The GitHub App API is the set of REST/GraphQL endpoints and webhooks that lets a GitHub App securely integrate with and automate work across GitHub. Apps authenticate with a shortlived JSON Web Token and exchange it for installation access tokens to act on specific repositories or organizations with finegrained, leastprivilege permissions, or use user-to-server OAuth to act on behalf of a user when needed.
openapi: 3.0.3
info:
version: 1.1.4
title: GitHub Application API
description: |-
Use the REST API to retrieve information about GitHub Apps and GitHub App
installations.
license:
name: MIT
url: https://spdx.org/licenses/MIT
termsOfService: https://docs.github.com/articles/github-terms-of-service
contact:
name: Support
url: https://support.github.com/contact?tags=dotcom-rest-api
x-github-plan: ghes
x-github-release: 3.9
tags:
- name: Access
- name: Add
- name: Applications
- name: Authenticated
- name: Authorization
- name: Branches
- name: Checks
- name: Configuration
- name: Create
- name: Delete
- name: Deliveries
- name: Get
- name: Grants
- name: History
- name: Installations
- name: Lists
- name: Manifest
- name: Protected
- name: Re-Deliver
- name: Remove
- name: Requests
- name: Reset
- name: Restrictions
- name: Reviews
- name: Runs
- name: Scoped
- name: Sets
- name: Single
- name: Suspend
- name: Tokens
- name: Unsuspend
- name: Update
- name: Webhooks
- name: Workflows
servers:
- url: '{protocol}://{hostname}/api/v3'
variables:
hostname:
description: Self-hosted Enterprise Server hostname
default: HOSTNAME
protocol:
description: Self-hosted Enterprise Server protocol
default: http
externalDocs:
description: GitHub Enterprise Developer Docs
url: https://docs.github.com/[email protected]/rest/
paths:
/app:
get:
summary: GitHub Get the Authenticated App
description: >-
Returns the GitHub App associated with the authentication credentials
used. To see how many app installations are associated with this GitHub
App, see the `installations_count` in the response. For more details
about your app's installations, see the "[List installations for the
authenticated
app](https://docs.github.com/[email protected]/rest/apps/apps#list-installations-for-the-authenticated-app)"
endpoint.
You must use a
[JWT](https://docs.github.com/[email protected]/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app)
to access this endpoint.
tags:
- Applications
- Authenticated
- Get
operationId: getTheAuthenticatedApp
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/apps#get-the-authenticated-app
parameters: []
responses:
'200':
description: Response
content:
application/json:
schema:
$ref: '#/components/schemas/integration'
examples:
default:
$ref: '#/components/examples/integration'
x-github:
githubCloudOnly: false
enabledForGitHubApps: true
category: apps
subcategory: apps
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/app-manifests/{code}/conversions:
post:
summary: GitHub Creategithub App Frommanifest
description: >-
Use this endpoint to complete the handshake necessary when implementing
the [GitHub App Manifest
flow](https://docs.github.com/[email protected]/apps/building-github-apps/creating-github-apps-from-a-manifest/).
When you create a GitHub App with the manifest flow, you receive a
temporary `code` used to retrieve the GitHub App's `id`, `pem` (private
key), and `webhook_secret`.
tags:
- Applications
- Create
- Manifest
operationId: creategithubAppFrommanifest
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/apps#create-a-github-app-from-a-manifest
parameters:
- name: code
in: path
required: true
schema:
type: string
example: example_value
responses:
'201':
description: Response
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/integration'
- type: object
properties:
client_id:
type: string
client_secret:
type: string
webhook_secret:
type: string
nullable: true
pem:
type: string
required:
- client_id
- client_secret
- webhook_secret
- pem
additionalProperties: true
examples:
default:
$ref: '#/components/examples/integration-from-manifest'
'404':
$ref: '#/components/responses/not_found'
'422':
$ref: '#/components/responses/validation_failed_simple'
x-github:
githubCloudOnly: false
enabledForGitHubApps: false
category: apps
subcategory: apps
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/app/hook/config:
get:
summary: GitHub Getwebhook Configuration for an App
description: >-
Returns the webhook configuration for a GitHub App. For more information
about configuring a webhook for your app, see "[Creating a GitHub
App](/developers/apps/creating-a-github-app)."
