You can use these GitHub Enterprise Cloud endpoints to administer your enterprise account.
Nota: Este artículo aplica a GitHub Enterprise Cloud. Si quieres ver la versión para Servidor de GitHub Enterprise, utiliza el menú desplegable de Versión del artículo:.
Facturación
Get GitHub Actions billing for an enterprise
Gets the summary of the free and paid GitHub Actions minutes used.
Paid minutes only apply to workflows in private repositories that use GitHub-hosted runners. Minutes used is listed for each GitHub-hosted runner operating system. Any job re-runs are also included in the usage. The usage does not include the multiplier for macOS and Windows runners and is not rounded up to the nearest whole minute. For more information, see "Managing billing for GitHub Actions".
The authenticated user must be an enterprise admin.
get /enterprises/{enterprise}/settings/billing/actionsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/settings/billing/actionsJavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/settings/billing/actions', {
enterprise: 'enterprise'
})
Response
Status: 200 OK{
"total_minutes_used": 305,
"total_paid_minutes_used": 0,
"included_minutes": 3000,
"minutes_used_breakdown": {
"UBUNTU": 205,
"MACOS": 10,
"WINDOWS": 90
}
}
Get GitHub Packages billing for an enterprise
Gets the free and paid storage used for GitHub Packages in gigabytes.
Paid minutes only apply to packages stored for private repositories. For more information, see "Managing billing for GitHub Packages."
The authenticated user must be an enterprise admin.
get /enterprises/{enterprise}/settings/billing/packagesParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/settings/billing/packagesJavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/settings/billing/packages', {
enterprise: 'enterprise'
})
Response
Status: 200 OK{
"total_gigabytes_bandwidth_used": 50,
"total_paid_gigabytes_bandwidth_used": 40,
"included_gigabytes_bandwidth": 10
}
Get shared storage billing for an enterprise
Gets the estimated paid and estimated total storage used for GitHub Actions and Github Packages.
Paid minutes only apply to packages stored for private repositories. For more information, see "Managing billing for GitHub Packages."
The authenticated user must be an enterprise admin.
get /enterprises/{enterprise}/settings/billing/shared-storageParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/settings/billing/shared-storageJavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/settings/billing/shared-storage', {
enterprise: 'enterprise'
})
Response
Status: 200 OK{
"days_left_in_billing_cycle": 20,
"estimated_paid_storage_for_month": 15,
"estimated_storage_for_month": 40
}
GitHub Actions
Get GitHub Actions permissions for an enterprise
Gets the GitHub Actions permissions policy for organizations and allowed actions in an enterprise.
You must authenticate using an access token with the admin:enterprise scope to use this endpoint.
get /enterprises/{enterprise}/actions/permissionsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/permissionsJavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/actions/permissions', {
enterprise: 'enterprise'
})
Response
Status: 200 OK{
"enabled_organizations": "all",
"allowed_actions": "selected",
"selected_actions_url": "https://api.github.com/enterprises/2/actions/permissions/selected-actions"
}
Set GitHub Actions permissions for an enterprise
Sets the GitHub Actions permissions policy for organizations and allowed actions in an enterprise.
You must authenticate using an access token with the admin:enterprise scope to use this endpoint.
put /enterprises/{enterprise}/actions/permissionsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
enabled_organizations |
string | body |
Required. The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: |
allowed_actions |
string | body |
The permissions policy that controls the actions that are allowed to run. Can be one of: |
Ejemplos de código
Shell
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/permissions \
-d '{"enabled_organizations":"enabled_organizations"}'JavaScript (@octokit/core.js)
await octokit.request('PUT /enterprises/{enterprise}/actions/permissions', {
enterprise: 'enterprise',
enabled_organizations: 'enabled_organizations'
})
Response
Status: 204 No ContentList selected organizations enabled for GitHub Actions in an enterprise
Lists the organizations that are selected to have GitHub Actions enabled in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see "Set GitHub Actions permissions for an enterprise."
You must authenticate using an access token with the admin:enterprise scope to use this endpoint.
get /enterprises/{enterprise}/actions/permissions/organizationsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
per_page |
integer | query |
Results per page (max 100) Default:30 |
page |
integer | query |
Page number of the results to fetch. Default:1 |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/permissions/organizationsJavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/actions/permissions/organizations', {
enterprise: 'enterprise'
})
Response
Status: 200 OK{
"total_count": 1,
"organizations": [
{
"login": "octocat",
"id": 161335,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"url": "https://api.github.com/orgs/octo-org",
"repos_url": "https://api.github.com/orgs/octo-org/repos",
"events_url": "https://api.github.com/orgs/octo-org/events",
"hooks_url": "https://api.github.com/orgs/octo-org/hooks",
"issues_url": "https://api.github.com/orgs/octo-org/issues",
"members_url": "https://api.github.com/orgs/octo-org/members{/member}",
"public_members_url": "https://api.github.com/orgs/octo-org/public_members{/member}",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"description": "A great organization"
}
]
}
Set selected organizations enabled for GitHub Actions in an enterprise
Replaces the list of selected organizations that are enabled for GitHub Actions in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see "Set GitHub Actions permissions for an enterprise."
You must authenticate using an access token with the admin:enterprise scope to use this endpoint.
put /enterprises/{enterprise}/actions/permissions/organizationsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
selected_organization_ids |
array of integers | body |
Required. List of organization IDs to enable for GitHub Actions. |
Ejemplos de código
Shell
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/permissions/organizations \
-d '{"selected_organization_ids":[42]}'JavaScript (@octokit/core.js)
await octokit.request('PUT /enterprises/{enterprise}/actions/permissions/organizations', {
enterprise: 'enterprise',
selected_organization_ids: [
42
]
})
Response
Status: 204 No ContentEnable a selected organization for GitHub Actions in an enterprise
Adds an organization to the list of selected organizations that are enabled for GitHub Actions in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see "Set GitHub Actions permissions for an enterprise."
You must authenticate using an access token with the admin:enterprise scope to use this endpoint.
put /enterprises/{enterprise}/actions/permissions/organizations/{org_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
org_id |
integer | path |
Unique identifier of an organization. |
Ejemplos de código
Shell
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/permissions/organizations/42JavaScript (@octokit/core.js)
await octokit.request('PUT /enterprises/{enterprise}/actions/permissions/organizations/{org_id}', {
enterprise: 'enterprise',
org_id: 42
})
Response
Status: 204 No ContentDisable a selected organization for GitHub Actions in an enterprise
Removes an organization from the list of selected organizations that are enabled for GitHub Actions in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see "Set GitHub Actions permissions for an enterprise."
