Collaborators - GitHub Enterprise Server 3.5 Docs

Use the REST API to manage collaborators for a repository.

List repository collaborators

For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.

Team members will include the members of child teams.

You must authenticate using an access token with the read:org and repo scopes with push access to use this endpoint. GitHub Apps must have the members organization permission and metadata repository permission to use this endpoint.

Parameters for "List repository collaborators"

Headers
Name, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.
Path parameters
Name, Type, Description
`owner` string Required The account owner of the repository. The name is not case sensitive.
`repo` string Required The name of the repository without the `.git` extension. The name is not case sensitive.
Query parameters
Name, Type, Description
`affiliation` string Filter collaborators returned by their affiliation. `outside` means all outside collaborators of an organization-owned repository. `direct` means all collaborators with permissions to an organization-owned repository, regardless of organization membership status. `all` means all collaborators the authenticated user can see. Default: `all` Can be one of: `outside`, `direct`, `all`
`per_page` integer The number of results per page (max 100). Default: `30`
`page` integer Page number of the results to fetch. Default: `1`

HTTP response status codes for "List repository collaborators"

Status code	Description
`200`	OK
`404`	Resource not found

Code samples for "List repository collaborators"

get/repos/{owner}/{repo}/collaborators

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/collaborators

Response

Status: 200

[
  {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://HOSTNAME/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://HOSTNAME/users/octocat/followers",
    "following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
    "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
    "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
    "organizations_url": "https://HOSTNAME/users/octocat/orgs",
    "repos_url": "https://HOSTNAME/users/octocat/repos",
    "events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
    "received_events_url": "https://HOSTNAME/users/octocat/received_events",
    "type": "User",
    "site_admin": false,
    "permissions": {
      "pull": true,
      "triage": true,
      "push": true,
      "maintain": false,
      "admin": false
    },
    "role_name": "write"
  }
]

Check if a user is a repository collaborator

Works with GitHub Apps

Team members will include the members of child teams.

Parameters for "Check if a user is a repository collaborator"

Headers
Name, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.
Path parameters
Name, Type, Description
`owner` string Required The account owner of the repository. The name is not case sensitive.
`repo` string Required The name of the repository without the `.git` extension. The name is not case sensitive.
`username` string Required The handle for the GitHub user account.

HTTP response status codes for "Check if a user is a repository collaborator"

Status code	Description
`204`	Response if user is a collaborator
`404`	Not Found if user is not a collaborator

Code samples for "Check if a user is a repository collaborator"

get/repos/{owner}/{repo}/collaborators/{username}

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/collaborators/USERNAME

Response if user is a collaborator

Status: 204

Add a repository collaborator

Works with GitHub Apps

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

For more information on permission levels, see "Repository permission levels for an organization". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:

Cannot assign {member} permission of {role name}

Note that, if you choose not to pass any parameters, you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP verbs."

The invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the repository invitations API endpoints.

Updating an existing collaborator's permission level

The endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different permission parameter. The response will be a 204, with no other indication that the permission level changed.

Rate limits

You are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.

Parameters for "Add a repository collaborator"

Headers
Name, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.
Path parameters
Name, Type, Description
`owner` string Required The account owner of the repository. The name is not case sensitive.
`repo` string Required The name of the repository without the `.git` extension. The name is not case sensitive.
`username` string Required The handle for the GitHub user account.
Body parameters
Name, Type, Description
`permission` string The permission to grant the collaborator. Only valid on organization-owned repositories. Default: `push`

HTTP response status codes for "Add a repository collaborator"

Status code	Description
`201`	Response when a new invitation is created
`204`	Response when: an existing collaborator is added as a collaborator an organization member is added as an individual collaborator an existing team member (whose team is also a repository collaborator) is added as an individual collaborator
`403`	Forbidden
`422`	Validation failed, or the endpoint has been spammed.

Code samples for "Add a repository collaborator"

put/repos/{owner}/{repo}/collaborators/{username}

curl -L \
  -X PUT \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/collaborators/USERNAME \
  -d '{"permission":"triage"}'