You must use a
[JWT](https://docs.github.com/[email protected]/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app)
to access this endpoint.
tags:
- Applications
- Configuration
- Get
- Webhooks
operationId: getwebhookConfigurationForAnApp
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/webhooks#get-a-webhook-configuration-for-an-app
responses:
'200':
description: Response
content:
application/json:
schema:
$ref: '#/components/schemas/webhook-config'
examples:
default:
$ref: '#/components/examples/webhook-config'
x-github:
githubCloudOnly: false
enabledForGitHubApps: false
category: apps
subcategory: webhooks
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
patch:
summary: GitHub Updatewebhook Configuration for an App
description: >-
Updates the webhook configuration for a GitHub App. For more information
about configuring a webhook for your app, see "[Creating a GitHub
App](/developers/apps/creating-a-github-app)."
You must use a
[JWT](https://docs.github.com/[email protected]/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app)
to access this endpoint.
tags:
- Applications
- Configuration
- Update
- Webhooks
operationId: updatewebhookConfigurationForAnApp
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/webhooks#update-a-webhook-configuration-for-an-app
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
url:
$ref: '#/components/schemas/webhook-config-url'
content_type:
$ref: '#/components/schemas/webhook-config-content-type'
secret:
$ref: '#/components/schemas/webhook-config-secret'
insecure_ssl:
$ref: '#/components/schemas/webhook-config-insecure-ssl'
examples:
default:
value:
content_type: json
insecure_ssl: '0'
secret: '********'
url: https://example.com/webhook
responses:
'200':
description: Response
content:
application/json:
schema:
$ref: '#/components/schemas/webhook-config'
examples:
default:
$ref: '#/components/examples/webhook-config'
x-github:
githubCloudOnly: false
enabledForGitHubApps: false
category: apps
subcategory: webhooks
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/app/hook/deliveries:
get:
summary: GitHub List Deliveries for an App Webhook
description: >-
Returns a list of webhook deliveries for the webhook configured for a
GitHub App.
You must use a
[JWT](https://docs.github.com/[email protected]/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app)
to access this endpoint.
tags:
- Applications
- Deliveries
- Lists
- Webhooks
operationId: listDeliveriesForAnAppWebhook
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/webhooks#list-deliveries-for-an-app-webhook
parameters:
- $ref: '#/components/parameters/per-page'
- $ref: '#/components/parameters/cursor'
- name: redelivery
in: query
required: false
schema:
type: boolean
example: true
responses:
'200':
description: Response
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/hook-delivery-item'
examples:
default:
$ref: '#/components/examples/hook-delivery-items'
'400':
$ref: '#/components/responses/bad_request'
'422':
$ref: '#/components/responses/validation_failed'
x-github:
githubCloudOnly: false
enabledForGitHubApps: false
category: apps
subcategory: webhooks
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/app/hook/deliveries/{delivery_id}:
get:
summary: GitHub Getdelivery for an App Webhook
description: >-
Returns a delivery for the webhook configured for a GitHub App.
You must use a
[JWT](https://docs.github.com/[email protected]/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app)
to access this endpoint.
tags:
- Applications
- Deliveries
- Get
- Webhooks
operationId: getdeliveryForAnAppWebhook
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/webhooks#get-a-delivery-for-an-app-webhook
parameters:
- $ref: '#/components/parameters/delivery-id'
responses:
'200':
description: Response
content:
application/json:
schema:
$ref: '#/components/schemas/hook-delivery'
examples:
default:
$ref: '#/components/examples/hook-delivery'
'400':
$ref: '#/components/responses/bad_request'
'422':
$ref: '#/components/responses/validation_failed'
x-github:
githubCloudOnly: false
enabledForGitHubApps: false
category: apps
subcategory: webhooks
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/app/hook/deliveries/{delivery_id}/attempts:
post:
summary: GitHub Redeliverdelivery for an App Webhook
description: >-
Redeliver a delivery for the webhook configured for a GitHub App.
