal access tokens (classic) need the user scope to use this endpoint.

octokit.rest.billing.getSharedStorageBillingUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Checks

Create a check run

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array.

Creates a new check run for a specific commit in a repository. Your GitHub App must have the checks:write permission to create check runs.

In a check suite, GitHub limits the number of check runs with the same name to 1000. Once these check runs exceed 1000, GitHub will start to automatically delete older check runs.

octokit.rest.checks.create({
        owner,
repo,
name,
head_sha,
output.title,
output.summary,
output.annotations[].path,
output.annotations[].start_line,
output.annotations[].end_line,
output.annotations[].annotation_level,
output.annotations[].message,
output.images[].alt,
output.images[].image_url,
actions[].label,
actions[].description,
actions[].identifier
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

nameyes

The name of the check. For example, "code-coverage".

head_shayes

The SHA of the commit.

details_urlno

The URL of the integrator's site that has the full details of the check. If the integrator does not provide this, then the homepage of the GitHub app is used.

external_idno

A reference for the run on the integrator's system.

statusno

The current status.

started_atno

The time that the check run began. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

conclusionno

Required if you provide completed_at or a status of completed. The final conclusion of the check. Note: Providing conclusion will automatically set the status parameter to completed. You cannot change a check run conclusion to stale, only GitHub can set this.

completed_atno

The time the check completed. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

outputno

Check runs can accept a variety of data in the output object, including a title and summary and can optionally provide descriptive details about the run.

output.titleyes

The title of the check run.

output.summaryyes

The summary of the check run. This parameter supports Markdown. Maximum length: 65535 characters.

output.textno

The details of the check run. This parameter supports Markdown. Maximum length: 65535 characters.

output.annotationsno

Adds information from your analysis to specific lines of code. Annotations are visible on GitHub in the Checks and Files changed tab of the pull request. The Checks API limits the number of annotations to a maximum of 50 per API request. To create more than 50 annotations, you have to make multiple requests to the Update a check run endpoint. Each time you update the check run, annotations are appended to the list of annotations that already exist for the check run. GitHub Actions are limited to 10 warning annotations and 10 error annotations per step. For details about how you can view annotations on GitHub, see "About status checks".

output.annotations[].pathyes

The path of the file to add an annotation to. For example, assets/css/main.css.

output.annotations[].start_lineyes

The start line of the annotation. Line numbers start at 1.

output.annotations[].end_lineyes

The end line of the annotation.

output.annotations[].start_columnno

The start column of the annotation. Annotations only support start_column and end_column on the same line. Omit this parameter if start_line and end_line have different values. Column numbers start at 1.

output.annotations[].end_columnno

The end column of the annotation. Annotations only support start_column and end_column on the same line. Omit this parameter if start_line and end_line have different values.

output.annotations[].annotation_levelyes

The level of the annotation.

output.annotations[].messageyes

A short description of the feedback for these lines of code. The maximum size is 64 KB.

output.annotations[].titleno

The title that represents the annotation. The maximum size is 255 characters.

output.annotations[].raw_detailsno

Details about this annotation. The maximum size is 64 KB.

output.imagesno

Adds images to the output displayed in the GitHub pull request UI.

output.images[].altyes

The alternative text for the image.

output.images[].image_urlyes

The full URL of the image.

output.images[].captionno

A short image description.

actionsno

Displays a button on GitHub that can be clicked to alert your app to do additional tasks. For example, a code linting app can display a button that automatically fixes detected errors. The button created in this object is displayed after the check run completes. When a user clicks the button, GitHub sends the check_run.requested_action webhook to your app. Each action includes a label, identifier and description. A maximum of three actions are accepted. To learn more about check runs and requested actions, see "Check runs and requested actions."

actions[].labelyes

The text to be displayed on a button in the web UI. The maximum size is 20 characters.

actions[].descriptionyes

A short explanation of what this action would do. The maximum size is 40 characters.

actions[].identifieryes

A reference for the action on the integrator's system. The maximum size is 20 characters.

See also: GitHub Developer Guide documentation.

Create a check suite

Creates a check suite manually. By default, check suites are automatically created when you create a check run. You only need to use this endpoint for manually creating check suites when you've disabled automatic creation using "Update repository preferences for check suites".

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array and a null value for head_branch.

OAuth apps and personal access tokens (classic) cannot use this endpoint.

octokit.rest.checks.createSuite({
  owner,
  repo,
  head_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

head_shayes

The sha of the head commit.

See also: GitHub Developer Guide documentation.

Get a check run

Gets a single check run using its id.

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint on a private repository.

octokit.rest.checks.get({
  owner,
  repo,
  check_run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

check_run_idyes

The unique identifier of the check run.

See also: GitHub Developer Guide documentation.

Get a check suite

Gets a single check suite using its id.

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array and a null value for head_branch.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint on a private repository.

octokit.rest.checks.getSuite({
  owner,
  repo,
  check_suite_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

check_suite_idyes

The unique identifier of the check suite.

See also: GitHub Developer Guide documentation.

List check run annotations

Lists annotations for a check run using the annotation id.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint on a private repository.

octokit.rest.checks.listAnnotations({
  owner,
  repo,
  check_run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

check_run_idyes

The unique identifier of the check run.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List check runs for a Git reference

Lists check runs for a commit ref. The ref can be a SHA, branch name, or a tag name.

Note: The endpoints to manage checks only look for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array.

If there are more than 1000 check suites on a single git reference, this endpoint will limit check runs to the 1000 most recent check suites. To iterate over all possible check runs, use the List check suites for a Git reference endpoint and provide the check_suite_id parameter to the List check runs in a check suite endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint on a private repository.

octokit.rest.checks.listForRef({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

refyes

The commit reference. Can be a commit SHA, branch name (heads/BRANCH_NAME), or tag name (tags/TAG_NAME). For more information, see "Git References" in the Git documentation.

check_nameno

Returns check runs with the specified name.

statusno

Returns check runs with the specified status.

filterno

Filters check runs by their completed_at timestamp. latest returns the most recent check runs.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

app_idno

See also: GitHub Developer Guide documentation.

List check runs in a check suite

Lists check runs for a check suite using its id.

Note: The endpoints to manage checks only look for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint on a private repository.

octokit.rest.checks.listForSuite({
  owner,
  repo,
  check_suite_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

check_suite_idyes

The unique identifier of the check suite.

check_nameno

Returns check runs with the specified name.

statusno

Returns check runs with the specified status.

filterno

Filters check runs by their completed_at timestamp. latest returns the most recent check runs.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List check suites for a Git reference

Lists check suites for a commit ref. The ref can be a SHA, branch name, or a tag name.

Note: The endpoints to manage checks only look for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array and a null value for head_branch.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint on a private repository.

octokit.rest.checks.listSuitesForRef({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

refyes

The commit reference. Can be a commit SHA, branch name (heads/BRANCH_NAME), or tag name (tags/TAG_NAME). For more information, see "Git References" in the Git documentation.

app_idno

Filters check suites by GitHub App id.

check_nameno

Returns check runs with the specified name.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

Rerequest a check run

Triggers GitHub to rerequest an existing check run, without pushing new code to a repository. This endpoint will trigger the check_run webhook event with the action rerequested. When a check run is rerequested, its status is reset to queued and the conclusion is cleared.

For more information about how to re-run GitHub Actions jobs, see "Re-run a job from a workflow run".

OAuth apps and personal access tokens (classic) cannot use this endpoint.

octokit.rest.checks.rerequestRun({
  owner,
  repo,
  check_run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

check_run_idyes

The unique identifier of the check run.

See also: GitHub Developer Guide documentation.

Rerequest a check suite

Triggers GitHub to rerequest an existing check suite, without pushing new code to a repository. This endpoint will trigger the check_suite webhook event with the action rerequested. When a check suite is rerequested, its status is reset to queued and the conclusion is cleared.

OAuth apps and personal access tokens (classic) cannot use this endpoint.

octokit.rest.checks.rerequestSuite({
  owner,
  repo,
  check_suite_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

check_suite_idyes

The unique identifier of the check suite.

See also: GitHub Developer Guide documentation.

Update repository preferences for check suites

Changes the default automatic flow when creating check suites. By default, a check suite is automatically created each time code is pushed to a repository. When you disable the automatic creation of check suites, you can manually Create a check suite. You must have admin permissions in the repository to set preferences for check suites.

octokit.rest.checks.setSuitesPreferences({
        owner,
repo,
auto_trigger_checks[].app_id,
auto_trigger_checks[].setting
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

auto_trigger_checksno

Enables or disables automatic creation of CheckSuite events upon pushes to the repository. Enabled by default.

auto_trigger_checks[].app_idyes

The id of the GitHub App.

auto_trigger_checks[].settingyes

Set to true to enable automatic creation of CheckSuite events upon pushes to the repository, or false to disable them.

See also: GitHub Developer Guide documentation.

Update a check run

Updates a check run for a specific commit in a repository.

Note: The endpoints to manage checks only look for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array.

OAuth apps and personal access tokens (classic) cannot use this endpoint.

octokit.rest.checks.update({
        owner,
repo,
check_run_id,
output.summary,
output.annotations[].path,
output.annotations[].start_line,
output.annotations[].end_line,
output.annotations[].annotation_level,
output.annotations[].message,
output.images[].alt,
output.images[].image_url,
actions[].label,
actions[].description,
actions[].identifier
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

check_run_idyes

The unique identifier of the check run.

nameno

The name of the check. For example, "code-coverage".

details_urlno

The URL of the integrator's site that has the full details of the check.

external_idno

A reference for the run on the integrator's system.

started_atno

This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

statusno

The current status.

conclusionno

Required if you provide completed_at or a status of completed. The final conclusion of the check. Note: Providing conclusion will automatically set the status parameter to completed. You cannot change a check run conclusion to stale, only GitHub can set this.

completed_atno

The time the check completed. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

outputno

Check runs can accept a variety of data in the output object, including a title and summary and can optionally provide descriptive details about the run.

output.titleno

Required.

output.summaryyes

Can contain Markdown.

output.textno

Can contain Markdown.

output.annotationsno

Adds information from your analysis to specific lines of code. Annotations are visible in GitHub's pull request UI. Annotations are visible in GitHub's pull request UI. The Checks API limits the number of annotations to a maximum of 50 per API request. To create more than 50 annotations, you have to make multiple requests to the Update a check run endpoint. Each time you update the check run, annotations are appended to the list of annotations that already exist for the check run. GitHub Actions are limited to 10 warning annotations and 10 error annotations per step. For details about annotations in the UI, see "About status checks".

output.annotations[].pathyes

The path of the file to add an annotation to. For example, assets/css/main.css.

output.annotations[].start_lineyes

The start line of the annotation. Line numbers start at 1.

output.annotations[].end_lineyes

The end line of the annotation.

output.annotations[].start_columnno

The start column of the annotation. Annotations only support start_column and end_column on the same line. Omit this parameter if start_line and end_line have different values. Column numbers start at 1.

output.annotations[].end_columnno

The end column of the annotation. Annotations only support start_column and end_column on the same line. Omit this parameter if start_line and end_line have different values.

output.annotations[].annotation_levelyes

The level of the annotation.

output.annotations[].messageyes

A short description of the feedback for these lines of code. The maximum size is 64 KB.

output.annotations[].titleno

The title that represents the annotation. The maximum size is 255 characters.

output.annotations[].raw_detailsno

Details about this annotation. The maximum size is 64 KB.

output.imagesno

Adds images to the output displayed in the GitHub pull request UI.

output.images[].altyes

The alternative text for the image.

output.images[].image_urlyes

The full URL of the image.

output.images[].captionno

A short image description.

actionsno

Possible further actions the integrator can perform, which a user may trigger. Each action includes a label, identifier and description. A maximum of three actions are accepted. To learn more about check runs and requested actions, see "Check runs and requested actions."

actions[].labelyes

The text to be displayed on a button in the web UI. The maximum size is 20 characters.

actions[].descriptionyes

A short explanation of what this action would do. The maximum size is 40 characters.

actions[].identifieryes

A reference for the action on the integrator's system. The maximum size is 20 characters.