You must authenticate using an access token with the admin:enterprise scope to use this endpoint.
delete /enterprises/{enterprise}/actions/permissions/organizations/{org_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
org_id |
integer | path |
Unique identifier of an organization. |
Ejemplos de código
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/permissions/organizations/42JavaScript (@octokit/core.js)
await octokit.request('DELETE /enterprises/{enterprise}/actions/permissions/organizations/{org_id}', {
enterprise: 'enterprise',
org_id: 42
})
Response
Status: 204 No ContentGet allowed actions for an enterprise
Gets the selected actions that are allowed in an enterprise. To use this endpoint, the enterprise permission policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for an enterprise."
You must authenticate using an access token with the admin:enterprise scope to use this endpoint.
get /enterprises/{enterprise}/actions/permissions/selected-actionsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/permissions/selected-actionsJavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/actions/permissions/selected-actions', {
enterprise: 'enterprise'
})
Response
Status: 200 OK{
"github_owned_allowed": true,
"verified_allowed": false,
"patterns_allowed": [
"monalisa/octocat@*",
"docker/*"
]
}
Set allowed actions for an enterprise
Sets the actions that are allowed in an enterprise. To use this endpoint, the enterprise permission policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for an enterprise."
You must authenticate using an access token with the admin:enterprise scope to use this endpoint.
put /enterprises/{enterprise}/actions/permissions/selected-actionsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
github_owned_allowed |
boolean | body |
Whether GitHub-owned actions are allowed. For example, this includes the actions in the |
verified_allowed |
boolean | body |
Whether actions in GitHub Marketplace from verified creators are allowed. Set to |
patterns_allowed |
array of strings | body |
Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, |
Ejemplos de código
Shell
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/permissions/selected-actions \
-d '{"github_owned_allowed":true}'JavaScript (@octokit/core.js)
await octokit.request('PUT /enterprises/{enterprise}/actions/permissions/selected-actions', {
enterprise: 'enterprise',
github_owned_allowed: true
})
Response
Status: 204 No ContentList self-hosted runner groups for an enterprise
Lists all self-hosted runner groups for an enterprise.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
get /enterprises/{enterprise}/actions/runner-groupsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
per_page |
integer | query |
Results per page (max 100) Default:30 |
page |
integer | query |
Page number of the results to fetch. Default:1 |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groupsJavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/actions/runner-groups', {
enterprise: 'enterprise'
})
Response
Status: 200 OK{
"total_count": 3,
"runner_groups": [
{
"id": 1,
"name": "Default",
"visibility": "all",
"default": true,
"runners_url": "https://api.github.com/enterprises/octo-corp/actions/runner_groups/1/runners",
"allows_public_repositories": false
},
{
"id": 2,
"name": "octo-runner-group",
"visibility": "selected",
"default": false,
"selected_organizations_url": "https://api.github.com/enterprises/octo-corp/actions/runner_groups/2/organizations",
"runners_url": "https://api.github.com/enterprises/octo-corp/actions/runner_groups/2/runners",
"allows_public_repositories": true
},
{
"id": 3,
"name": "expensive-hardware",
"visibility": "private",
"default": false,
"runners_url": "https://api.github.com/enterprises/octo-corp/actions/runner_groups/3/runners",
"allows_public_repositories": true
}
]
}
Create a self-hosted runner group for an enterprise
Creates a new self-hosted runner group for an enterprise.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
post /enterprises/{enterprise}/actions/runner-groupsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
name |
string | body |
Required. Name of the runner group. |
visibility |
string | body |
Visibility of a runner group. You can select all organizations or select individual organization. Can be one of: |
selected_organization_ids |
array of integers | body |
List of organization IDs that can access the runner group. |
runners |
array of integers | body |
List of runner IDs to add to the runner group. |
Ejemplos de código
Shell
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groups \
-d '{"name":"name"}'JavaScript (@octokit/core.js)
await octokit.request('POST /enterprises/{enterprise}/actions/runner-groups', {
enterprise: 'enterprise',
name: 'name'
})
Response
Status: 201 Created{
"id": 2,
"name": "octo-runner-group",
"visibility": "selected",
"default": false,
"selected_organizations_url": "https://api.github.com/enterprises/octo-corp/actions/runner-groups/2/organizations",
"runners_url": "https://api.github.com/enterprises/octo-corp/actions/runner-groups/2/runners",
"allows_public_repositories": false
}
Get a self-hosted runner group for an enterprise
Gets a specific self-hosted runner group for an enterprise.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
get /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_group_id |
integer | path |
Unique identifier of the self-hosted runner group. |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groups/42JavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}', {
enterprise: 'enterprise',
runner_group_id: 42
})
Response
Status: 200 OK{
"id": 2,
"name": "octo-runner-group",
"visibility": "selected",
"default": false,
"selected_organizations_url": "https://api.github.com/enterprises/octo-corp/actions/runner-groups/2/organizations",
"runners_url": "https://api.github.com/enterprises/octo-corp/actions/runner-groups/2/runners",
"allows_public_repositories": false
}
Update a self-hosted runner group for an enterprise
Updates the name and visibility of a self-hosted runner group in an enterprise.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
patch /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_group_id |
integer | path |
Unique identifier of the self-hosted runner group. |
name |
string | body |
Name of the runner group. |
visibility |
string | body |
Visibility of a runner group. You can select all organizations or select individual organizations. Can be one of: all |
Ejemplos de código
Shell
curl \
-X PATCH \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groups/42 \
-d '{"name":"name"}'JavaScript (@octokit/core.js)
await octokit.request('PATCH /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}', {
enterprise: 'enterprise',
runner_group_id: 42,
name: 'name'
})
Response
Status: 200 OK{
"id": 2,
"name": "Expensive hardware runners",
"visibility": "selected",
"default": false,
"selected_organizations_url": "https://api.github.com/enterprises/octo-corp/actions/runner-groups/2/organizations",
"runners_url": "https://api.github.com/enterprises/octo-corp/actions/runner-groups/2/runners",
"allows_public_repositories": true