You must use a
[JWT](https://docs.github.com/[email protected]/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app)
to access this endpoint.
tags:
- Applications
- Deliveries
- Re-Deliver
- Webhooks
operationId: redeliverdeliveryForAnAppWebhook
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/webhooks#redeliver-a-delivery-for-an-app-webhook
parameters:
- $ref: '#/components/parameters/delivery-id'
responses:
'202':
$ref: '#/components/responses/accepted'
'400':
$ref: '#/components/responses/bad_request'
'422':
$ref: '#/components/responses/validation_failed'
x-github:
githubCloudOnly: false
enabledForGitHubApps: false
category: apps
subcategory: webhooks
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/app/installation-requests:
get:
summary: GitHub List Installation Requests for the Authenticated App
description: >-
Lists all the pending installation requests for the authenticated GitHub
App.
tags:
- Applications
- Authenticated
- Installations
- Lists
- Requests
operationId: listInstallationRequestsForTheAuthenticatedApp
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/apps#list-installation-requests-for-the-authenticated-app
parameters:
- $ref: '#/components/parameters/per-page'
- $ref: '#/components/parameters/page'
responses:
'200':
description: List of integration installation requests
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/integration-installation-request'
examples:
exampleKey1:
$ref: >-
#/components/examples/integration-installation-request-paginated
'304':
$ref: '#/components/responses/not_modified'
'401':
$ref: '#/components/responses/requires_authentication'
x-github:
githubCloudOnly: false
enabledForGitHubApps: true
category: apps
subcategory: apps
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/app/installations:
get:
summary: GitHub List Installations for the Authenticated App
description: >-
The permissions the installation has are included under the
`permissions` key.
You must use a
[JWT](https://docs.github.com/[email protected]/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app)
to access this endpoint.
tags:
- Applications
- Authenticated
- Installations
- Lists
operationId: listInstallationsForTheAuthenticatedApp
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/apps#list-installations-for-the-authenticated-app
parameters:
- $ref: '#/components/parameters/per-page'
- $ref: '#/components/parameters/page'
- $ref: '#/components/parameters/since'
- name: outdated
in: query
required: false
schema:
type: string
example: '2026-04-17T12:00:00Z'
responses:
'200':
description: >-
The permissions the installation has are included under the
`permissions` key.
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/installation'
examples:
default:
$ref: '#/components/examples/base-installation-items'
headers:
Link:
$ref: '#/components/headers/link'
x-github:
githubCloudOnly: false
enabledForGitHubApps: true
category: apps
subcategory: apps
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/app/installations/{installation_id}:
get:
summary: GitHub Get an Installation for the Authenticated App
description: >-
Enables an authenticated GitHub App to find an installation's
information using the installation id.
You must use a
[JWT](https://docs.github.com/[email protected]/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app)
to access this endpoint.
tags:
- Applications
- Authenticated
- Get
- Installations
operationId: getAnInstallationForTheAuthenticatedApp
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/apps#get-an-installation-for-the-authenticated-app
parameters:
- $ref: '#/components/parameters/installation-id'
responses:
'200':
description: Response
content:
application/json:
schema:
$ref: '#/components/schemas/installation'
examples:
default:
$ref: '#/components/examples/base-installation'
'404':
$ref: '#/components/responses/not_found'
x-github:
githubCloudOnly: false
enabledForGitHubApps: true
category: apps
subcategory: apps
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
delete:
summary: GitHub Delete an Installation for the Authenticated App
description: >-
Uninstalls a GitHub App on a user, organization, or business account. If
you prefer to temporarily suspend an app's access to your account's
resources, then we recommend the "[Suspend an app
installation](https://docs.github.com/[email protected]/rest/apps/apps#suspend-an-app-installation)"
endpoint.