See also: GitHub Developer Guide documentation.

Code-Scanning

Delete a code scanning analysis from a repository

Deletes a specified code scanning analysis from a repository.

You can delete one analysis at a time. To delete a series of analyses, start with the most recent analysis and work backwards. Conceptually, the process is similar to the undo function in a text editor.

When you list the analyses for a repository, one or more will be identified as deletable in the response:

"deletable": true

An analysis is deletable when it's the most recent in a set of analyses. Typically, a repository will have multiple sets of analyses for each enabled code scanning tool, where a set is determined by a unique combination of analysis values:

  • ref
  • tool
  • category

If you attempt to delete an analysis that is not the most recent in a set, you'll get a 400 response with the message:

Analysis specified is not deletable.

The response from a successful DELETE operation provides you with two alternative URLs for deleting the next analysis in the set: next_analysis_url and confirm_delete_url. Use the next_analysis_url URL if you want to avoid accidentally deleting the final analysis in a set. This is a useful option if you want to preserve at least one analysis for the specified tool in your repository. Use the confirm_delete_url URL if you are content to remove all analyses for a tool. When you delete the last analysis in a set, the value of next_analysis_url and confirm_delete_url in the 200 response is null.

As an example of the deletion process, let's imagine that you added a workflow that configured a particular code scanning tool to analyze the code in a repository. This tool has added 15 analyses: 10 on the default branch, and another 5 on a topic branch. You therefore have two separate sets of analyses for this tool. You've now decided that you want to remove all of the analyses for the tool. To do this you must make 15 separate deletion requests. To start, you must find an analysis that's identified as deletable. Each set of analyses always has one that's identified as deletable. Having found the deletable analysis for one of the two sets, delete this analysis and then continue deleting the next analysis in the set until they're all deleted. Then repeat the process for the second set. The procedure therefore consists of a nested loop:

Outer loop:

  • List the analyses for the repository, filtered by tool.

  • Parse this list to find a deletable analysis. If found:

    Inner loop:

    • Delete the identified analysis.
    • Parse the response for the value of confirm_delete_url and, if found, use this in the next iteration.

The above process assumes that you want to remove all trace of the tool's analyses from the GitHub user interface, for the specified repository, and it therefore uses the confirm_delete_url value. Alternatively, you could use the next_analysis_url value, which would leave the last analysis in each set undeleted to avoid removing a tool's analysis entirely.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.deleteAnalysis({
  owner,
  repo,
  analysis_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

analysis_idyes

The ID of the analysis, as returned from the GET /repos/{owner}/{repo}/code-scanning/analyses operation.

confirm_deleteno

Allow deletion if the specified analysis is the last in a set. If you attempt to delete the final analysis in a set without setting this parameter to true, you'll get a 400 response with the message: Analysis is last of its type and deletion may result in the loss of historical alert data. Please specify confirm_delete.

See also: GitHub Developer Guide documentation.

Get a code scanning alert

Gets a single code scanning alert.

OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.getAlert({
  owner,
  repo,
  alert_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

alert_numberyes

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

alert_idno

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

See also: GitHub Developer Guide documentation.

Get a code scanning analysis for a repository

Gets a specified code scanning analysis for a repository.

The default JSON response contains fields that describe the analysis. This includes the Git reference and commit SHA to which the analysis relates, the datetime of the analysis, the name of the code scanning tool, and the number of alerts.

The rules_count field in the default response give the number of rules that were run in the analysis. For very old analyses this data is not available, and 0 is returned in this field.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/sarif+json: Instead of returning a summary of the analysis, this endpoint returns a subset of the analysis data that was uploaded. The data is formatted as SARIF version 2.1.0. It also returns additional data such as the github/alertNumber and github/alertUrl properties.

OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.getAnalysis({
  owner,
  repo,
  analysis_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

analysis_idyes

The ID of the analysis, as returned from the GET /repos/{owner}/{repo}/code-scanning/analyses operation.

See also: GitHub Developer Guide documentation.

Get a CodeQL database for a repository

Gets a CodeQL database for a language in a repository.

By default this endpoint returns JSON metadata about the CodeQL database. To download the CodeQL database binary content, set the Accept header of the request to application/zip, and make sure your HTTP client is configured to follow redirects or use the Location header to make a second request to get the redirect URL.

OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.getCodeqlDatabase({
  owner,
  repo,
  language,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

languageyes

The language of the CodeQL database.

See also: GitHub Developer Guide documentation.

Get a code scanning default setup configuration

Gets a code scanning default setup configuration.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.getDefaultSetup({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get information about a SARIF upload

Gets information about a SARIF upload, including the status and the URL of the analysis that was uploaded so that you can retrieve details of the analysis. For more information, see "Get a code scanning analysis for a repository." OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.getSarif({
  owner,
  repo,
  sarif_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

sarif_idyes

The SARIF ID obtained after uploading.

See also: GitHub Developer Guide documentation.

List instances of a code scanning alert

Lists all instances of the specified code scanning alert.

OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.listAlertInstances({
  owner,
  repo,
  alert_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

alert_numberyes

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

refno

The Git reference for the results you want to list. The ref for a branch can be formatted either as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge.

See also: GitHub Developer Guide documentation.

List code scanning alerts for an organization

Lists code scanning alerts for the default branch for all eligible repositories in an organization. Eligible repositories are repositories that are owned by organizations that you own or for which you are a security manager. For more information, see "Managing security managers in your organization."

The authenticated user must be an owner or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the security_events or repos cope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.listAlertsForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

tool_nameno

The name of a code scanning tool. Only results by this tool will be listed. You can specify the tool by using either tool_name or tool_guid, but not both.

tool_guidno

The GUID of a code scanning tool. Only results by this tool will be listed. Note that some code scanning tools may not include a GUID in their analysis data. You can specify the tool by using either tool_guid or tool_name, but not both.

beforeno

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."

afterno

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

directionno

The direction to sort the results by.

stateno

If specified, only code scanning alerts with this state will be returned.

sortno

The property by which to sort the results.

severityno

If specified, only code scanning alerts with this severity will be returned.

See also: GitHub Developer Guide documentation.

List code scanning alerts for a repository

Lists all open code scanning alerts for the default branch (usually main or master). You must use an access token with the security_events scope to use this endpoint with private repos, the public_repo scope also grants permission to read security events on public repos only. GitHub Apps must have the security_events read permission to use this endpoint.

The response includes a most_recent_instance object. This provides details of the most recent instance of this alert for the default branch or for the specified Git reference (if you used ref in the request).

octokit.rest.codeScanning.listAlertsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

tool_nameno

The name of a code scanning tool. Only results by this tool will be listed. You can specify the tool by using either tool_name or tool_guid, but not both.

tool_guidno

The GUID of a code scanning tool. Only results by this tool will be listed. Note that some code scanning tools may not include a GUID in their analysis data. You can specify the tool by using either tool_guid or tool_name, but not both.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

refno

The Git reference for the results you want to list. The ref for a branch can be formatted either as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge.

directionno

The direction to sort the results by.

sortno

The property by which to sort the results. number is deprecated - we recommend that you use created instead.

stateno

Set to open, closed, fixed, or dismissed` to list code scanning alerts in a specific state.

See also: GitHub Developer Guide documentation.

List instances of a code scanning alert

Deprecated: This method has been renamed to codeScanning.listAlertInstances

Lists all instances of the specified code scanning alert.

OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.listAlertsInstances({
  owner,
  repo,
  alert_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

alert_numberyes

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

refno

The Git reference for the results you want to list. The ref for a branch can be formatted either as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge.

See also: GitHub Developer Guide documentation.

List CodeQL databases for a repository

Lists the CodeQL databases that are available in a repository.

OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.listCodeqlDatabases({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List code scanning analyses for a repository

Lists the details of all code scanning analyses for a repository, starting with the most recent. The response is paginated and you can use the page and per_page parameters to list the analyses you're interested in. By default 30 analyses are listed per page.

The rules_count field in the response give the number of rules that were run in the analysis. For very old analyses this data is not available, and 0 is returned in this field.

Deprecation notice: The tool_name field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the tool field.

OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.listRecentAnalyses({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

tool_nameno

The name of a code scanning tool. Only results by this tool will be listed. You can specify the tool by using either tool_name or tool_guid, but not both.

tool_guidno

The GUID of a code scanning tool. Only results by this tool will be listed. Note that some code scanning tools may not include a GUID in their analysis data. You can specify the tool by using either tool_guid or tool_name, but not both.

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

refno

The Git reference for the analyses you want to list. The ref for a branch can be formatted either as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge.

sarif_idno

Filter analyses belonging to the same SARIF upload.

directionno

The direction to sort the results by.

sortno

The property by which to sort the results.

See also: GitHub Developer Guide documentation.

Update a code scanning alert

Updates the status of a single code scanning alert. OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.updateAlert({
  owner,
  repo,
  alert_number,
  state,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

alert_numberyes

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

stateyes

Sets the state of the code scanning alert. You must provide dismissed_reason when you set the state to dismissed.

dismissed_reasonno

Required when the state is dismissed. The reason for dismissing or closing the alert.

dismissed_commentno

The dismissal comment associated with the dismissal of the alert.

See also: GitHub Developer Guide documentation.

Update a code scanning default setup configuration

Updates a code scanning default setup configuration.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.updateDefaultSetup({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

stateno

The desired state of code scanning default setup.

query_suiteno

CodeQL query suite to be used.

languagesno

CodeQL languages to be analyzed.

See also: GitHub Developer Guide documentation.

Upload an analysis as SARIF data

Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. For troubleshooting information, see "Troubleshooting SARIF uploads."

There are two places where you can upload code scanning results.

You must compress the SARIF-formatted analysis data that you want to upload, using gzip, and then encode it as a Base64 format string. For example:

gzip -c analysis-data.sarif | base64 -w0

SARIF upload supports a maximum number of entries per the following data objects, and an analysis will be rejected if any of these objects is above its maximum value. For some objects, there are additional values over which the entries will be ignored while keeping the most important entries whenever applicable. To get the most out of your analysis when it includes data above the supported limits, try to optimize the analysis configuration. For example, for the CodeQL tool, identify and remove the most noisy queries. For more information, see "SARIF results exceed one or more limits."

SARIF dataMaximum valuesAdditional limits
Runs per file20
Results per run25,000Only the top 5,000 results will be included, prioritized by severity.
Rules per run25,000
Tool extensions per run100
Thread Flow Locations per result10,000Only the top 1,000 Thread Flow Locations will be included, using prioritization.
Location per result1,000Only 100 locations will be included.
Tags per rule20Only 10 tags will be included.

