Search
K
Internal DocumentHub admin Api very long name and description

Create an installation access token for an app

Creates an installation access token that enables a GitHub App to make authenticated API requests for the app’s installation on an organization or individual account. Installation tokens expire one hour from the time you create them. Using an expired token produces a status code of 401 - Unauthorized, and requires creating a new installation token. By default the installation token has access to all repositories that the installation can access. To restrict the access to specific repositories, you can provide the repository_ids when creating the token. When you omit repository_ids, the response does not contain the repositories key.

You must use a JWT to access this endpoint.

post
http://HOSTNAME/api/v3/app/installations/{installation_id}/access_tokens

Path Parameters

installation_idintegerrequired

installation_id parameter

Body

application/json
repositoriesarray[string]

List of repository names that the token should have access to

Example:rails

repository_idsarray[integer]

List of repository IDs that the token should have access to

Example:[1]

permissionsobject

The permissions granted to the user-to-server access token.

Example:{"contents":"read","issues":"read","deployments":"write","single_file":"read"}

Show Child Parameters

Response

application/json

Response

Installation Token

Authentication token for a GitHub App installed on a user or org.

tokenstringrequired
expires_atstringrequired
permissionsobject

The permissions granted to the user-to-server access token.

Example:{"contents":"read","issues":"read","deployments":"write","single_file":"read"}

Show Child Parameters
repository_selectionstring

Allowed values:allselected

repositoriesarray[object]

A git repository

Show Child Parameters
single_filestring

Example:README.md

has_multiple_single_filesboolean

Example:true

single_file_pathsarray[string]

Example:["config.yml",".github/issue_TEMPLATE.md"]

 
application/json

Suspend an app installation

Suspends a GitHub App on a user, organization, or business account, which blocks the app from accessing the account’s resources. When a GitHub App is suspended, the app’s access to the GitHub Enterprise Server API or webhook events is blocked for that account.

You must use a JWT to access this endpoint.

put
http://HOSTNAME/api/v3/app/installations/{installation_id}/suspended

Path Parameters

installation_idintegerrequired

installation_id parameter

Response

Response

 

Unsuspend an app installation

Removes a GitHub App installation suspension.

You must use a JWT to access this endpoint.

delete
http://HOSTNAME/api/v3/app/installations/{installation_id}/suspended

Path Parameters

installation_idintegerrequired

installation_id parameter

Response

Response

 

Delete an app authorization

OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use Basic Authentication when accessing this endpoint, using the OAuth application’s client_id and client_secret as the username and password. You must also provide a valid OAuth access_token as an input parameter and the grant for the token’s owner will be deleted.
Deleting an OAuth application’s grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user’s account and will no longer be listed on the application authorizations settings screen within GitHub.

delete
http://HOSTNAME/api/v3/applications/{client_id}/grant

Path Parameters

client_idstringrequired

The client ID of your GitHub app.

Body

application/json
access_tokenstringrequired

The OAuth access token used to authenticate to the GitHub API.

Response

Response

 

Check a token

OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use Basic Authentication to use this endpoint, where the username is the OAuth application client_id and the password is its client_secret. Invalid tokens will return 404 NOT FOUND.

post
http://HOSTNAME/api/v3/applications/{client_id}/token

Path Parameters

client_idstringrequired

The client ID of your GitHub app.

Body

application/json
access_tokenstringrequired

The access_token of the OAuth application.

Response

application/json

Response

Authorization

The authorization for an OAuth app, GitHub App, or a Personal Access Token.

idintegerrequired
urlstring(uri)required
scopesarray | null[string]required

A list of scopes that this authorization is in.

tokenstringrequired
token_last_eightstring | nullrequired
hashed_tokenstring | nullrequired
appobjectrequired
Show Child Parameters
notestring | nullrequired
note_urlstring | null(uri)required
updated_atstring(date-time)required
created_atstring(date-time)required
fingerprintstring | nullrequired
userobject | null

Simple User

Show Child Parameters
installationobject | null
Show Child Parameters
 
application/json