You must use a
[JWT](https://docs.github.com/[email protected]/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app)
to access this endpoint.
tags:
- Applications
- Authenticated
- Delete
- Installations
operationId: deleteAnInstallationForTheAuthenticatedApp
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/apps#delete-an-installation-for-the-authenticated-app
parameters:
- $ref: '#/components/parameters/installation-id'
responses:
'204':
description: Response
'404':
$ref: '#/components/responses/not_found'
x-github:
githubCloudOnly: false
enabledForGitHubApps: false
category: apps
subcategory: apps
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/app/installations/{installation_id}/access_tokens:
post:
summary: GitHub Create an Installation Access Token for an App
description: >-
Creates an installation access token that enables a GitHub App to make
authenticated API requests for the app's installation on an organization
or individual account. Installation tokens expire one hour from the time
you create them. Using an expired token produces a status code of `401 -
Unauthorized`, and requires creating a new installation token. By
default the installation token has access to all repositories that the
installation can access.
Optionally, you can use the `repositories` or `repository_ids` body
parameters to specify individual repositories that the installation
access token can access. If you don't use `repositories` or
`repository_ids` to grant access to specific repositories, the
installation access token will have access to all repositories that the
installation was granted access to. The installation access token cannot
be granted access to repositories that the installation was not granted
access to. Up to 500 repositories can be listed in this manner.
Optionally, use the `permissions` body parameter to specify the
permissions that the installation access token should have. If
`permissions` is not specified, the installation access token will have
all of the permissions that were granted to the app. The installation
access token cannot be granted permissions that the app was not granted.
When using the repository or permission parameters to reduce the access
of the token, the complexity of the token is increased due to both the
number of permissions in the request and the number of repositories the
token will have access to. If the complexity is too large, the token
will fail to be issued. If this occurs, the error message will indicate
the maximum number of repositories that should be requested. For the
average application requesting 8 permissions, this limit is around 5000
repositories. With fewer permissions requested, more repositories are
supported.
You must use a
[JWT](https://docs.github.com/[email protected]/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app)
to access this endpoint.
tags:
- Access
- Applications
- Create
- Installations
- Tokens
operationId: createAnInstallationAccessTokenForAnApp
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/apps#create-an-installation-access-token-for-an-app
parameters:
- $ref: '#/components/parameters/installation-id'
requestBody:
required: false
content:
application/json:
schema:
type: object
properties:
repositories:
description: >-
List of repository names that the token should have access
to
type: array
items:
type: string
example: rails
repository_ids:
description: List of repository IDs that the token should have access to
example:
- 1
type: array
items:
type: integer
permissions:
$ref: '#/components/schemas/app-permissions'
examples:
default:
value:
repositories:
- Hello-World
permissions:
issues: write
contents: read
responses:
'201':
description: Response
content:
application/json:
schema:
$ref: '#/components/schemas/installation-token'
examples:
default:
$ref: '#/components/examples/installation-token'
'401':
$ref: '#/components/responses/requires_authentication'
'403':
$ref: '#/components/responses/forbidden'
'404':
$ref: '#/components/responses/not_found'
'422':
$ref: '#/components/responses/validation_failed'
x-github:
githubCloudOnly: false
enabledForGitHubApps: true
category: apps
subcategory: apps
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/app/installations/{installation_id}/suspended:
put:
summary: GitHub Suspend an App Installation
description: >-
Suspends a GitHub App on a user, organization, or business account,
which blocks the app from accessing the account's resources. When a
GitHub App is suspended, the app's access to the GitHub Enterprise
Server API or webhook events is blocked for that account.
You must use a
[JWT](https://docs.github.com/[email protected]/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app)
to access this endpoint.
tags:
- Applications
- Installations
- Suspend
operationId: suspendAnAppInstallation
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/apps#suspend-an-app-installation
parameters:
- $ref: '#/components/parameters/installation-id'
responses:
'204':
description: Response
'404':
$ref: '#/components/responses/not_found'
x-github:
githubCloudOnly: false
enabledForGitHubApps: false
category: apps
subcategory: apps
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
delete:
summary: GitHub Unsuspend an App Installation
description: >-
Removes a GitHub App installation suspension.