The 202 Accepted response includes an id value. You can use this ID to check the status of the upload by using it in the /sarifs/{sarif_id} endpoint. For more information, see "Get information about a SARIF upload."

OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.

octokit.rest.codeScanning.uploadSarif({
  owner,
  repo,
  commit_sha,
  ref,
  sarif,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

commit_shayes

The SHA of the commit to which the analysis you are uploading relates.

refyes

The full Git reference, formatted as refs/heads/<branch name>, refs/tags/<tag>, refs/pull/<number>/merge, or refs/pull/<number>/head.

sarifyes

A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using gzip and then translate the contents of the file into a Base64 encoding string. For more information, see "SARIF support for code scanning."

checkout_urino

The base directory used in the analysis, as it appears in the SARIF file. This property is used to convert file paths from absolute to relative, so that alerts can be mapped to their correct location in the repository.

started_atno

The time that the analysis run began. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

tool_nameno

The name of the tool used to generate the code scanning analysis. If this parameter is not used, the tool name defaults to "API". If the uploaded SARIF contains a tool GUID, this will be available for filtering using the tool_guid parameter of operations such as GET /repos/{owner}/{repo}/code-scanning/alerts.

validateno

Whether the SARIF file will be validated according to the code scanning specifications. This parameter is intended to help integrators ensure that the uploaded SARIF files are correctly rendered by code scanning.

See also: GitHub Developer Guide documentation.

Codes-of-Conduct

Get all codes of conduct

Returns array of all GitHub's codes of conduct.

octokit.rest.codesOfConduct.getAllCodesOfConduct();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get a code of conduct

Returns information about the specified GitHub code of conduct.

octokit.rest.codesOfConduct.getConductCode({
  key,
});

Parameters

namerequireddescription
keyyes

See also: GitHub Developer Guide documentation.

Codespaces

Add a selected repository to a user secret

Adds a repository to the selected repositories for a user's development environment secret.

The authenticated user must have Codespaces access to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.

octokit.rest.codespaces.addRepositoryForSecretForAuthenticatedUser({
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

Add selected repository to an organization secret

Adds a repository to an organization development environment secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.addSelectedRepoToOrgSecret({
  org,
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

Check if permissions defined by a devcontainer have been accepted by the authenticated user

Checks whether the permissions defined by a given devcontainer configuration have been accepted by the authenticated user.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.checkPermissionsForDevcontainer({
  owner,
  repo,
  ref,
  devcontainer_path,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

refyes

The git reference that points to the location of the devcontainer configuration to use for the permission check. The value of ref will typically be a branch name (heads/BRANCH_NAME). For more information, see "Git References" in the Git documentation.

devcontainer_pathyes

Path to the devcontainer.json configuration to use for the permission check.

See also: GitHub Developer Guide documentation.

List machine types for a codespace

List the machine types a codespace can transition to use.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.codespaceMachinesForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Create a codespace for the authenticated user

Creates a new codespace, owned by the authenticated user.

This endpoint requires either a repository_id OR a pull_request but not both.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.createForAuthenticatedUser({
        repository_id,
pull_request,
pull_request.pull_request_number,
pull_request.repository_id
      })

Parameters

namerequireddescription
repository_idyes

Repository id for this codespace

refno

Git ref (typically a branch name) for this codespace

locationno

The requested location for a new codespace. Best efforts are made to respect this upon creation. Assigned by IP if not provided.

geono

The geographic area for this codespace. If not specified, the value is assigned by IP. This property replaces location, which is being deprecated.

client_ipno

IP for location auto-detection when proxying a request

machineno

Machine type to use for this codespace

devcontainer_pathno

Path to devcontainer.json config to use for this codespace

multi_repo_permissions_opt_outno

Whether to authorize requested permissions from devcontainer.json

working_directoryno

Working directory for this codespace

idle_timeout_minutesno

Time in minutes before codespace stops from inactivity

display_nameno

Display name for this codespace

retention_period_minutesno

Duration in minutes after codespace has gone idle in which it will be deleted. Must be integer minutes between 0 and 43200 (30 days).

pull_requestyes

Pull request number for this codespace

pull_request.pull_request_numberyes

Pull request number

pull_request.repository_idyes

Repository id for this codespace

See also: GitHub Developer Guide documentation.

Create or update an organization secret

Creates or updates an organization development environment secret with an encrypted value. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API."

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.createOrUpdateOrgSecret({
  org,
  secret_name,
  visibility,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

encrypted_valueno

The value for your secret, encrypted with LibSodium using the public key retrieved from the Get an organization public key endpoint.

key_idno

The ID of the key you used to encrypt the secret.

visibilityyes

Which type of organization repositories have access to the organization secret. selected means only the repositories specified by selected_repository_ids can access the secret.

selected_repository_idsno

An array of repository IDs that can access the organization secret. You can only provide a list of repository IDs when the visibility is set to selected. You can manage the list of selected repositories using the List selected repositories for an organization secret, Set selected repositories for an organization secret, and Remove selected repository from an organization secret endpoints.

See also: GitHub Developer Guide documentation.

Create or update a repository secret

Creates or updates a repository development environment secret with an encrypted value. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API."

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.codespaces.createOrUpdateRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

secret_nameyes

The name of the secret.

encrypted_valueno

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get a repository public key endpoint.

key_idno

ID of the key you used to encrypt the secret.

See also: GitHub Developer Guide documentation.

Create or update a secret for the authenticated user

Creates or updates a development environment secret for a user's codespace with an encrypted value. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API."

The authenticated user must have Codespaces access to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.

octokit.rest.codespaces.createOrUpdateSecretForAuthenticatedUser({
  secret_name,
  key_id,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

encrypted_valueno

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get the public key for the authenticated user endpoint.

key_idyes

ID of the key you used to encrypt the secret.

selected_repository_idsno

An array of repository ids that can access the user secret. You can manage the list of selected repositories using the List selected repositories for a user secret, Set selected repositories for a user secret, and Remove a selected repository from a user secret endpoints.

See also: GitHub Developer Guide documentation.

Create a codespace from a pull request

Creates a codespace owned by the authenticated user for the specified pull request.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.createWithPrForAuthenticatedUser({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

locationno

The requested location for a new codespace. Best efforts are made to respect this upon creation. Assigned by IP if not provided.

geono

The geographic area for this codespace. If not specified, the value is assigned by IP. This property replaces location, which is being deprecated.

client_ipno

IP for location auto-detection when proxying a request

machineno

Machine type to use for this codespace

devcontainer_pathno

Path to devcontainer.json config to use for this codespace

multi_repo_permissions_opt_outno

Whether to authorize requested permissions from devcontainer.json

working_directoryno

Working directory for this codespace

idle_timeout_minutesno

Time in minutes before codespace stops from inactivity

display_nameno

Display name for this codespace

retention_period_minutesno

Duration in minutes after codespace has gone idle in which it will be deleted. Must be integer minutes between 0 and 43200 (30 days).

See also: GitHub Developer Guide documentation.

Create a codespace in a repository

Creates a codespace owned by the authenticated user in the specified repository.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.createWithRepoForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

refno

Git ref (typically a branch name) for this codespace

locationno

The requested location for a new codespace. Best efforts are made to respect this upon creation. Assigned by IP if not provided.

geono

The geographic area for this codespace. If not specified, the value is assigned by IP. This property replaces location, which is being deprecated.

client_ipno

IP for location auto-detection when proxying a request

machineno

Machine type to use for this codespace

devcontainer_pathno

Path to devcontainer.json config to use for this codespace

multi_repo_permissions_opt_outno

Whether to authorize requested permissions from devcontainer.json

working_directoryno

Working directory for this codespace

idle_timeout_minutesno

Time in minutes before codespace stops from inactivity

display_nameno

Display name for this codespace

retention_period_minutesno

Duration in minutes after codespace has gone idle in which it will be deleted. Must be integer minutes between 0 and 43200 (30 days).

See also: GitHub Developer Guide documentation.

Delete a codespace for the authenticated user

Deletes a user's codespace.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.deleteForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Delete a codespace from the organization

Deletes a user's codespace.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.deleteFromOrganization({
  org,
  username,
  codespace_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Delete an organization secret

Deletes an organization development environment secret using the secret name.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.deleteOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Delete a repository secret

Deletes a development environment secret in a repository using the secret name.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.codespaces.deleteRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Delete a secret for the authenticated user

Deletes a development environment secret from a user's codespaces using the secret name. Deleting the secret will remove access from all codespaces that were allowed to access the secret.

The authenticated user must have Codespaces access to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.

octokit.rest.codespaces.deleteSecretForAuthenticatedUser({
  secret_name,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Export a codespace for the authenticated user

Triggers an export of the specified codespace and returns a URL and ID where the status of the export can be monitored.

If changes cannot be pushed to the codespace's repository, they will be pushed to a new or previously-existing fork instead.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.exportForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

List codespaces for a user in organization

Lists the codespaces that a member of an organization has for repositories in that organization.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.getCodespacesForUserInOrg({
  org,
  username,
});

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get details about a codespace export

Gets information about an export of a codespace.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.getExportDetailsForAuthenticatedUser({
  codespace_name,
  export_id,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

export_idyes

The ID of the export operation, or latest. Currently only latest is currently supported.

See also: GitHub Developer Guide documentation.

Get a codespace for the authenticated user

Gets information about a user's codespace.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.getForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Get an organization public key

Gets a public key for an organization, which is required in order to encrypt secrets. You need to encrypt the value of a secret before you can create or update secrets. OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.getOrgPublicKey({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get an organization secret

Gets an organization development environment secret without revealing its encrypted value.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.getOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get public key for the authenticated user

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets.

The authenticated user must have Codespaces access to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.

octokit.rest.codespaces.getPublicKeyForAuthenticatedUser();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get a repository public key

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets.

Anyone with read access to the repository can use this endpoint.

If the repository is private, OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.codespaces.getRepoPublicKey({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a repository secret

Gets a single repository development environment secret without revealing its encrypted value.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.codespaces.getRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get a secret for the authenticated user

Gets a development environment secret available to a user's codespaces without revealing its encrypted value.

The authenticated user must have Codespaces access to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.

octokit.rest.codespaces.getSecretForAuthenticatedUser({
  secret_name,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

List devcontainer configurations in a repository for the authenticated user

Lists the devcontainer.json files associated with a specified repository and the authenticated user. These files specify launchpoint configurations for codespaces created within the repository.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.listDevcontainersInRepositoryForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List codespaces for the authenticated user

Lists the authenticated user's codespaces.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.listForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

repository_idno

ID of the Repository to filter on

See also: GitHub Developer Guide documentation.

List codespaces for the organization

Lists the codespaces associated to a specified organization.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.listInOrganization({
  org,
});

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

orgyes

The organization name. The name is not case sensitive.

org_idno

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List codespaces in a repository for the authenticated user

Lists the codespaces associated to a specified repository and the authenticated user.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.listInRepositoryForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List organization secrets

Lists all Codespaces development environment secrets available at the organization-level without revealing their encrypted values.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.listOrgSecrets({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repository secrets

Lists all development environment secrets available in a repository without revealing their encrypted values.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.codespaces.listRepoSecrets({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List selected repositories for a user secret

List the repositories that have been granted the ability to use a user's development environment secret.

