Skip to main content
The REST API is now versioned. For more information, see "About API versioning."

REST API endpoints for repository interactions

Use the REST API to temporarily restrict which type of user can comment, open issues, or create pull requests in a public repository.

Who can use this feature?

People with owner or admin access to temporarily restrict which type of user can comment, open issues, or create pull requests in a public repository.

About repository interactions

People with owner or admin access can use the REST API to temporarily restrict which type of user can comment, open issues, or create pull requests in a public repository. When restrictions are enabled, only the specified type of GitHub Enterprise Cloud user will be able to participate in interactions. Restrictions automatically expire after a defined duration. Here's more about the types of GitHub Enterprise Cloud users:

  • Existing users: When you limit interactions to existing_users, new users with accounts less than 24 hours old who have not previously contributed and are not collaborators will be temporarily restricted in the repository.
  • Contributors only: When you limit interactions to contributors_only, users who have not previously contributed and are not collaborators will be temporarily restricted in the repository.
  • Collaborators only: When you limit interactions to collaborators_only, users who are not collaborators will be temporarily restricted in the repository.

If an interaction limit is enabled for the user or organization that owns the repository, the limit cannot be changed for the individual repository. Instead, use the User or Organization interactions endpoints to change the interaction limit.

Get interaction restrictions for a repository

Shows which type of GitHub user can interact with this repository and when the restriction expires. If there are no restrictions, you will see an empty response.

Fine-grained access tokens for "Get interaction restrictions for a repository"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Administration" repository permissions (read)

Parameters for "Get interaction restrictions for a repository"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
owner string Required

The account owner of the repository. The name is not case sensitive.

repo string Required

The name of the repository without the .git extension. The name is not case sensitive.

HTTP response status codes for "Get interaction restrictions for a repository"

Status codeDescription
200

OK

Code samples for "Get interaction restrictions for a repository"

If you access GitHub at GHE.com, replace api.github.com with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com.

Request example

get/repos/{owner}/{repo}/interaction-limits
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/interaction-limits

Response

Status: 200
{ "limit": "collaborators_only", "origin": "repository", "expires_at": "2018-08-17T04:18:39Z" }

Set interaction restrictions for a repository

Temporarily restricts interactions to a certain type of GitHub user within the given repository. You must have owner or admin access to set these restrictions. If an interaction limit is set for the user or organization that owns this repository, you will receive a 409 Conflict response and will not be able to use this endpoint to change the interaction limit for a single repository.

Fine-grained access tokens for "Set interaction restrictions for a repository"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Administration" repository permissions (write)

Parameters for "Set interaction restrictions for a repository"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
owner string Required

The account owner of the repository. The name is not case sensitive.

repo string Required

The name of the repository without the .git extension. The name is not case sensitive.

Body parameters
Name, Type, Description
limit string Required

The type of GitHub user that can comment, open issues, or create pull requests while the interaction limit is in effect.

Can be one of: existing_users, contributors_only, collaborators_only

expiry string

The duration of the interaction restriction. Default: one_day.

Can be one of: one_day, three_days, one_week, one_month, six_months

HTTP response status codes for "Set interaction restrictions for a repository"

Status codeDescription
200

OK

409

Conflict

Code samples for "Set interaction restrictions for a repository"

If you access GitHub at GHE.com, replace api.github.com with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com.

Request example

put/repos/{owner}/{repo}/interaction-limits
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/interaction-limits \ -d '{"limit":"collaborators_only","expiry":"one_day"}'

Response

Status: 200
{ "limit": "collaborators_only", "origin": "repository", "expires_at": "2018-08-17T04:18:39Z" }

Remove interaction restrictions for a repository

Removes all interaction restrictions from the given repository. You must have owner or admin access to remove restrictions. If the interaction limit is set for the user or organization that owns this repository, you will receive a 409 Conflict response and will not be able to use this endpoint to change the interaction limit for a single repository.

Fine-grained access tokens for "Remove interaction restrictions for a repository"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Administration" repository permissions (write)

Parameters for "Remove interaction restrictions for a repository"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
owner string Required

The account owner of the repository. The name is not case sensitive.

repo string Required

The name of the repository without the .git extension. The name is not case sensitive.

HTTP response status codes for "Remove interaction restrictions for a repository"

Status codeDescription
204

No Content

409

Conflict

Code samples for "Remove interaction restrictions for a repository"

If you access GitHub at GHE.com, replace api.github.com with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com.

Request example

delete/repos/{owner}/{repo}/interaction-limits
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/interaction-limits

Response

Status: 204