You must use a
[JWT](https://docs.github.com/[email protected]/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app)
to access this endpoint.
tags:
- Applications
- Installations
- Unsuspend
operationId: unsuspendAnAppInstallation
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/apps/apps#unsuspend-an-app-installation
parameters:
- $ref: '#/components/parameters/installation-id'
responses:
'204':
description: Response
'404':
$ref: '#/components/responses/not_found'
x-github:
githubCloudOnly: false
enabledForGitHubApps: false
category: apps
subcategory: apps
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/applications/grants:
get:
summary: GitHub List Your Grants
description: >-
**Deprecation Notice:** GitHub Enterprise Server will discontinue the
[OAuth Authorizations
API](https://docs.github.com/[email protected]/rest/oauth-authorizations/oauth-authorizations/),
which is used by integrations to create personal access tokens and OAuth
tokens, and you must now create these tokens using our [web application
flow](https://docs.github.com/[email protected]/developers/apps/authorizing-oauth-apps#web-application-flow).
The [OAuth Authorizations
API](https://docs.github.com/[email protected]/rest/oauth-authorizations/oauth-authorizations)
will be removed on November, 13, 2020. For more information, including
scheduled brownouts, see the [blog
post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-auth-endpoint/).
You can use this API to list the set of OAuth applications that have
been granted access to your account. Unlike the [list your
authorizations](https://docs.github.com/[email protected]/rest/oauth-authorizations/oauth-authorizations#list-your-authorizations)
API, this API does not manage individual tokens. This API will return
one entry for each OAuth application that has been granted access to
your account, regardless of the number of tokens an application has
generated for your user. The list of OAuth applications returned matches
what is shown on [the application authorizations settings screen within
GitHub](https://github.com/settings/applications#authorized). The
`scopes` returned are the union of scopes authorized for the
application. For example, if an application has one token with `repo`
scope and another token with `user` scope, the grant will return
`["repo", "user"]`.
tags:
- Grants
- Lists
operationId: listYourGrants
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/oauth-authorizations/oauth-authorizations#list-your-grants
parameters:
- $ref: '#/components/parameters/per-page'
- $ref: '#/components/parameters/page'
- name: client_id
in: query
required: false
description: The client ID of your GitHub app.
schema:
type: string
example: '12345678'
responses:
'200':
description: Response
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/application-grant'
examples:
default:
$ref: '#/components/examples/application-grant-items'
headers:
Link:
$ref: '#/components/headers/link'
'304':
$ref: '#/components/responses/not_modified'
'401':
$ref: '#/components/responses/requires_authentication'
'403':
$ref: '#/components/responses/forbidden'
'404':
$ref: '#/components/responses/not_found'
x-github:
githubCloudOnly: false
enabledForGitHubApps: false
removalDate: '2020-11-13'
deprecationDate: '2020-02-14'
category: oauth-authorizations
subcategory: oauth-authorizations
deprecated: true
security:
- bearerHttpAuthentication: []
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/applications/grants/{grant_id}:
get:
summary: GitHub Getsingle Grant
description: >-
**Deprecation Notice:** GitHub Enterprise Server will discontinue the
[OAuth Authorizations
API](https://docs.github.com/[email protected]/rest/oauth-authorizations/oauth-authorizations),
which is used by integrations to create personal access tokens and OAuth
tokens, and you must now create these tokens using our [web application
flow](https://docs.github.com/[email protected]/apps/building-oauth-apps/authorizing-oauth-apps/#web-application-flow).
The [OAuth Authorizations
API](https://docs.github.com/[email protected]/rest/oauth-authorizations/oauth-authorizations)
will be removed on November, 13, 2020. For more information, including
scheduled brownouts, see the [blog
post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-auth-endpoint/).
tags:
- Get
- Grants
- Single
operationId: getsingleGrant
externalDocs:
description: API method documentation
url: >-
https://docs.github.com/[email protected]/rest/oauth-authorizations/oauth-authorizations#get-a-single-grant
parameters:
- $ref: '#/components/parameters/grant-id'
responses:
'200':
description: Response
content:
application/json:
schema:
$ref: '#/components/schemas/application-grant'
examples:
default:
$ref: '#/components/examples/application-grant'
'304':
$ref: '#/components/responses/not_modified'
'401
# --- truncated at 32 KB (4699 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/github/refs/heads/main/openapi/github-app-api-openapi.yml