The authenticated user must have Codespaces access to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.

octokit.rest.codespaces.listRepositoriesForSecretForAuthenticatedUser({
  secret_name,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

List secrets for the authenticated user

Lists all development environment secrets available for a user's codespaces without revealing their encrypted values.

The authenticated user must have Codespaces access to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.

octokit.rest.codespaces.listSecretsForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List selected repositories for an organization secret

Lists all repositories that have been selected when the visibility for repository access to a secret is set to selected.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.listSelectedReposForOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

Get default attributes for a codespace

Gets the default attributes for codespaces created by the user with the repository.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.preFlightWithRepoForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

refno

The branch or commit to check for a default devcontainer path. If not specified, the default branch will be checked.

client_ipno

An alternative IP for default location auto-detection, such as when proxying a request.

See also: GitHub Developer Guide documentation.

Create a repository from an unpublished codespace

Publishes an unpublished codespace, creating a new repository and assigning it to the codespace.

The codespace's token is granted write permissions to the repository, allowing the user to push their changes.

This will fail for a codespace that is already published, meaning it has an associated repository.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.publishForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

nameno

A name for the new repository.

privateno

Whether the new repository should be private.

See also: GitHub Developer Guide documentation.

Remove a selected repository from a user secret

Removes a repository from the selected repositories for a user's development environment secret.

The authenticated user must have Codespaces access to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.

octokit.rest.codespaces.removeRepositoryForSecretForAuthenticatedUser({
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

Remove selected repository from an organization secret

Removes a repository from an organization development environment secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.removeSelectedRepoFromOrgSecret({
  org,
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

List available machine types for a repository

List the machine types available for a given repository based on its configuration.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.repoMachinesForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

locationno

The location to check for available machines. Assigned by IP if not provided.

client_ipno

IP for location auto-detection when proxying a request

refno

The branch or commit to check for prebuild availability and devcontainer restrictions.

See also: GitHub Developer Guide documentation.

Set selected repositories for a user secret

Select the repositories that will use a user's development environment secret.

The authenticated user must have Codespaces access to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.

octokit.rest.codespaces.setRepositoriesForSecretForAuthenticatedUser({
  secret_name,
  selected_repository_ids,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

selected_repository_idsyes

An array of repository ids for which a codespace can access the secret. You can manage the list of selected repositories using the List selected repositories for a user secret, Add a selected repository to a user secret, and Remove a selected repository from a user secret endpoints.

See also: GitHub Developer Guide documentation.

Set selected repositories for an organization secret

Replaces all repositories for an organization development environment secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.setSelectedReposForOrgSecret({
  org,
  secret_name,
  selected_repository_ids,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

selected_repository_idsyes

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can add and remove individual repositories using the Set selected repositories for an organization secret and Remove selected repository from an organization secret endpoints.

See also: GitHub Developer Guide documentation.

Start a codespace for the authenticated user

Starts a user's codespace.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.startForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Stop a codespace for the authenticated user

Stops a user's codespace.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.stopForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Stop a codespace for an organization user

Stops a user's codespace.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.codespaces.stopInOrganization({
  org,
  username,
  codespace_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Update a codespace for the authenticated user

Updates a codespace owned by the authenticated user. Currently only the codespace's machine type and recent folders can be modified using this endpoint.

If you specify a new machine type it will be applied the next time your codespace is started.

OAuth app tokens and personal access tokens (classic) need the codespace scope to use this endpoint.

octokit.rest.codespaces.updateForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

machineno

A valid machine to transition this codespace to.

display_nameno

Display name for this codespace

recent_foldersno

Recently opened folders inside the codespace. It is currently used by the clients to determine the folder path to load the codespace in.

See also: GitHub Developer Guide documentation.

Copilot

Add teams to the Copilot for Business subscription for an organization

Note: This endpoint is in beta and is subject to change.

Purchases a GitHub Copilot for Business seat for all users within each specified team. The organization will be billed accordingly. For more information about Copilot for Business pricing, see "About billing for GitHub Copilot for Business".

Only organization owners and members with admin permissions can configure GitHub Copilot in their organization. You must authenticate using an access token with the manage_billing:copilot scope to use this endpoint.

In order for an admin to use this endpoint, the organization must have a Copilot for Business subscription and a configured suggestion matching policy. For more information about setting up a Copilot for Business subscription, see "Setting up a Copilot for Business subscription for your organization". For more information about setting a suggestion matching policy, see "Configuring suggestion matching policies for GitHub Copilot in your organization".

octokit.rest.copilot.addCopilotForBusinessSeatsForTeams({
  org,
  selected_teams,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

selected_teamsyes

List of team names within the organization to which to grant access to GitHub Copilot.

See also: GitHub Developer Guide documentation.

Add users to the Copilot for Business subscription for an organization

Note: This endpoint is in beta and is subject to change.

Purchases a GitHub Copilot for Business seat for each user specified. The organization will be billed accordingly. For more information about Copilot for Business pricing, see "About billing for GitHub Copilot for Business".

Only organization owners and members with admin permissions can configure GitHub Copilot in their organization. You must authenticate using an access token with the manage_billing:copilot scope to use this endpoint.

In order for an admin to use this endpoint, the organization must have a Copilot for Business subscription and a configured suggestion matching policy. For more information about setting up a Copilot for Business subscription, see "Setting up a Copilot for Business subscription for your organization". For more information about setting a suggestion matching policy, see "Configuring suggestion matching policies for GitHub Copilot in your organization".

octokit.rest.copilot.addCopilotForBusinessSeatsForUsers({
  org,
  selected_usernames,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

selected_usernamesyes

The usernames of the organization members to be granted access to GitHub Copilot.

See also: GitHub Developer Guide documentation.

Add teams to the Copilot subscription for an organization

Note: This endpoint is in beta and is subject to change.

Purchases a GitHub Copilot seat for all users within each specified team. The organization will be billed accordingly. For more information about Copilot pricing, see "Pricing for GitHub Copilot".

Only organization owners can configure GitHub Copilot in their organization.

In order for an admin to use this endpoint, the organization must have a Copilot Business or Enterprise subscription and a configured suggestion matching policy. For more information about setting up a Copilot subscription, see "Setting up a Copilot subscription for your organization". For more information about setting a suggestion matching policy, see "Configuring suggestion matching policies for GitHub Copilot in your organization".

OAuth app tokens and personal access tokens (classic) need the manage_billing:copilot scope to use this endpoint.

octokit.rest.copilot.addCopilotSeatsForTeams({
  org,
  selected_teams,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

selected_teamsyes

List of team names within the organization to which to grant access to GitHub Copilot.

See also: GitHub Developer Guide documentation.

Add users to the Copilot subscription for an organization

Note: This endpoint is in beta and is subject to change.

Purchases a GitHub Copilot seat for each user specified. The organization will be billed accordingly. For more information about Copilot pricing, see "Pricing for GitHub Copilot".

Only organization owners can configure GitHub Copilot in their organization.

In order for an admin to use this endpoint, the organization must have a Copilot Business or Enterprise subscription and a configured suggestion matching policy. For more information about setting up a Copilot subscription, see "Setting up a Copilot subscription for your organization". For more information about setting a suggestion matching policy, see "Configuring suggestion matching policies for GitHub Copilot in your organization".

OAuth app tokens and personal access tokens (classic) need the manage_billing:copilot scope to use this endpoint.

octokit.rest.copilot.addCopilotSeatsForUsers({
  org,
  selected_usernames,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

selected_usernamesyes

The usernames of the organization members to be granted access to GitHub Copilot.

See also: GitHub Developer Guide documentation.

Remove teams from the Copilot subscription for an organization

Note: This endpoint is in beta and is subject to change.

Cancels the Copilot seat assignment for all members of each team specified. This will cause the members of the specified team(s) to lose access to GitHub Copilot at the end of the current billing cycle, and the organization will not be billed further for those users.

For more information about Copilot pricing, see "Pricing for GitHub Copilot".

For more information about disabling access to Copilot Business or Enterprise, see "Revoking access to GitHub Copilot for specific users in your organization".

Only organization owners can configure GitHub Copilot in their organization.

OAuth app tokens and personal access tokens (classic) need the manage_billing:copilot scope to use this endpoint.

octokit.rest.copilot.cancelCopilotSeatAssignmentForTeams({
  org,
  selected_teams,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

selected_teamsyes

The names of teams from which to revoke access to GitHub Copilot.

See also: GitHub Developer Guide documentation.

Remove users from the Copilot subscription for an organization

Note: This endpoint is in beta and is subject to change.

Cancels the Copilot seat assignment for each user specified. This will cause the specified users to lose access to GitHub Copilot at the end of the current billing cycle, and the organization will not be billed further for those users.

For more information about Copilot pricing, see "Pricing for GitHub Copilot".

For more information about disabling access to Copilot Business or Enterprise, see "Revoking access to GitHub Copilot for specific users in your organization".

Only organization owners can configure GitHub Copilot in their organization.

OAuth app tokens and personal access tokens (classic) need the manage_billing:copilot scope to use this endpoint.

octokit.rest.copilot.cancelCopilotSeatAssignmentForUsers({
  org,
  selected_usernames,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

selected_usernamesyes

The usernames of the organization members for which to revoke access to GitHub Copilot.

See also: GitHub Developer Guide documentation.

Get Copilot seat information and settings for an organization

Note: This endpoint is in beta and is subject to change.

Gets information about an organization's Copilot subscription, including seat breakdown and code matching policies. To configure these settings, go to your organization's settings on GitHub.com. For more information, see "Managing policies for Copilot in your organization".

Only organization owners can configure and view details about the organization's Copilot Business subscription.

OAuth app tokens and personal access tokens (classic) need the manage_billing:copilot scope to use this endpoint.

octokit.rest.copilot.getCopilotOrganizationDetails({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get Copilot seat assignment details for a user

Note: This endpoint is in beta and is subject to change.

Gets the GitHub Copilot seat assignment details for a member of an organization who currently has access to GitHub Copilot.

Organization owners can view GitHub Copilot seat assignment details for members in their organization.

OAuth app tokens and personal access tokens (classic) need the manage_billing:copilot scope to use this endpoint.

octokit.rest.copilot.getCopilotSeatDetailsForUser({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

List all Copilot seat assignments for an organization

Note: This endpoint is in beta and is subject to change.

Lists all Copilot seat assignments for an organization that are currently being billed (either active or pending cancellation at the start of the next billing cycle).

Only organization owners can configure and view details about the organization's Copilot Business or Enterprise subscription.