Response when a new invitation is created

Status: 201

{
  "id": 1,
  "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
  "repository": {
    "id": 1296269,
    "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
    "name": "Hello-World",
    "full_name": "octocat/Hello-World",
    "owner": {
      "login": "octocat",
      "id": 1,
      "node_id": "MDQ6VXNlcjE=",
      "avatar_url": "https://github.com/images/error/octocat_happy.gif",
      "gravatar_id": "",
      "url": "https://HOSTNAME/users/octocat",
      "html_url": "https://github.com/octocat",
      "followers_url": "https://HOSTNAME/users/octocat/followers",
      "following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
      "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
      "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
      "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
      "organizations_url": "https://HOSTNAME/users/octocat/orgs",
      "repos_url": "https://HOSTNAME/users/octocat/repos",
      "events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
      "received_events_url": "https://HOSTNAME/users/octocat/received_events",
      "type": "User",
      "site_admin": false
    },
    "private": false,
    "html_url": "https://github.com/octocat/Hello-World",
    "description": "This your first repo!",
    "fork": false,
    "url": "https://HOSTNAME/repos/octocat/Hello-World",
    "archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
    "assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
    "blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
    "branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
    "collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
    "comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
    "commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
    "compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
    "contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
    "contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
    "deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
    "downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
    "events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
    "forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
    "git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
    "git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
    "git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
    "git_url": "git:github.com/octocat/Hello-World.git",
    "issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
    "issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
    "issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
    "keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
    "labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
    "languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
    "merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
    "milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
    "notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
    "pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
    "releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
    "ssh_url": "git@github.com:octocat/Hello-World.git",
    "stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
    "statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
    "subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
    "subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
    "tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
    "teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
    "trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
    "hooks_url": "http://HOSTNAME/repos/octocat/Hello-World/hooks"
  },
  "invitee": {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://HOSTNAME/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://HOSTNAME/users/octocat/followers",
    "following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
    "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
    "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
    "organizations_url": "https://HOSTNAME/users/octocat/orgs",
    "repos_url": "https://HOSTNAME/users/octocat/repos",
    "events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
    "received_events_url": "https://HOSTNAME/users/octocat/received_events",
    "type": "User",
    "site_admin": false
  },
  "inviter": {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://HOSTNAME/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://HOSTNAME/users/octocat/followers",
    "following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
    "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
    "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
    "organizations_url": "https://HOSTNAME/users/octocat/orgs",
    "repos_url": "https://HOSTNAME/users/octocat/repos",
    "events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
    "received_events_url": "https://HOSTNAME/users/octocat/received_events",
    "type": "User",
    "site_admin": false
  },
  "permissions": "write",
  "created_at": "2016-06-13T14:52:50-05:00",
  "url": "https://HOSTNAME/user/repository_invitations/1296269",
  "html_url": "https://github.com/octocat/Hello-World/invitations"
}

Remove a repository collaborator

Works with GitHub Apps

Removes a collaborator from a repository.

To use this endpoint, the authenticated user must either be an administrator of the repository or target themselves for removal.

This endpoint also:

Cancels any outstanding invitations
Unasigns the user from any issues
Removes access to organization projects if the user is not an organization member and is not a collaborator on any other organization repositories.
Unstars the repository
Updates access permissions to packages

Removing a user as a collaborator has the following effects on forks:

If the user had access to a fork through their membership to this repository, the user will also be removed from the fork.
If the user had their own fork of the repository, the fork will be deleted.
If the user still has read access to the repository, open pull requests by this user from a fork will be denied.

Note: A user can still have access to the repository through organization permissions like base repository permissions.

Although the API responds immediately, the additional permission updates might take some extra time to complete in the background.

For more information on fork permissions, see "About permissions and visibility of forks".

Parameters for "Remove a repository collaborator"

Headers
Name, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.
Path parameters
Name, Type, Description
`owner` string Required The account owner of the repository. The name is not case sensitive.
`repo` string Required The name of the repository without the `.git` extension. The name is not case sensitive.
`username` string Required The handle for the GitHub user account.

HTTP response status codes for "Remove a repository collaborator"

Status code	Description
`204`	No Content when collaborator was removed from the repository.
`403`	Forbidden
`422`	Validation failed, or the endpoint has been spammed.

Code samples for "Remove a repository collaborator"

delete/repos/{owner}/{repo}/collaborators/{username}

curl -L \
  -X DELETE \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/collaborators/USERNAME

No Content when collaborator was removed from the repository.

Status: 204

Get repository permissions for a user

Works with GitHub Apps

Checks the repository permission of a collaborator. The possible repository permissions are admin, write, read, and none.

Note: The permission attribute provides the legacy base roles of admin, write, read, and none, where the maintain role is mapped to write and the triage role is mapped to read. To determine the role assigned to the collaborator, see the role_name attribute, which will provide the full role name, including custom roles. The permissions hash can also be used to determine which base level of access the collaborator has to the repository.

Parameters for "Get repository permissions for a user"

Headers
Name, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.
Path parameters
Name, Type, Description
`owner` string Required The account owner of the repository. The name is not case sensitive.
`repo` string Required The name of the repository without the `.git` extension. The name is not case sensitive.
`username` string Required The handle for the GitHub user account.

HTTP response status codes for "Get repository permissions for a user"

Status code	Description
`200`	if user has admin permissions
`404`	Resource not found

Code samples for "Get repository permissions for a user"

get/repos/{owner}/{repo}/collaborators/{username}/permission

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/collaborators/USERNAME/permission

if user has admin permissions

Status: 200

{
  "permission": "admin",
  "role_name": "admin",
  "user": {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://HOSTNAME/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://HOSTNAME/users/octocat/followers",
    "following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
    "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
    "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
    "organizations_url": "https://HOSTNAME/users/octocat/orgs",
    "repos_url": "https://HOSTNAME/users/octocat/repos",
    "events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
    "received_events_url": "https://HOSTNAME/users/octocat/received_events",
    "type": "User",
    "site_admin": false
  }
}