}
Delete a self-hosted runner group from an enterprise
Deletes a self-hosted runner group for an enterprise.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
delete /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_group_id |
integer | path |
Unique identifier of the self-hosted runner group. |
Ejemplos de código
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groups/42JavaScript (@octokit/core.js)
await octokit.request('DELETE /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}', {
enterprise: 'enterprise',
runner_group_id: 42
})
Response
Status: 204 No ContentList organization access to a self-hosted runner group in an enterprise
Lists the organizations with access to a self-hosted runner group.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
get /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizationsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_group_id |
integer | path |
Unique identifier of the self-hosted runner group. |
per_page |
integer | query |
Results per page (max 100) Default:30 |
page |
integer | query |
Page number of the results to fetch. Default:1 |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groups/42/organizationsJavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizations', {
enterprise: 'enterprise',
runner_group_id: 42
})
Response
Status: 200 OK{
"total_count": 1,
"organizations": [
{
"login": "octocat",
"id": 161335,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"url": "https://api.github.com/orgs/octo-org",
"repos_url": "https://api.github.com/orgs/octo-org/repos",
"events_url": "https://api.github.com/orgs/octo-org/events",
"hooks_url": "https://api.github.com/orgs/octo-org/hooks",
"issues_url": "https://api.github.com/orgs/octo-org/issues",
"members_url": "https://api.github.com/orgs/octo-org/members{/member}",
"public_members_url": "https://api.github.com/orgs/octo-org/public_members{/member}",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"description": "A great organization"
}
]
}
Set organization access for a self-hosted runner group in an enterprise
Replaces the list of organizations that have access to a self-hosted runner configured in an enterprise.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
put /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizationsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_group_id |
integer | path |
Unique identifier of the self-hosted runner group. |
selected_organization_ids |
array of integers | body |
Required. List of organization IDs that can access the runner group. |
Ejemplos de código
Shell
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groups/42/organizations \
-d '{"selected_organization_ids":[42]}'JavaScript (@octokit/core.js)
await octokit.request('PUT /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizations', {
enterprise: 'enterprise',
runner_group_id: 42,
selected_organization_ids: [
42
]
})
Response
Status: 204 No ContentAdd organization access to a self-hosted runner group in an enterprise
Adds an organization to the list of selected organizations that can access a self-hosted runner group. The runner group must have visibility set to selected. For more information, see "Create a self-hosted runner group for an enterprise."
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
put /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizations/{org_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_group_id |
integer | path |
Unique identifier of the self-hosted runner group. |
org_id |
integer | path |
Unique identifier of an organization. |
Ejemplos de código
Shell
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groups/42/organizations/42JavaScript (@octokit/core.js)
await octokit.request('PUT /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizations/{org_id}', {
enterprise: 'enterprise',
runner_group_id: 42,
org_id: 42
})
Response
Status: 204 No ContentRemove organization access to a self-hosted runner group in an enterprise
Removes an organization from the list of selected organizations that can access a self-hosted runner group. The runner group must have visibility set to selected. For more information, see "Create a self-hosted runner group for an enterprise."
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
delete /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizations/{org_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_group_id |
integer | path |
Unique identifier of the self-hosted runner group. |
org_id |
integer | path |
Unique identifier of an organization. |
Ejemplos de código
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groups/42/organizations/42JavaScript (@octokit/core.js)
await octokit.request('DELETE /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizations/{org_id}', {
enterprise: 'enterprise',
runner_group_id: 42,
org_id: 42
})
Response
Status: 204 No ContentList self-hosted runners in a group for an enterprise
Lists the self-hosted runners that are in a specific enterprise group.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
get /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runnersParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_group_id |
integer | path |
Unique identifier of the self-hosted runner group. |
per_page |
integer | query |
Results per page (max 100) Default:30 |
page |
integer | query |
Page number of the results to fetch. Default:1 |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groups/42/runnersJavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runners', {
enterprise: 'enterprise',
runner_group_id: 42
})
Response
Status: 200 OK{
"total_count": 2,
"runners": [
{
"id": 23,
"name": "linux_runner",
"os": "linux",
"status": "online",
"busy": true,
"labels": [
{
"id": 5,
"name": "self-hosted",
"type": "read-only"
},
{
"id": 7,
"name": "X64",
"type": "read-only"
},
{
"id": 11,
"name": "Linux",
"type": "read-only"
}
]
},
{
"id": 24,
"name": "mac_runner",
"os": "macos",
"status": "offline",
"busy": false,
"labels": [
{
"id": 5,
"name": "self-hosted",
"type": "read-only"
},
{
"id": 7,
"name": "X64",
"type": "read-only"
},
{
"id": 20,
"name": "macOS",
"type": "read-only"
},
{
"id": 21,
"name": "no-gpu",
"type": "custom"
}
]
}
]
}
Set self-hosted runners in a group for an enterprise
Replaces the list of self-hosted runners that are part of an enterprise runner group.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
put /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runnersParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_group_id |
integer | path |
Unique identifier of the self-hosted runner group. |
runners |
array of integers | body |
Required. List of runner IDs to add to the runner group. |
Ejemplos de código
Shell
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groups/42/runners \
-d '{"runners":[42]}'JavaScript (@octokit/core.js)
await octokit.request('PUT /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runners', {
enterprise: 'enterprise',
runner_group_id: 42,
runners: [
42
]
})
Response
Status: 204 No ContentAdd a self-hosted runner to a group for an enterprise
Adds a self-hosted runner to a runner group configured in an enterprise.