OAuth app tokens and personal access tokens (classic) need the manage_billing:copilot scope to use this endpoint.

octokit.rest.copilot.listCopilotSeats({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

Dependabot

Add selected repository to an organization secret

Adds a repository to an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.dependabot.addSelectedRepoToOrgSecret({
  org,
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

Create or update an organization secret

Creates or updates an organization secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

Example encrypting a secret using Node.js

Encrypt your secret using the tweetsodium library.

const sodium = require('tweetsodium');

const key = "base64-encoded-public-key";
const value = "plain-text-secret";

// Convert the message and key to Uint8Array's (Buffer implements that interface)
const messageBytes = Buffer.from(value);
const keyBytes = Buffer.from(key, 'base64');

// Encrypt using LibSodium.
const encryptedBytes = sodium.seal(messageBytes, keyBytes);

// Base64 the encrypted secret
const encrypted = Buffer.from(encryptedBytes).toString('base64');

console.log(encrypted);

Example encrypting a secret using Python

Encrypt your secret using pynacl with Python 3.

from base64 import b64encode
from nacl import encoding, public

def encrypt(public_key: str, secret_value: str) -> str:
  """Encrypt a Unicode string using the public key."""
  public_key = public.PublicKey(public_key.encode("utf-8"), encoding.Base64Encoder())
  sealed_box = public.SealedBox(public_key)
  encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))
  return b64encode(encrypted).decode("utf-8")

Example encrypting a secret using C#

Encrypt your secret using the Sodium.Core package.

var secretValue = System.Text.Encoding.UTF8.GetBytes("mySecret");
var publicKey = Convert.FromBase64String("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvvcCU=");

var sealedPublicKeyBox = Sodium.SealedPublicKeyBox.Create(secretValue, publicKey);

Console.WriteLine(Convert.ToBase64String(sealedPublicKeyBox));

Example encrypting a secret using Ruby

Encrypt your secret using the rbnacl gem.

require "rbnacl"
require "base64"

key = Base64.decode64("+ZYvJDZMHUfBkJdyq5Zm9SKqeuBQ4sj+6sfjlH4CgG0=")
public_key = RbNaCl::PublicKey.new(key)

box = RbNaCl::Boxes::Sealed.from_public_key(public_key)
encrypted_secret = box.encrypt("my_secret")

# Print the base64 encoded secret
puts Base64.strict_encode64(encrypted_secret)
octokit.rest.dependabot.createOrUpdateOrgSecret({
  org,
  secret_name,
  visibility,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

encrypted_valueno

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get an organization public key endpoint.

key_idno

ID of the key you used to encrypt the secret.

visibilityyes

Which type of organization repositories have access to the organization secret. selected means only the repositories specified by selected_repository_ids can access the secret.

selected_repository_idsno

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can manage the list of selected repositories using the List selected repositories for an organization secret, Set selected repositories for an organization secret, and Remove selected repository from an organization secret endpoints.

See also: GitHub Developer Guide documentation.

Create or update a repository secret

Creates or updates a repository secret with an encrypted value. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API."

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.dependabot.createOrUpdateRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

secret_nameyes

The name of the secret.

encrypted_valueno

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get a repository public key endpoint.

key_idno

ID of the key you used to encrypt the secret.

See also: GitHub Developer Guide documentation.

Delete an organization secret

Deletes a secret in an organization using the secret name.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.dependabot.deleteOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Delete a repository secret

Deletes a secret in a repository using the secret name.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.dependabot.deleteRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get a Dependabot alert

OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

octokit.rest.dependabot.getAlert({
  owner,
  repo,
  alert_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

alert_numberyes

The number that identifies a Dependabot alert in its repository. You can find this at the end of the URL for a Dependabot alert within GitHub, or in number fields in the response from the GET /repos/{owner}/{repo}/dependabot/alerts operation.

See also: GitHub Developer Guide documentation.

Get an organization public key

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.dependabot.getOrgPublicKey({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get an organization secret

Gets a single organization secret without revealing its encrypted value.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.dependabot.getOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get a repository public key

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint if the repository is private.

octokit.rest.dependabot.getRepoPublicKey({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a repository secret

Gets a single repository secret without revealing its encrypted value.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.dependabot.getRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

List Dependabot alerts for an enterprise

Lists Dependabot alerts for repositories that are owned by the specified enterprise.

The authenticated user must be a member of the enterprise to use this endpoint.

Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager. For more information about security managers, see "Managing security managers in your organization."

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint.

octokit.rest.dependabot.listAlertsForEnterprise({
  enterprise,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

stateno

A comma-separated list of states. If specified, only alerts with these states will be returned.

Can be: auto_dismissed, dismissed, fixed, open

severityno

A comma-separated list of severities. If specified, only alerts with these severities will be returned.

Can be: low, medium, high, critical

ecosystemno

A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.

Can be: composer, go, maven, npm, nuget, pip, pub, rubygems, rust

packageno

A comma-separated list of package names. If specified, only alerts for these packages will be returned.

scopeno

The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned.

sortno

The property by which to sort the results. created means when the alert was created. updated means when the alert's state last changed.

directionno

The direction to sort the results by.

beforeno

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."

afterno

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

firstno

Deprecated. The number of results per page (max 100), starting from the first matching result. This parameter must not be used in combination with last. Instead, use per_page in combination with after to fetch the first page of results.

lastno

Deprecated. The number of results per page (max 100), starting from the last matching result. This parameter must not be used in combination with first. Instead, use per_page in combination with before to fetch the last page of results.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List Dependabot alerts for an organization

Lists Dependabot alerts for an organization.

The authenticated user must be an owner or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

octokit.rest.dependabot.listAlertsForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

stateno

A comma-separated list of states. If specified, only alerts with these states will be returned.

Can be: auto_dismissed, dismissed, fixed, open

severityno

A comma-separated list of severities. If specified, only alerts with these severities will be returned.

Can be: low, medium, high, critical

ecosystemno

A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.

Can be: composer, go, maven, npm, nuget, pip, pub, rubygems, rust

packageno

A comma-separated list of package names. If specified, only alerts for these packages will be returned.

scopeno

The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned.

sortno

The property by which to sort the results. created means when the alert was created. updated means when the alert's state last changed.

directionno

The direction to sort the results by.

beforeno

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."

afterno

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

firstno

Deprecated. The number of results per page (max 100), starting from the first matching result. This parameter must not be used in combination with last. Instead, use per_page in combination with after to fetch the first page of results.

lastno

Deprecated. The number of results per page (max 100), starting from the last matching result. This parameter must not be used in combination with first. Instead, use per_page in combination with before to fetch the last page of results.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List Dependabot alerts for a repository

OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

octokit.rest.dependabot.listAlertsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

stateno

A comma-separated list of states. If specified, only alerts with these states will be returned.

Can be: auto_dismissed, dismissed, fixed, open

severityno

A comma-separated list of severities. If specified, only alerts with these severities will be returned.

Can be: low, medium, high, critical

ecosystemno

A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.

Can be: composer, go, maven, npm, nuget, pip, pub, rubygems, rust

packageno

A comma-separated list of package names. If specified, only alerts for these packages will be returned.

manifestno

A comma-separated list of full manifest paths. If specified, only alerts for these manifests will be returned.

scopeno

The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned.

sortno

The property by which to sort the results. created means when the alert was created. updated means when the alert's state last changed.

directionno

The direction to sort the results by.

pageno

Deprecated. Page number of the results to fetch. Use cursor-based pagination with before or after instead.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

beforeno

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."

afterno

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

firstno

Deprecated. The number of results per page (max 100), starting from the first matching result. This parameter must not be used in combination with last. Instead, use per_page in combination with after to fetch the first page of results.

lastno

Deprecated. The number of results per page (max 100), starting from the last matching result. This parameter must not be used in combination with first. Instead, use per_page in combination with before to fetch the last page of results.

See also: GitHub Developer Guide documentation.

List organization secrets

Lists all secrets available in an organization without revealing their encrypted values.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.dependabot.listOrgSecrets({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repository secrets

Lists all secrets available in a repository without revealing their encrypted values.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.dependabot.listRepoSecrets({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List selected repositories for an organization secret

Lists all repositories that have been selected when the visibility for repository access to a secret is set to selected.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.dependabot.listSelectedReposForOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

Remove selected repository from an organization secret

Removes a repository from an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.dependabot.removeSelectedRepoFromOrgSecret({
  org,
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

Set selected repositories for an organization secret

Replaces all repositories for an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

octokit.rest.dependabot.setSelectedReposForOrgSecret({
  org,
  secret_name,
  selected_repository_ids,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

selected_repository_idsyes

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can add and remove individual repositories using the Set selected repositories for an organization secret and Remove selected repository from an organization secret endpoints.

See also: GitHub Developer Guide documentation.

Update a Dependabot alert

The authenticated user must have access to security alerts for the repository to use this endpoint. For more information, see "Granting access to security alerts."

OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

octokit.rest.dependabot.updateAlert({
  owner,
  repo,
  alert_number,
  state,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

alert_numberyes

The number that identifies a Dependabot alert in its repository. You can find this at the end of the URL for a Dependabot alert within GitHub, or in number fields in the response from the GET /repos/{owner}/{repo}/dependabot/alerts operation.

stateyes

The state of the Dependabot alert. A dismissed_reason must be provided when setting the state to dismissed.

dismissed_reasonno

Required when state is dismissed. A reason for dismissing the alert.

dismissed_commentno

An optional comment associated with dismissing the alert.

See also: GitHub Developer Guide documentation.

Dependency-Graph

Create a snapshot of dependencies for a repository

Create a new snapshot of a repository's dependencies.

The authenticated user must have access to the repository.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

octokit.rest.dependencyGraph.createRepositorySnapshot({
        owner,
repo,
version,
job,
job.id,
job.correlator,
sha,
ref,
detector,
detector.name,
detector.version,
detector.url,
manifests.*.name,
scanned
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

versionyes

The version of the repository snapshot submission.

jobyes
job.idyes

The external ID of the job.

job.correlatoryes

Correlator provides a key that is used to group snapshots submitted over time. Only the "latest" submitted snapshot for a given combination of job.correlator and detector.name will be considered when calculating a repository's current dependencies. Correlator should be as unique as it takes to distinguish all detection runs for a given "wave" of CI workflow you run. If you're using GitHub Actions, a good default value for this could be the environment variables GITHUB_WORKFLOW and GITHUB_JOB concatenated together. If you're using a build matrix, then you'll also need to add additional key(s) to distinguish between each submission inside a matrix variation.

job.html_urlno

The url for the job.

shayes

The commit SHA associated with this dependency snapshot. Maximum length: 40 characters.

refyes

The repository branch that triggered this snapshot.

detectoryes

A description of the detector used.

detector.nameyes

The name of the detector used.

detector.versionyes

The version of the detector used.

detector.urlyes

The url of the detector used.

metadatano

User-defined metadata to store domain-specific information limited to 8 keys with scalar values.

metadata.*no
manifestsno

A collection of package manifests, which are a collection of related dependencies declared in a file or representing a logical group of dependencies.

manifests.*no
manifests.*.nameyes

The name of the manifest.

manifests.*.fileno
manifests.*.file.source_locationno

The path of the manifest file relative to the root of the Git repository.

manifests.*.metadatano

User-defined metadata to store domain-specific information limited to 8 keys with scalar values.

manifests.*.metadata.*no
manifests.*.resolvedno

A collection of resolved package dependencies.

manifests.*.resolved.*no
manifests.*.resolved.*.package_urlno

Package-url (PURL) of dependency. See https://github.com/package-url/purl-spec for more details.

manifests.*.resolved.*.metadatano

User-defined metadata to store domain-specific information limited to 8 keys with scalar values.

manifests.*.resolved.*.metadata.*no
manifests.*.resolved.*.relationshipno

A notation of whether a dependency is requested directly by this manifest or is a dependency of another dependency.

manifests.*.resolved.*.scopeno

A notation of whether the dependency is required for the primary build artifact (runtime) or is only used for development. Future versions of this specification may allow for more granular scopes.

manifests.*.resolved.*.dependenciesno

Array of package-url (PURLs) of direct child dependencies.

scannedyes

The time at which the snapshot was scanned.