You must authenticate using an access token with the manage_runners:enterprise
scope to use this endpoint.
put /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runners/{runner_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_group_id |
integer | path |
Unique identifier of the self-hosted runner group. |
runner_id |
integer | path |
Unique identifier of the self-hosted runner. |
Ejemplos de código
Shell
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groups/42/runners/42JavaScript (@octokit/core.js)
await octokit.request('PUT /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runners/{runner_id}', {
enterprise: 'enterprise',
runner_group_id: 42,
runner_id: 42
})
Response
Status: 204 No ContentRemove a self-hosted runner from a group for an enterprise
Removes a self-hosted runner from a group configured in an enterprise. The runner is then returned to the default group.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
delete /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runners/{runner_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_group_id |
integer | path |
Unique identifier of the self-hosted runner group. |
runner_id |
integer | path |
Unique identifier of the self-hosted runner. |
Ejemplos de código
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runner-groups/42/runners/42JavaScript (@octokit/core.js)
await octokit.request('DELETE /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runners/{runner_id}', {
enterprise: 'enterprise',
runner_group_id: 42,
runner_id: 42
})
Response
Status: 204 No ContentList self-hosted runners for an enterprise
Lists all self-hosted runners configured for an enterprise.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
get /enterprises/{enterprise}/actions/runnersParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
per_page |
integer | query |
Results per page (max 100) Default:30 |
page |
integer | query |
Page number of the results to fetch. Default:1 |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runnersJavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/actions/runners', {
enterprise: 'enterprise'
})
Response
Status: 200 OK{
"total_count": 2,
"runners": [
{
"id": 23,
"name": "linux_runner",
"os": "linux",
"status": "online",
"busy": true,
"labels": [
{
"id": 5,
"name": "self-hosted",
"type": "read-only"
},
{
"id": 7,
"name": "X64",
"type": "read-only"
},
{
"id": 11,
"name": "Linux",
"type": "read-only"
}
]
},
{
"id": 24,
"name": "mac_runner",
"os": "macos",
"status": "offline",
"busy": false,
"labels": [
{
"id": 5,
"name": "self-hosted",
"type": "read-only"
},
{
"id": 7,
"name": "X64",
"type": "read-only"
},
{
"id": 20,
"name": "macOS",
"type": "read-only"
},
{
"id": 21,
"name": "no-gpu",
"type": "custom"
}
]
}
]
}
List runner applications for an enterprise
Lists binaries for the runner application that you can download and run.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
get /enterprises/{enterprise}/actions/runners/downloadsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runners/downloadsJavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/actions/runners/downloads', {
enterprise: 'enterprise'
})
Response
Status: 200 OK[
{
"os": "osx",
"architecture": "x64",
"download_url": "https://github.com/actions/runner/releases/download/v2.164.0/actions-runner-osx-x64-2.164.0.tar.gz",
"filename": "actions-runner-osx-x64-2.164.0.tar.gz"
},
{
"os": "linux",
"architecture": "x64",
"download_url": "https://github.com/actions/runner/releases/download/v2.164.0/actions-runner-linux-x64-2.164.0.tar.gz",
"filename": "actions-runner-linux-x64-2.164.0.tar.gz"
},
{
"os": "linux",
"architecture": "arm",
"download_url": "https://github.com/actions/runner/releases/download/v2.164.0/actions-runner-linux-arm-2.164.0.tar.gz",
"filename": "actions-runner-linux-arm-2.164.0.tar.gz"
},
{
"os": "win",
"architecture": "x64",
"download_url": "https://github.com/actions/runner/releases/download/v2.164.0/actions-runner-win-x64-2.164.0.zip",
"filename": "actions-runner-win-x64-2.164.0.zip"
},
{
"os": "linux",
"architecture": "arm64",
"download_url": "https://github.com/actions/runner/releases/download/v2.164.0/actions-runner-linux-arm64-2.164.0.tar.gz",
"filename": "actions-runner-linux-arm64-2.164.0.tar.gz"
}
]
Create a registration token for an enterprise
Returns a token that you can pass to the config script. The token expires after one hour.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
Example using registration token
Configure your self-hosted runner, replacing TOKEN with the registration token provided by this endpoint.
./config.sh --url https://github.com/enterprises/octo-enterprise --token TOKEN
post /enterprises/{enterprise}/actions/runners/registration-tokenParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Ejemplos de código
Shell
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runners/registration-tokenJavaScript (@octokit/core.js)
await octokit.request('POST /enterprises/{enterprise}/actions/runners/registration-token', {
enterprise: 'enterprise'
})
Response
Status: 201 Created{
"token": "LLBF3JGZDX3P5PMEXLND6TS6FCWO6",
"expires_at": "2020-01-22T12:13:35.123-08:00"
}
Create a remove token for an enterprise
Returns a token that you can pass to the config script to remove a self-hosted runner from an enterprise. The token expires after one hour.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
Example using remove token
To remove your self-hosted runner from an enterprise, replace TOKEN with the remove token provided by this
endpoint.
./config.sh remove --token TOKEN
post /enterprises/{enterprise}/actions/runners/remove-tokenParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Ejemplos de código
Shell
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runners/remove-tokenJavaScript (@octokit/core.js)
await octokit.request('POST /enterprises/{enterprise}/actions/runners/remove-token', {
enterprise: 'enterprise'
})
Response
Status: 201 Created{
"token": "AABF3JGZDX3P5PMEXLND6TS6FCWO6",
"expires_at": "2020-01-29T12:13:35.123-08:00"
}
Get a self-hosted runner for an enterprise
Gets a specific self-hosted runner configured in an enterprise.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
get /enterprises/{enterprise}/actions/runners/{runner_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_id |
integer | path |
Unique identifier of the self-hosted runner. |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runners/42JavaScript (@octokit/core.js)
await octokit.request('GET /enterprises/{enterprise}/actions/runners/{runner_id}', {
enterprise: 'enterprise',
runner_id: 42
})
Response
Status: 200 OK{
"id": 23,
"name": "MBP",
"os": "macos",
"status": "online",
"busy": true,
"labels": [
{
"id": 5,
"name": "self-hosted",
"type": "read-only"
},
{
"id": 7,
"name": "X64",
"type": "read-only"
},
{
"id": 20,
"name": "macOS",
"type": "read-only"
},
{
"id": 21,
"name": "no-gpu",
"type": "custom"
}
]
}
Delete a self-hosted runner from an enterprise
Forces the removal of a self-hosted runner from an enterprise. You can use this endpoint to completely remove the runner when the machine you were using no longer exists.
You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.
delete /enterprises/{enterprise}/actions/runners/{runner_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
runner_id |
integer | path |
Unique identifier of the self-hosted runner. |
Ejemplos de código
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/enterprises/ENTERPRISE/actions/runners/42JavaScript (@octokit/core.js)
await octokit.request('DELETE /enterprises/{enterprise}/actions/runners/{runner_id}', {
enterprise: 'enterprise',
runner_id: 42
})
Response
Status: 204 No ContentSCIM
Aprovisionamiento de SCIM para Empresas
Los Proveedores de Identidad (IdPs) con SCIM habilitado pueden utilizar la API de SCIM para automatizar el aprovisionamiento de la membresía empresarial. La API de GitHub se basa en la versión 2.0 del estándar de SCIM.