See also: GitHub Developer Guide documentation.

Get a diff of the dependencies between commits

Gets the diff of the dependency changes between two commits of a repository, based on the changes to the dependency manifests made in those commits.

octokit.rest.dependencyGraph.diffRange({
  owner,
  repo,
  basehead,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

baseheadyes

The base and head Git revisions to compare. The Git revisions will be resolved to commit SHAs. Named revisions will be resolved to their corresponding HEAD commits, and an appropriate merge base will be determined. This parameter expects the format {base}...{head}.

nameno

The full path, relative to the repository root, of the dependency manifest file.

See also: GitHub Developer Guide documentation.

Export a software bill of materials (SBOM) for a repository.

Exports the software bill of materials (SBOM) for a repository in SPDX JSON format.

octokit.rest.dependencyGraph.exportSbom({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Emojis

Get emojis

Lists all the emojis available to use on GitHub.

octokit.rest.emojis.get();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Gists

Check if a gist is starred

octokit.rest.gists.checkIsStarred({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

See also: GitHub Developer Guide documentation.

Create a gist

Allows you to add a new gist with one or more files.

Note: Don't name your files "gistfile" with a numerical suffix. This is the format of the automatic naming scheme that Gist uses internally.

octokit.rest.gists.create({
        files,
files.*.content
      })

Parameters

namerequireddescription
descriptionno

Description of the gist

filesyes

Names and content for the files that make up the gist

files.*no
files.*.contentyes

Content of the file

publicno

See also: GitHub Developer Guide documentation.

Create a gist comment

Creates a comment on a gist.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown. This is the default if you do not pass any specific media type.
  • application/vnd.github.base64+json: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
octokit.rest.gists.createComment({
  gist_id,
  body,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

bodyyes

The comment text.

See also: GitHub Developer Guide documentation.

Delete a gist

octokit.rest.gists.delete({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

See also: GitHub Developer Guide documentation.

Delete a gist comment

octokit.rest.gists.deleteComment({
  gist_id,
  comment_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

comment_idyes

The unique identifier of the comment.

See also: GitHub Developer Guide documentation.

Fork a gist

octokit.rest.gists.fork({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

See also: GitHub Developer Guide documentation.

Get a gist

Gets a specified gist.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown. This is the default if you do not pass any specific media type.
  • application/vnd.github.base64+json: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
octokit.rest.gists.get({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

See also: GitHub Developer Guide documentation.

Get a gist comment

Gets a comment on a gist.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown. This is the default if you do not pass any specific media type.
  • application/vnd.github.base64+json: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
octokit.rest.gists.getComment({
  gist_id,
  comment_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

comment_idyes

The unique identifier of the comment.

See also: GitHub Developer Guide documentation.

Get a gist revision

Gets a specified gist revision.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown. This is the default if you do not pass any specific media type.
  • application/vnd.github.base64+json: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
octokit.rest.gists.getRevision({
  gist_id,
  sha,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

shayes

See also: GitHub Developer Guide documentation.

List gists for the authenticated user

Lists the authenticated user's gists or if called anonymously, this endpoint returns all public gists:

octokit.rest.gists.list();

Parameters

namerequireddescription
sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List gist comments

Lists the comments on a gist.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown. This is the default if you do not pass any specific media type.
  • application/vnd.github.base64+json: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
octokit.rest.gists.listComments({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List gist commits

octokit.rest.gists.listCommits({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List gists for a user

Lists public gists for the specified user:

octokit.rest.gists.listForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List gist forks

octokit.rest.gists.listForks({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List public gists

List public gists sorted by most recently updated to least recently updated.

Note: With pagination, you can fetch up to 3000 gists. For example, you can fetch 100 pages with 30 gists per page or 30 pages with 100 gists per page.

octokit.rest.gists.listPublic();

Parameters

namerequireddescription
sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List starred gists

List the authenticated user's starred gists:

octokit.rest.gists.listStarred();

Parameters

namerequireddescription
sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

Star a gist

Note that you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP method."

octokit.rest.gists.star({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

See also: GitHub Developer Guide documentation.

Unstar a gist

octokit.rest.gists.unstar({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

See also: GitHub Developer Guide documentation.

Update a gist

Allows you to update a gist's description and to update, delete, or rename gist files. Files from the previous version of the gist that aren't explicitly changed during an edit are unchanged.

octokit.rest.gists.update({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

descriptionno

The description of the gist.

filesno

The gist files to be updated, renamed, or deleted. Each key must match the current filename (including extension) of the targeted gist file. For example: hello.py.

To delete a file, set the whole file to null. For example: hello.py : null.

files.*no
files.*.contentno

The new content of the file.

files.*.filenameno

The new filename for the file.

See also: GitHub Developer Guide documentation.

Update a gist comment

Updates a comment on a gist.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown. This is the default if you do not pass any specific media type.
  • application/vnd.github.base64+json: Returns the base64-encoded contents. This can be useful if your gist contains any invalid UTF-8 sequences.
octokit.rest.gists.updateComment({
  gist_id,
  comment_id,
  body,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

comment_idyes

The unique identifier of the comment.

bodyyes

The comment text.

See also: GitHub Developer Guide documentation.

Git

Create a blob

octokit.rest.git.createBlob({
  owner,
  repo,
  content,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

contentyes

The new blob's content.

encodingno

The encoding used for content. Currently, "utf-8" and "base64" are supported.

See also: GitHub Developer Guide documentation.

Create a commit

Creates a new Git commit object.

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

NameTypeDescription
verifiedbooleanIndicates whether GitHub considers the signature in this commit to be verified.
reasonstringThe reason for verified value. Possible values and their meanings are enumerated in the table below.
signaturestringThe signature that was extracted from the commit.
payloadstringThe value that was signed.

These are the possible values for reason in the verification object:

ValueDescription
expired_keyThe key that made the signature is expired.
not_signing_keyThe "signing" flag is not among the usage flags in the GPG key that made the signature.
gpgverify_errorThere was an error communicating with the signature verification service.
gpgverify_unavailableThe signature verification service is currently unavailable.
unsignedThe object does not include a signature.
unknown_signature_typeA non-PGP signature was found in the commit.
no_userNo user was associated with the committer email address in the commit.
unverified_emailThe committer email address in the commit was associated with a user, but the email address is not verified on their account.
bad_emailThe committer email address in the commit is not included in the identities of the PGP key that made the signature.
unknown_keyThe key that made the signature has not been registered with any user's account.
malformed_signatureThere was an error parsing the signature.
invalidThe signature could not be cryptographically verified using the key whose key-id was found in the signature.
validNone of the above errors applied, so the signature is considered to be verified.
octokit.rest.git.createCommit({
        owner,
repo,
message,
tree,
author.name,
author.email
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

messageyes

The commit message

treeyes

The SHA of the tree object this commit points to

parentsno

The SHAs of the commits that were the parents of this commit. If omitted or empty, the commit will be written as a root commit. For a single parent, an array of one SHA should be provided; for a merge commit, an array of more than one should be provided.

authorno

Information about the author of the commit. By default, the author will be the authenticated user and the current date. See the author and committer object below for details.

author.nameyes

The name of the author (or committer) of the commit

author.emailyes

The email of the author (or committer) of the commit

author.dateno

Indicates when this commit was authored (or committed). This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

committerno

Information about the person who is making the commit. By default, committer will use the information set in author. See the author and committer object below for details.

committer.nameno

The name of the author (or committer) of the commit

committer.emailno

The email of the author (or committer) of the commit

committer.dateno

Indicates when this commit was authored (or committed). This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

signatureno

The PGP signature of the commit. GitHub adds the signature to the gpgsig header of the created commit. For a commit signature to be verifiable by Git or GitHub, it must be an ASCII-armored detached PGP signature over the string commit as it would be written to the object database. To pass a signature parameter, you need to first manually create a valid PGP signature, which can be complicated. You may find it easier to use the command line to create signed commits.

See also: GitHub Developer Guide documentation.

Create a reference

Creates a reference for your repository. You are unable to create new references for empty repositories, even if the commit SHA-1 hash used exists. Empty repositories are repositories without branches.

octokit.rest.git.createRef({
  owner,
  repo,
  ref,
  sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

refyes

The name of the fully qualified reference (ie: refs/heads/master). If it doesn't start with 'refs' and have at least two slashes, it will be rejected.

shayes

The SHA1 value for this reference.

See also: GitHub Developer Guide documentation.

Create a tag object

Note that creating a tag object does not create the reference that makes a tag in Git. If you want to create an annotated tag in Git, you have to do this call to create the tag object, and then create the refs/tags/[tag] reference. If you want to create a lightweight tag, you only have to create the tag reference - this call would be unnecessary.

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

NameTypeDescription
verifiedbooleanIndicates whether GitHub considers the signature in this commit to be verified.
reasonstringThe reason for verified value. Possible values and their meanings are enumerated in table below.
signaturestringThe signature that was extracted from the commit.
payloadstringThe value that was signed.

These are the possible values for reason in the verification object:

ValueDescription
expired_keyThe key that made the signature is expired.
not_signing_keyThe "signing" flag is not among the usage flags in the GPG key that made the signature.
gpgverify_errorThere was an error communicating with the signature verification service.
gpgverify_unavailableThe signature verification service is currently unavailable.
unsignedThe object does not include a signature.
unknown_signature_typeA non-PGP signature was found in the commit.
no_userNo user was associated with the committer email address in the commit.
unverified_emailThe committer email address in the commit was associated with a user, but the email address is not verified on their account.
bad_emailThe committer email address in the commit is not included in the identities of the PGP key that made the signature.
unknown_keyThe key that made the signature has not been registered with any user's account.
malformed_signatureThere was an error parsing the signature.
invalidThe signature could not be cryptographically verified using the key whose key-id was found in the signature.
validNone of the above errors applied, so the signature is considered to be verified.
octokit.rest.git.createTag({
        owner,
repo,
tag,
message,
object,
type,
tagger.name,
tagger.email
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

tagyes

The tag's name. This is typically a version (e.g., "v0.0.1").

messageyes

The tag message.

objectyes

The SHA of the git object this is tagging.

typeyes

The type of the object we're tagging. Normally this is a commit but it can also be a tree or a blob.

taggerno

An object with information about the individual creating the tag.

tagger.nameyes

The name of the author of the tag

tagger.emailyes

The email of the author of the tag

tagger.dateno

When this object was tagged. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

See also: GitHub Developer Guide documentation.

Create a tree

The tree creation API accepts nested entries. If you specify both a tree and a nested path modifying that tree, this endpoint will overwrite the contents of the tree with the new path contents, and create a new tree structure.

If you use this endpoint to add, delete, or modify the file contents in a tree, you will need to commit the tree and then update a branch to point to the commit. For more information see "Create a commit" and "Update a reference."

Returns an error if you try to delete a file that does not exist.

octokit.rest.git.createTree({
  owner,
  repo,
  tree,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

treeyes

Objects (of path, mode, type, and sha) specifying a tree structure.

tree[].pathno

The file referenced in the tree.

tree[].modeno

The file mode; one of 100644 for file (blob), 100755 for executable (blob), 040000 for subdirectory (tree), 160000 for submodule (commit), or 120000 for a blob that specifies the path of a symlink.

tree[].typeno

Either blob, tree, or commit.

tree[].shano

The SHA1 checksum ID of the object in the tree. Also called tree.sha. If the value is null then the file will be deleted.