El IdP debe utilizar https://api.github.com/scim/v2/enterprises/{enterprise}/ como la terminal de SCIM.
Nota: La API empresarial de SCIM solo se encuentra disponible para las empresas en GitHub Enterprise Cloud que cuenten con el SSO de SAML habilitado. Para obtener más información acerca de SCIM, consulta "Acerca de SCIM".
Autenticar las llamadas a la API de SCIM
Debes autenticarte como un propietario de una empresa de GitHub para utilizar su API de SCIM. La API espera que se incluya un token Portador de OAuth 2.0 en el encabezado Authorization. También podrías utilizar un token de acceso personal, pero primero debes autorizarlo para su uso con tu SSO empresarial de SAML.
Mapeo de los datos de SAML y de SCIM
El IdP de SAML y el cliente de SCIM deben utilizar valores coincidentes de NameID y userName para cada usuario. Esto le permite al usuario que se autentica mediante SAML el poder enlazarse con su identidad aprovisionada de SCIM.
Los grupos de SCIM se empatan con las organizaciones de GitHub que tienen exactamente el mismo nombre, y que son propiedad de la cuenta empresarial.
El IdP de SAML y el cliente de SCIM deben configurarse para empatar exactamente el displayName del grupo de SCIM con el nombre correspondiente de la organización de GitHub. Esto le permite a GitHub enlazar el grupo de SCIM con la membrecía organizacional de GitHub.
Atributos de Usuario de SCIM compatibles
| Nombre | Tipo | Descripción |
|---|---|---|
userName | secuencia | El nombre de usuario para el usuario. |
name.givenName | secuencia | El primer nombre del usuario. |
name.lastName | secuencia | El apellido del usuario. |
correos electrónicos | array | Lista de correos electrónicos del usuario. |
externalId | secuencia | El proveedor de SAML genera este identificador, el cual utiliza como una ID única para empatarla contra un usuario de GitHub. Puedes encontrar la externalID para un usuario ya sea con el proveedor de SAML, o utilizar la terminal de Listar las identidades aprovisionadas de SCIM para una empresa y filtrar otros atributos conocidos, tales como el nombre de usuario o la dirección de correo electrónico de un usuario de GitHub. |
id | secuencia | Identificador que genera la terminal de SCIM de GitHub. |
active | boolean | Se utiliza para indicar si la identidad está activa (true) o si debe desaprovisionarse (false). |
groups | array | Lista opcional de las ID del grupo de SCIM del cual el usuario es miembro. |
Nota: Las URL de terminal para la API de SCIM distinguen entre mayúsculas y minúsculas. Por ejemplo, la primera letra en la terminal Users debe ponerse en mayúscula:
GET /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}Atributos del Grupo de SCIM compatibles
| Nombre | Tipo | Descripción |
|---|---|---|
displayName | secuencia | El nombre del grupo de SCIM, el cual debe empatar exactamente con el nombre de la organización de GitHub correspondiente. Por ejemplo, si la URL de la organización es https://github.com/octo-org, el nombre del grupo debe ser octo-org. |
members | array | Lista de IDs de usuario de SCIM que son miembros del grupo. |
List provisioned SCIM groups for an enterprise
Note: The SCIM API endpoints for enterprise accounts are currently in beta and are subject to change.
get /scim/v2/enterprises/{enterprise}/GroupsParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
startIndex |
integer | query |
Used for pagination: the index of the first result to return. |
count |
integer | query |
Used for pagination: the number of results to return. |
filter |
string | query |
filter results |
excludedAttributes |
string | query |
attributes to exclude |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/scim/v2/enterprises/ENTERPRISE/GroupsJavaScript (@octokit/core.js)
await octokit.request('GET /scim/v2/enterprises/{enterprise}/Groups', {
enterprise: 'enterprise'
})
Response
Status: 200 OK{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 2,
"itemsPerPage": 2,
"startIndex": 1,
"Resources": [
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"id": "abcd27f8-a9aa-11ea-8221-f59b2be9cccc",
"externalId": null,
"displayName": "octo-org",
"members": [
{
"value": "92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"$ref": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"display": "octocat@github.com"
},
{
"value": "aaaa8c34-a6b2-11ea-9d70-bbbbbd1c8fd5",
"$ref": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/aaaa8c34-a6b2-11ea-9d70-bbbbbd1c8fd5",
"display": "hubot@example.com"
}
],
"meta": {
"resourceType": "Group",
"created": "2020-06-09T03:10:17.000+10:00",
"lastModified": "2020-06-09T03:10:17.000+10:00",
"location": "https://api.github.com/scim/v2/enterprises/octo-corp/Groups/abcd27f8-a9aa-11ea-8221-f59b2be9cccc"
}
},
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"id": "5e75bbbb-aa1a-11ea-8644-75ff655cdddd",
"externalId": null,
"displayName": "octo-docs-org",
"members": [
{
"value": "92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"$ref": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"display": "octocat@github.com"
}
],
"meta": {
"resourceType": "Group",
"created": "2020-06-09T16:28:01.000+10:00",
"lastModified": "2020-06-09T16:28:01.000+10:00",
"location": "https://api.github.com/scim/v2/enterprises/octo-corp/Groups/5e75bbbb-aa1a-11ea-8644-75ff655cdddd"
}
}
]
}
Notes
Provision a SCIM enterprise group and invite users
Note: The SCIM API endpoints for enterprise accounts are currently in beta and are subject to change.