Note: Use either tree.sha or content to specify the contents of the entry. Using both tree.sha and content will return an error.

tree[].contentno

The content you want this file to have. GitHub will write this blob out and use that SHA for this entry. Use either this, or tree.sha.

Note: Use either tree.sha or content to specify the contents of the entry. Using both tree.sha and content will return an error.

base_treeno

The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by base_tree and entries defined in the tree parameter. Entries defined in the tree parameter will overwrite items from base_tree with the same path. If you're creating new changes on a branch, then normally you'd set base_tree to the SHA1 of the Git tree object of the current latest commit on the branch you're working on. If not provided, GitHub will create a new Git tree object from only the entries defined in the tree parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the tree parameter will be listed as deleted by the new commit.

See also: GitHub Developer Guide documentation.

Delete a reference

octokit.rest.git.deleteRef({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

refyes

The commit reference. Can be a commit SHA, branch name (heads/BRANCH_NAME), or tag name (tags/TAG_NAME). For more information, see "Git References" in the Git documentation.

See also: GitHub Developer Guide documentation.

Get a blob

The content in the response will always be Base64 encoded.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw blob data.
  • application/vnd.github+json: Returns a JSON representation of the blob with content as a base64 encoded string. This is the default if no media type is specified.

Note This endpoint supports blobs up to 100 megabytes in size.

octokit.rest.git.getBlob({
  owner,
  repo,
  file_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

file_shayes

See also: GitHub Developer Guide documentation.

Get a commit object

Gets a Git commit object.

To get the contents of a commit, see "Get a commit."

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

NameTypeDescription
verifiedbooleanIndicates whether GitHub considers the signature in this commit to be verified.
reasonstringThe reason for verified value. Possible values and their meanings are enumerated in the table below.
signaturestringThe signature that was extracted from the commit.
payloadstringThe value that was signed.

These are the possible values for reason in the verification object:

ValueDescription
expired_keyThe key that made the signature is expired.
not_signing_keyThe "signing" flag is not among the usage flags in the GPG key that made the signature.
gpgverify_errorThere was an error communicating with the signature verification service.
gpgverify_unavailableThe signature verification service is currently unavailable.
unsignedThe object does not include a signature.
unknown_signature_typeA non-PGP signature was found in the commit.
no_userNo user was associated with the committer email address in the commit.
unverified_emailThe committer email address in the commit was associated with a user, but the email address is not verified on their account.
bad_emailThe committer email address in the commit is not included in the identities of the PGP key that made the signature.
unknown_keyThe key that made the signature has not been registered with any user's account.
malformed_signatureThere was an error parsing the signature.
invalidThe signature could not be cryptographically verified using the key whose key-id was found in the signature.
validNone of the above errors applied, so the signature is considered to be verified.
octokit.rest.git.getCommit({
  owner,
  repo,
  commit_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

commit_shayes

The SHA of the commit.

See also: GitHub Developer Guide documentation.

Get a reference

Returns a single reference from your Git database. The :ref in the URL must be formatted as heads/<branch name> for branches and tags/<tag name> for tags. If the :ref doesn't match an existing ref, a 404 is returned.

Note: You need to explicitly request a pull request to trigger a test merge commit, which checks the mergeability of pull requests. For more information, see "Checking mergeability of pull requests".

octokit.rest.git.getRef({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

refyes

The commit reference. Can be a commit SHA, branch name (heads/BRANCH_NAME), or tag name (tags/TAG_NAME). For more information, see "Git References" in the Git documentation.

See also: GitHub Developer Guide documentation.

Get a tag

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

NameTypeDescription
verifiedbooleanIndicates whether GitHub considers the signature in this commit to be verified.
reasonstringThe reason for verified value. Possible values and their meanings are enumerated in table below.
signaturestringThe signature that was extracted from the commit.
payloadstringThe value that was signed.

These are the possible values for reason in the verification object:

ValueDescription
expired_keyThe key that made the signature is expired.
not_signing_keyThe "signing" flag is not among the usage flags in the GPG key that made the signature.
gpgverify_errorThere was an error communicating with the signature verification service.
gpgverify_unavailableThe signature verification service is currently unavailable.
unsignedThe object does not include a signature.
unknown_signature_typeA non-PGP signature was found in the commit.
no_userNo user was associated with the committer email address in the commit.
unverified_emailThe committer email address in the commit was associated with a user, but the email address is not verified on their account.
bad_emailThe committer email address in the commit is not included in the identities of the PGP key that made the signature.
unknown_keyThe key that made the signature has not been registered with any user's account.
malformed_signatureThere was an error parsing the signature.
invalidThe signature could not be cryptographically verified using the key whose key-id was found in the signature.
validNone of the above errors applied, so the signature is considered to be verified.
octokit.rest.git.getTag({
  owner,
  repo,
  tag_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

tag_shayes

See also: GitHub Developer Guide documentation.

Get a tree

Returns a single tree using the SHA1 value or ref name for that tree.

If truncated is true in the response then the number of items in the tree array exceeded our maximum limit. If you need to fetch more items, use the non-recursive method of fetching trees, and fetch one sub-tree at a time.

Note: The limit for the tree array is 100,000 entries with a maximum size of 7 MB when using the recursive parameter.

octokit.rest.git.getTree({
  owner,
  repo,
  tree_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

tree_shayes

The SHA1 value or ref (branch or tag) name of the tree.

recursiveno

Setting this parameter to any value returns the objects or subtrees referenced by the tree specified in :tree_sha. For example, setting recursive to any of the following will enable returning objects or subtrees: 0, 1, "true", and "false". Omit this parameter to prevent recursively returning objects or subtrees.

See also: GitHub Developer Guide documentation.

List matching references

Returns an array of references from your Git database that match the supplied name. The :ref in the URL must be formatted as heads/<branch name> for branches and tags/<tag name> for tags. If the :ref doesn't exist in the repository, but existing refs start with :ref, they will be returned as an array.

When you use this endpoint without providing a :ref, it will return an array of all the references from your Git database, including notes and stashes if they exist on the server. Anything in the namespace is returned, not just heads and tags.

Note: You need to explicitly request a pull request to trigger a test merge commit, which checks the mergeability of pull requests. For more information, see "Checking mergeability of pull requests".

If you request matching references for a branch named feature but the branch feature doesn't exist, the response can still include other matching head refs that start with the word feature, such as featureA and featureB.

octokit.rest.git.listMatchingRefs({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

refyes

The commit reference. Can be a commit SHA, branch name (heads/BRANCH_NAME), or tag name (tags/TAG_NAME). For more information, see "Git References" in the Git documentation.

See also: GitHub Developer Guide documentation.

Update a reference

octokit.rest.git.updateRef({
  owner,
  repo,
  ref,
  sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

refyes

The name of the reference to update (for example, heads/featureA). Can be a branch name (heads/BRANCH_NAME) or tag name (tags/TAG_NAME). For more information, see "Git References" in the Git documentation.

shayes

The SHA1 value to set this reference to

forceno

Indicates whether to force the update or to make sure the update is a fast-forward update. Leaving this out or setting it to false will make sure you're not overwriting work.

See also: GitHub Developer Guide documentation.

Gitignore

Get all gitignore templates

List all templates available to pass as an option when creating a repository.

octokit.rest.gitignore.getAllTemplates();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get a gitignore template

Get the content of a gitignore template.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw .gitignore contents.
octokit.rest.gitignore.getTemplate({
  name,
});

Parameters

namerequireddescription
nameyes

See also: GitHub Developer Guide documentation.

Interactions

Get interaction restrictions for your public repositories

Shows which type of GitHub user can interact with your public repositories and when the restriction expires.

octokit.rest.interactions.getRestrictionsForAuthenticatedUser();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get interaction restrictions for an organization

Shows which type of GitHub user can interact with this organization and when the restriction expires. If there is no restrictions, you will see an empty response.

octokit.rest.interactions.getRestrictionsForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get interaction restrictions for a repository

Shows which type of GitHub user can interact with this repository and when the restriction expires. If there are no restrictions, you will see an empty response.

octokit.rest.interactions.getRestrictionsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get interaction restrictions for your public repositories

Deprecated: This method has been renamed to interactions.getRestrictionsForAuthenticatedUser

Shows which type of GitHub user can interact with your public repositories and when the restriction expires.

octokit.rest.interactions.getRestrictionsForYourPublicRepos();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Remove interaction restrictions from your public repositories

Removes any interaction restrictions from your public repositories.

octokit.rest.interactions.removeRestrictionsForAuthenticatedUser();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Remove interaction restrictions for an organization

Removes all interaction restrictions from public repositories in the given organization. You must be an organization owner to remove restrictions.

octokit.rest.interactions.removeRestrictionsForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Remove interaction restrictions for a repository

Removes all interaction restrictions from the given repository. You must have owner or admin access to remove restrictions. If the interaction limit is set for the user or organization that owns this repository, you will receive a 409 Conflict response and will not be able to use this endpoint to change the interaction limit for a single repository.

octokit.rest.interactions.removeRestrictionsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Remove interaction restrictions from your public repositories

Deprecated: This method has been renamed to interactions.removeRestrictionsForAuthenticatedUser

Removes any interaction restrictions from your public repositories.

octokit.rest.interactions.removeRestrictionsForYourPublicRepos();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Set interaction restrictions for your public repositories

Temporarily restricts which type of GitHub user can interact with your public repositories. Setting the interaction limit at the user level will overwrite any interaction limits that are set for individual repositories owned by the user.

octokit.rest.interactions.setRestrictionsForAuthenticatedUser({
  limit,
});

Parameters

namerequireddescription
limityes

The type of GitHub user that can comment, open issues, or create pull requests while the interaction limit is in effect.

expiryno

The duration of the interaction restriction. Default: one_day.

See also: GitHub Developer Guide documentation.

Set interaction restrictions for an organization

Temporarily restricts interactions to a certain type of GitHub user in any public repository in the given organization. You must be an organization owner to set these restrictions. Setting the interaction limit at the organization level will overwrite any interaction limits that are set for individual repositories owned by the organization.

octokit.rest.interactions.setRestrictionsForOrg({
  org,
  limit,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

limityes

The type of GitHub user that can comment, open issues, or create pull requests while the interaction limit is in effect.

expiryno

The duration of the interaction restriction. Default: one_day.

See also: GitHub Developer Guide documentation.

Set interaction restrictions for a repository

Temporarily restricts interactions to a certain type of GitHub user within the given repository. You must have owner or admin access to set these restrictions. If an interaction limit is set for the user or organization that owns this repository, you will receive a 409 Conflict response and will not be able to use this endpoint to change the interaction limit for a single repository.

octokit.rest.interactions.setRestrictionsForRepo({
  owner,
  repo,
  limit,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

limityes

The type of GitHub user that can comment, open issues, or create pull requests while the interaction limit is in effect.

expiryno

The duration of the interaction restriction. Default: one_day.

See also: GitHub Developer Guide documentation.