Provision an enterprise group, and invite users to the group. This sends invitation emails to the email address of the invited users to join the GitHub organization that the SCIM group corresponds to.
post /scim/v2/enterprises/{enterprise}/GroupsParámetros
| Name | Type | In | Description | ||
|---|---|---|---|---|---|
accept |
string | header |
Setting to
|
||
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
||
schemas |
array of strings | body |
Required. The SCIM schema URIs. |
||
displayName |
string | body |
Required. The name of the SCIM group. This must match the GitHub organization that the group maps to. |
||
members |
array of objects | body | |||
Properties of the
|
|||||
value (string)
|
Required. The SCIM user ID for a user. |
Ejemplos de código
Shell
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/scim/v2/enterprises/ENTERPRISE/Groups \
-d '{"schemas":["schemas"],"displayName":"displayName"}'JavaScript (@octokit/core.js)
await octokit.request('POST /scim/v2/enterprises/{enterprise}/Groups', {
enterprise: 'enterprise',
schemas: [
'schemas'
],
displayName: 'displayName'
})
Response
Status: 201 Created{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"id": "abcd27f8-a9aa-11ea-8221-f59b2be9cccc",
"externalId": null,
"displayName": "octo-org",
"members": [
{
"value": "92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"$ref": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"display": "octocat@github.com"
},
{
"value": "aaaa8c34-a6b2-11ea-9d70-bbbbbd1c8fd5",
"$ref": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/aaaa8c34-a6b2-11ea-9d70-bbbbbd1c8fd5",
"display": "hubot@example.com"
}
],
"meta": {
"resourceType": "Group",
"created": "2020-06-09T03:10:17.000+10:0",
"lastModified": "2020-06-09T03:10:17.000+10:00",
"location": "https://api.github.com/scim/v2/enterprises/octo-corp/Groups/abcd27f8-a9aa-11ea-8221-f59b2be9cccc"
}
}
Notes
Get SCIM provisioning information for an enterprise group
Note: The SCIM API endpoints for enterprise accounts are currently in beta and are subject to change.
get /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
scim_group_id |
string | path |
Identifier generated by the GitHub SCIM endpoint. |
excludedAttributes |
string | query |
Attributes to exclude. |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/scim/v2/enterprises/ENTERPRISE/Groups/SCIM_GROUP_IDJavaScript (@octokit/core.js)
await octokit.request('GET /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id}', {
enterprise: 'enterprise',
scim_group_id: 'scim_group_id'
})
Response
Status: 200 OK{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"id": "abcd27f8-a9aa-11ea-8221-f59b2be9cccc",
"externalId": null,
"displayName": "octo-org",
"members": [
{
"value": "92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"$ref": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"display": "octocat@github.com"
},
{
"value": "aaaa8c34-a6b2-11ea-9d70-bbbbbd1c8fd5",
"$ref": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/aaaa8c34-a6b2-11ea-9d70-bbbbbd1c8fd5",
"display": "hubot@example.com"
}
],
"meta": {
"resourceType": "Group",
"created": "2020-06-09T03:10:17.000+10:0",
"lastModified": "2020-06-09T03:10:17.000+10:00",
"location": "https://api.github.com/scim/v2/enterprises/octo-corp/Groups/abcd27f8-a9aa-11ea-8221-f59b2be9cccc"
}
}
Notes
Set SCIM information for a provisioned enterprise group
Note: The SCIM API endpoints for enterprise accounts are currently in beta and are subject to change.
Replaces an existing provisioned group’s information. You must provide all the information required for the group as if you were provisioning it for the first time. Any existing group information that you don't provide will be removed, including group membership. If you want to only update a specific attribute, use the Update an attribute for a SCIM enterprise group endpoint instead.
put /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id}Parámetros
| Name | Type | In | Description | ||
|---|---|---|---|---|---|
accept |
string | header |
Setting to
|
||
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
||
scim_group_id |
string | path |
Identifier generated by the GitHub SCIM endpoint. |
||
schemas |
array of strings | body |
Required. The SCIM schema URIs. |
||
displayName |
string | body |
Required. The name of the SCIM group. This must match the GitHub organization that the group maps to. |
||
members |
array of objects | body | |||
Properties of the
|
|||||
value (string)
|
Required. The SCIM user ID for a user. |
Ejemplos de código
Shell
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/scim/v2/enterprises/ENTERPRISE/Groups/SCIM_GROUP_ID \
-d '{"schemas":["schemas"],"displayName":"displayName"}'JavaScript (@octokit/core.js)
await octokit.request('PUT /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id}', {
enterprise: 'enterprise',
scim_group_id: 'scim_group_id',
schemas: [
'schemas'
],
displayName: 'displayName'
})
Response
Status: 200 OK{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"id": "abcd27f8-a9aa-11ea-8221-f59b2be9cccc",
"externalId": null,
"displayName": "octo-org",
"members": [
{
"value": "92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"$ref": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"display": "octocat@github.com"
},
{
"value": "aaaa8c34-a6b2-11ea-9d70-bbbbbd1c8fd5",
"$ref": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/aaaa8c34-a6b2-11ea-9d70-bbbbbd1c8fd5",
"display": "hubot@example.com"
}
],
"meta": {
"resourceType": "Group",
"created": "2020-06-09T03:10:17.000+10:0",
"lastModified": "2020-06-09T03:10:17.000+10:00",
"location": "https://api.github.com/scim/v2/enterprises/octo-corp/Groups/abcd27f8-a9aa-11ea-8221-f59b2be9cccc"
}
}
Notes
Update an attribute for a SCIM enterprise group
Note: The SCIM API endpoints for enterprise accounts are currently in beta and are subject to change.
Allows you to change a provisioned group’s individual attributes. To change a group’s values, you must provide a specific Operations JSON format that contains at least one of the add, remove, or replace operations. For examples and more information on the SCIM operations format, see the SCIM specification.
patch /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id}Parámetros
| Name | Type | In | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
accept |
string | header |
Setting to
|
||||||
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
||||||
scim_group_id |
string | path |
Identifier generated by the GitHub SCIM endpoint. |
||||||
schemas |
array of strings | body |
Required. The SCIM schema URIs. |
||||||
Operations |
array of objects | body |
Required. Array of SCIM operations. |
||||||
Properties of the
|
|||||||||
op (string)
|
Required. |
path (string)
|
|
value (string or object or array)
|
Ejemplos de código
Shell
curl \
-X PATCH \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/scim/v2/enterprises/ENTERPRISE/Groups/SCIM_GROUP_ID \
-d '{"schemas":["schemas"],"Operations":[{"op":"op","path":"path","value":"value"}]}'JavaScript (@octokit/core.js)
await octokit.request('PATCH /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id}', {
enterprise: 'enterprise',
scim_group_id: 'scim_group_id',
schemas: [
'schemas'
],
Operations: [
{
op: 'op',
path: 'path',
value: 'value'
}
]
})
Response
Status: 200 OK{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"id": "abcd27f8-a9aa-11ea-8221-f59b2be9cccc",
"externalId": null,
"displayName": "octo-org",
"members": [
{
"value": "92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"$ref": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"display": "octocat@github.com"
}
],
"meta": {
"resourceType": "Group",
"created": "2020-06-09T03:10:17.000+10:00",
"lastModified": "2020-06-09T03:10:17.000+10:00",
"location": "https://api.github.com/scim/v2/enterprises/octo-corp/Groups/abcd27f8-a9aa-11ea-8221-f59b2be9cccc"
}
}
Notes
Delete a SCIM group from an enterprise
Note: The SCIM API endpoints for enterprise accounts are currently in beta and are subject to change.
delete /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
scim_group_id |
string | path |
Identifier generated by the GitHub SCIM endpoint. |
Ejemplos de código
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/scim/v2/enterprises/ENTERPRISE/Groups/SCIM_GROUP_IDJavaScript (@octokit/core.js)
await octokit.request('DELETE /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id}', {
enterprise: 'enterprise',
scim_group_id: 'scim_group_id'
})
Response
Status: 204 No ContentNotes
List SCIM provisioned identities for an enterprise
Note: The SCIM API endpoints for enterprise accounts are currently in beta and are subject to change.
Retrieves a paginated list of all provisioned enterprise members, including pending invitations.
When a user with a SAML-provisioned external identity leaves (or is removed from) an enterprise, the account's metadata is immediately removed. However, the returned list of user accounts might not always match the organization or enterprise member list you see on GitHub. This can happen in certain cases where an external identity associated with an organization will not match an organization member:
- When a user with a SCIM-provisioned external identity is removed from an enterprise, the account's metadata is preserved to allow the user to re-join the organization in the future.
- When inviting a user to join an organization, you can expect to see their external identity in the results before they accept the invitation, or if the invitation is cancelled (or never accepted).
- When a user is invited over SCIM, an external identity is created that matches with the invitee's email address. However, this identity is only linked to a user account when the user accepts the invitation by going through SAML SSO.
The returned list of external identities can include an entry for a null user. These are unlinked SAML identities that are created when a user goes through the following Single Sign-On (SSO) process but does not sign in to their GitHub account after completing SSO:
-
The user is granted access by the IdP and is not a member of the GitHub enterprise.
-
The user attempts to access the GitHub enterprise and initiates the SAML SSO process, and is not currently signed in to their GitHub account.
-
After successfully authenticating with the SAML SSO IdP, the
nullexternal identity entry is created and the user is prompted to sign in to their GitHub account:- If the user signs in, their GitHub account is linked to this entry.
- If the user does not sign in (or does not create a new account when prompted), they are not added to the GitHub enterprise, and the external identity
nullentry remains in place.
get /scim/v2/enterprises/{enterprise}/UsersParámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
startIndex |
integer | query |
Used for pagination: the index of the first result to return. |
count |
integer | query |
Used for pagination: the number of results to return. |
filter |
string | query |
filter results |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/scim/v2/enterprises/ENTERPRISE/UsersJavaScript (@octokit/core.js)
await octokit.request('GET /scim/v2/enterprises/{enterprise}/Users', {
enterprise: 'enterprise'
})
Response
Status: 200 OK{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 2,
"itemsPerPage": 2,
"startIndex": 1,
"Resources": [
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"externalId": "00dowz5dr9oSfDFRA0h7",
"userName": "octocat@github.com",
"name": {
"givenName": "Mona",
"familyName": "Octocat"
},
"emails": [
{
"value": "octocat@github.com",
"primary": true,
"type": "work"
}
],
"groups": [
{
"value": "468dd3fa-a1d6-11ea-9031-15a1f0d7811d"
}
],
"active": true,
"meta": {
"resourceType": "User",
"created": "2020-05-30T04:02:34.000+10:00",
"lastModified": "2020-05-30T04:05:04.000+10:00",
"location": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/92b58aaa-a1d6-11ea-8227-b9ce9e023ccc"
}
},
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "e18b8c34-a6b2-11ea-9d70-54abbd1c8fd5",
"externalId": "sdfoiausdofiua",
"userName": "hubot@example.com",
"name": {
"givenName": "hu",
"familyName": "bot"
},
"emails": [
{
"value": "hubot@example.com",
"type": "work",
"primary": true
}
],
"groups": [],
"active": true,
"meta": {
"resourceType": "User",
"created": "2020-06-05T08:29:40.000+10:00",
"lastModified": "2020-06-05T08:30:19.000+10:00",
"location": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/e18b8c34-a6b2-11ea-9d70-54abbd1c8fd5"
}
}
]
}
Notes
Provision and invite a SCIM enterprise user
Note: The SCIM API endpoints for enterprise accounts are currently in beta and are subject to change.
Provision enterprise membership for a user, and send organization invitation emails to the email address.
You can optionally include the groups a user will be invited to join. If you do not provide a list of groups, the user is provisioned for the enterprise, but no organization invitation emails will be sent.
post /scim/v2/enterprises/{enterprise}/UsersParámetros
| Name | Type | In | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
accept |
string | header |
Setting to
|
||||||
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
||||||
schemas |
array of strings | body |
Required. The SCIM schema URIs. |
||||||
userName |
string | body |
Required. The username for the user. |
||||||
name |
object | body |
Required. |
||||||
Properties of the
|
|||||||||
givenName (string)
|
Required. The first name of the user. |
familyName (string)
|
Required. The last name of the user. |
emailsRequired. List of user emails.
Properties of the
emails items
value (string)
|
Required. The email address. |
type (string)
|
Required. The type of email address. |
primary (boolean)
|
Required. Whether this email address is the primary address. |
groupsList of SCIM group IDs the user is a member of.