Set interaction restrictions for your public repositories

Deprecated: This method has been renamed to interactions.setRestrictionsForAuthenticatedUser

Temporarily restricts which type of GitHub user can interact with your public repositories. Setting the interaction limit at the user level will overwrite any interaction limits that are set for individual repositories owned by the user.

octokit.rest.interactions.setRestrictionsForYourPublicRepos({
  limit,
});

Parameters

namerequireddescription
limityes

The type of GitHub user that can comment, open issues, or create pull requests while the interaction limit is in effect.

expiryno

The duration of the interaction restriction. Default: one_day.

See also: GitHub Developer Guide documentation.

Issues

Add assignees to an issue

Adds up to 10 assignees to an issue. Users already assigned to an issue are not replaced.

octokit.rest.issues.addAssignees({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

assigneesno

Usernames of people to assign this issue to. NOTE: Only users with push access can add assignees to an issue. Assignees are silently ignored otherwise.

See also: GitHub Developer Guide documentation.

Add labels to an issue

Adds labels to an issue. If you provide an empty array of labels, all labels are removed from the issue.

octokit.rest.issues.addLabels({
        owner,
repo,
issue_number,
labels[].name
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

labelsno
labels[].nameyes

See also: GitHub Developer Guide documentation.

Check if a user can be assigned

Checks if a user has permission to be assigned to an issue in this repository.

If the assignee can be assigned to issues in the repository, a 204 header with no content is returned.

Otherwise a 404 status code is returned.

octokit.rest.issues.checkUserCanBeAssigned({
  owner,
  repo,
  assignee,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

assigneeyes

See also: GitHub Developer Guide documentation.

Check if a user can be assigned to a issue

Checks if a user has permission to be assigned to a specific issue.

If the assignee can be assigned to this issue, a 204 status code with no content is returned.

Otherwise a 404 status code is returned.

octokit.rest.issues.checkUserCanBeAssignedToIssue({
  owner,
  repo,
  issue_number,
  assignee,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

assigneeyes

See also: GitHub Developer Guide documentation.

Create an issue

Any user with pull access to a repository can create an issue. If issues are disabled in the repository, the API returns a 410 Gone status.

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "Rate limits for the API" and "Best practices for using the REST API."

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.
octokit.rest.issues.create({
  owner,
  repo,
  title,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

titleyes

The title of the issue.

bodyno

The contents of the issue.

assigneeno

Login for the user that this issue should be assigned to. NOTE: Only users with push access can set the assignee for new issues. The assignee is silently dropped otherwise. This field is deprecated.

milestoneno
labelsno

Labels to associate with this issue. NOTE: Only users with push access can set labels for new issues. Labels are silently dropped otherwise.

assigneesno

Logins for Users to assign to this issue. NOTE: Only users with push access can set assignees for new issues. Assignees are silently dropped otherwise.

See also: GitHub Developer Guide documentation.

Create an issue comment

You can use the REST API to create comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request.

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. For more information, see "Rate limits for the API" and "Best practices for using the REST API."

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.
octokit.rest.issues.createComment({
  owner,
  repo,
  issue_number,
  body,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

bodyyes

The contents of the comment.

See also: GitHub Developer Guide documentation.

Create a label

Creates a label for the specified repository with the given name and color. The name and color parameters are required. The color must be a valid hexadecimal color code.

octokit.rest.issues.createLabel({
  owner,
  repo,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

nameyes

The name of the label. Emoji can be added to label names, using either native emoji or colon-style markup. For example, typing :strawberry: will render the emoji :strawberry:. For a full list of available emoji and codes, see "Emoji cheat sheet."

colorno

The hexadecimal color code for the label, without the leading #.

descriptionno

A short description of the label. Must be 100 characters or fewer.

See also: GitHub Developer Guide documentation.

Create a milestone

Creates a milestone.

octokit.rest.issues.createMilestone({
  owner,
  repo,
  title,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

titleyes

The title of the milestone.

stateno

The state of the milestone. Either open or closed.

descriptionno

A description of the milestone.

due_onno

The milestone due date. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

See also: GitHub Developer Guide documentation.

Delete an issue comment

You can use the REST API to delete comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request.

octokit.rest.issues.deleteComment({
  owner,
  repo,
  comment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

See also: GitHub Developer Guide documentation.

Delete a label

Deletes a label using the given label name.

octokit.rest.issues.deleteLabel({
  owner,
  repo,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

nameyes

See also: GitHub Developer Guide documentation.

Delete a milestone

Deletes a milestone using the given milestone number.

octokit.rest.issues.deleteMilestone({
  owner,
  repo,
  milestone_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

milestone_numberyes

The number that identifies the milestone.

See also: GitHub Developer Guide documentation.

Get an issue

The API returns a 301 Moved Permanently status if the issue was transferred to another repository. If the issue was transferred to or deleted from a repository where the authenticated user lacks read access, the API returns a 404 Not Found status. If the issue was deleted from a repository where the authenticated user has read access, the API returns a 410 Gone status. To receive webhook events for transferred and deleted issues, subscribe to the issues webhook.

Note: GitHub's REST API considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the pull_request key. Be aware that the id of a pull request returned from "Issues" endpoints will be an issue id. To find out the pull request id, use the "List pull requests" endpoint.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.
octokit.rest.issues.get({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

See also: GitHub Developer Guide documentation.

Get an issue comment

You can use the REST API to get comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.
octokit.rest.issues.getComment({
  owner,
  repo,
  comment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

See also: GitHub Developer Guide documentation.

Get an issue event

Gets a single event by the event id.

octokit.rest.issues.getEvent({
  owner,
  repo,
  event_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

event_idyes

See also: GitHub Developer Guide documentation.

Get a label

Gets a label using the given name.

octokit.rest.issues.getLabel({
  owner,
  repo,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

nameyes

See also: GitHub Developer Guide documentation.

Get a milestone

Gets a milestone using the given milestone number.

octokit.rest.issues.getMilestone({
  owner,
  repo,
  milestone_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

milestone_numberyes

The number that identifies the milestone.

See also: GitHub Developer Guide documentation.

List issues assigned to the authenticated user

List issues assigned to the authenticated user across all visible repositories including owned repositories, member repositories, and organization repositories. You can use the filter query parameter to fetch issues that are not necessarily assigned to you.

Note: GitHub's REST API considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the pull_request key. Be aware that the id of a pull request returned from "Issues" endpoints will be an issue id. To find out the pull request id, use the "List pull requests" endpoint.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.
octokit.rest.issues.list();

Parameters

namerequireddescription
filterno

Indicates which sorts of issues to return. assigned means issues assigned to you. created means issues created by you. mentioned means issues mentioning you. subscribed means issues you're subscribed to updates for. all or repos means all issues you can see, regardless of participation or creation.

stateno

Indicates the state of the issues to return.

labelsno

A list of comma separated label names. Example: bug,ui,@high

sortno

What to sort results by.

directionno

The direction to sort the results by.

sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

collabno
orgsno
ownedno
pullsno
per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List assignees

Lists the available assignees for issues in a repository.

octokit.rest.issues.listAssignees({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List issue comments

You can use the REST API to list comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request.

Issue comments are ordered by ascending ID.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.
octokit.rest.issues.listComments({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List issue comments for a repository

You can use the REST API to list comments on issues and pull requests for a repository. Every pull request is an issue, but not every issue is a pull request.

By default, issue comments are ordered by ascending ID.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.
octokit.rest.issues.listCommentsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

sortno

The property to sort the results by.

directionno

Either asc or desc. Ignored without the sort parameter.

sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List issue events

Lists all events for an issue.

octokit.rest.issues.listEvents({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List issue events for a repository

Lists events for a repository.

octokit.rest.issues.listEventsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List timeline events for an issue

List all timeline events for an issue.

octokit.rest.issues.listEventsForTimeline({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List user account issues assigned to the authenticated user

List issues across owned and member repositories assigned to the authenticated user.

Note: GitHub's REST API considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the pull_request key. Be aware that the id of a pull request returned from "Issues" endpoints will be an issue id. To find out the pull request id, use the "List pull requests" endpoint.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.
octokit.rest.issues.listForAuthenticatedUser();

Parameters

namerequireddescription
filterno

Indicates which sorts of issues to return. assigned means issues assigned to you. created means issues created by you. mentioned means issues mentioning you. subscribed means issues you're subscribed to updates for. all or repos means all issues you can see, regardless of participation or creation.

stateno

Indicates the state of the issues to return.

labelsno

A list of comma separated label names. Example: bug,ui,@high

sortno

What to sort results by.

directionno

The direction to sort the results by.

sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List organization issues assigned to the authenticated user

List issues in an organization assigned to the authenticated user.

Note: GitHub's REST API considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the pull_request key. Be aware that the id of a pull request returned from "Issues" endpoints will be an issue id. To find out the pull request id, use the "List pull requests" endpoint.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.
octokit.rest.issues.listForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

filterno

Indicates which sorts of issues to return. assigned means issues assigned to you. created means issues created by you. mentioned means issues mentioning you. subscribed means issues you're subscribed to updates for. all or repos means all issues you can see, regardless of participation or creation.

stateno

Indicates the state of the issues to return.

labelsno

A list of comma separated label names. Example: bug,ui,@high

sortno

What to sort results by.

directionno

The direction to sort the results by.

sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List repository issues

List issues in a repository. Only open issues will be listed.

Note: GitHub's REST API considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the pull_request key. Be aware that the id of a pull request returned from "Issues" endpoints will be an issue id. To find out the pull request id, use the "List pull requests" endpoint.

This endpoint supports the following custom media types. For more information, see "Media types."

  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.
octokit.rest.issues.listForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

milestoneno

If an integer is passed, it should refer to a milestone by its number field. If the string * is passed, issues with any milestone are accepted. If the string none is passed, issues without milestones are returned.

stateno

Indicates the state of the issues to return.

assigneeno

Can be the name of a user. Pass in none for issues with no assigned user, and * for issues assigned to any user.

creatorno

The user that created the issue.

mentionedno

A user that's mentioned in the issue.

labelsno

A list of comma separated label names. Example: bug,ui,@high

sortno

What to sort results by.

directionno

The direction to sort the results by.

sinceno

Only show results that were last updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List labels for issues in a milestone

Lists labels for issues in a milestone.

octokit.rest.issues.listLabelsForMilestone({
  owner,
  repo,
  milestone_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

milestone_numberyes

The number that identifies the milestone.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List labels for a repository

Lists all labels for a repository.

octokit.rest.issues.listLabelsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List labels for an issue

Lists all labels for an issue.

octokit.rest.issues.listLabelsOnIssue({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

List milestones

Lists milestones for a repository.

octokit.rest.issues.listMilestones({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

stateno

The state of the milestone. Either open, closed, or all.

sortno

What to sort results by. Either due_on or completeness.

directionno

The direction of the sort. Either asc or desc.

per_pageno

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

pageno

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

See also: GitHub Developer Guide documentation.

Lock an issue

Users with push access can lock an issue or pull request's conversation.

Note that, if you choose not to pass any parameters, you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP method."

octokit.rest.issues.lock({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository without the .git extension. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

lock_reasonno

The reason for locking the issue or pull request conversation. Lock will fail if you don't use one of these reasons:

  • off-topic
  • too heated
  • resolved
  • spam

See also: GitHub Developer Guide documentation.

Remove all labels from an issue

Removes all labels from an issue.

octokit.rest.issues.removeAllLabels({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the reposito