Properties of the
groups items
value (string)
|
Ejemplos de código
Shell
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/scim/v2/enterprises/ENTERPRISE/Users \
-d '{"schemas":["schemas"],"userName":"userName","name":{"givenName":"givenName","familyName":"familyName"},"emails":["octocat@github.com"]}'JavaScript (@octokit/core.js)
await octokit.request('POST /scim/v2/enterprises/{enterprise}/Users', {
enterprise: 'enterprise',
schemas: [
'schemas'
],
userName: 'userName',
name: {
givenName: 'givenName',
familyName: 'familyName'
},
emails: [
'octocat@github.com'
]
})
Response
Status: 201 Created{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"externalId": "00dowz5dr9oSfDFRA0h7",
"userName": "mona.octocat@okta.example.com",
"name": {
"givenName": "Mona",
"familyName": "Octocat"
},
"emails": [
{
"value": "mona.octocat@okta.example.com",
"type": "work",
"primary": true
}
],
"groups": [
{
"value": "468dd3fa-a1d6-11ea-9031-15a1f0d7811d"
}
],
"active": true,
"meta": {
"resourceType": "User",
"created": "2017-03-09T16:11:13-05:00",
"lastModified": "2017-03-09T16:11:13-05:00",
"location": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/92b58aaa-a1d6-11ea-8227-b9ce9e023ccc"
}
}
Notes
Get SCIM provisioning information for an enterprise user
Note: The SCIM API endpoints for enterprise accounts are currently in beta and are subject to change.
get /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
scim_user_id |
string | path |
scim_user_id parameter |
Ejemplos de código
Shell
curl \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/scim/v2/enterprises/ENTERPRISE/Users/SCIM_USER_IDJavaScript (@octokit/core.js)
await octokit.request('GET /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}', {
enterprise: 'enterprise',
scim_user_id: 'scim_user_id'
})
Response
Status: 200 OK{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"externalId": "00dowz5dr9oSfDFRA0h7",
"userName": "mona.octocat@okta.example.com",
"name": {
"givenName": "Mona",
"familyName": "Octocat"
},
"emails": [
{
"value": "mona.octocat@okta.example.com",
"type": "work",
"primary": true
}
],
"groups": [
{
"value": "468dd3fa-a1d6-11ea-9031-15a1f0d7811d"
}
],
"active": true,
"meta": {
"resourceType": "User",
"created": "2017-03-09T16:11:13-05:00",
"lastModified": "2017-03-09T16:11:13-05:00",
"location": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/92b58aaa-a1d6-11ea-8227-b9ce9e023ccc"
}
}
Notes
Set SCIM information for a provisioned enterprise user
Note: The SCIM API endpoints for enterprise accounts are currently in beta and are subject to change.
Replaces an existing provisioned user's information. You must provide all the information required for the user as if you were provisioning them for the first time. Any existing user information that you don't provide will be removed. If you want to only update a specific attribute, use the Update an attribute for a SCIM user endpoint instead.
You must at least provide the required values for the user: userName, name, and emails.
Warning: Setting active: false removes the user from the enterprise, deletes the external identity, and deletes the associated {scim_user_id}.
put /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}Parámetros
| Name | Type | In | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
accept |
string | header |
Setting to
|
||||||
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
||||||
scim_user_id |
string | path |
scim_user_id parameter |
||||||
schemas |
array of strings | body |
Required. The SCIM schema URIs. |
||||||
userName |
string | body |
Required. The username for the user. |
||||||
name |
object | body |
Required. |
||||||
Properties of the
|
|||||||||
givenName (string)
|
Required. The first name of the user. |
familyName (string)
|
Required. The last name of the user. |
emailsRequired. List of user emails.
Properties of the
emails items
value (string)
|
Required. The email address. |
type (string)
|
Required. The type of email address. |
primary (boolean)
|
Required. Whether this email address is the primary address. |
groupsList of SCIM group IDs the user is a member of.
Properties of the
groups items
value (string)
|
Ejemplos de código
Shell
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/scim/v2/enterprises/ENTERPRISE/Users/SCIM_USER_ID \
-d '{"schemas":["schemas"],"userName":"userName","name":{"givenName":"givenName","familyName":"familyName"},"emails":["octocat@github.com"]}'JavaScript (@octokit/core.js)
await octokit.request('PUT /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}', {
enterprise: 'enterprise',
scim_user_id: 'scim_user_id',
schemas: [
'schemas'
],
userName: 'userName',
name: {
givenName: 'givenName',
familyName: 'familyName'
},
emails: [
'octocat@github.com'
]
})
Response
Status: 200 OK{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"externalId": "00dowz5dr9oSfDFRA0h7",
"userName": "mona.octocat@okta.example.com",
"name": {
"givenName": "Mona",
"familyName": "Octocat"
},
"emails": [
{
"value": "mona.octocat@okta.example.com",
"type": "work",
"primary": true
}
],
"groups": [
{
"value": "468dd3fa-a1d6-11ea-9031-15a1f0d7811d"
}
],
"active": true,
"meta": {
"resourceType": "User",
"created": "2017-03-09T16:11:13-05:00",
"lastModified": "2017-03-09T16:11:13-05:00",
"location": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/92b58aaa-a1d6-11ea-8227-b9ce9e023ccc"
}
}
Notes
Update an attribute for a SCIM enterprise user
Note: The SCIM API endpoints for enterprise accounts are currently in beta and are subject to change.
Allows you to change a provisioned user's individual attributes. To change a user's values, you must provide a specific Operations JSON format that contains at least one of the add, remove, or replace operations. For examples and more information on the SCIM operations format, see the SCIM specification.
Note: Complicated SCIM path selectors that include filters are not supported. For example, a path selector defined as "path": "emails[type eq \"work\"]" will not work.
Warning: If you set active:false using the replace operation (as shown in the JSON example below), it removes the user from the enterprise, deletes the external identity, and deletes the associated :scim_user_id.
{
"Operations":[{
"op":"replace",
"value":{
"active":false
}
}]
}
patch /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
scim_user_id |
string | path |
scim_user_id parameter |
schemas |
array of strings | body |
Required. The SCIM schema URIs. |
Operations |
array of objects | body |
Required. Array of SCIM operations. |
Ejemplos de código
Shell
curl \
-X PATCH \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/scim/v2/enterprises/ENTERPRISE/Users/SCIM_USER_ID \
-d '{"schemas":["schemas"],"Operations":[{}]}'JavaScript (@octokit/core.js)
await octokit.request('PATCH /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}', {
enterprise: 'enterprise',
scim_user_id: 'scim_user_id',
schemas: [
'schemas'
],
Operations: [
{}
]
})
Response
Status: 200 OK{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "92b58aaa-a1d6-11ea-8227-b9ce9e023ccc",
"externalId": "00dowz5dr9oSfDFRA0h7",
"userName": "mona.octocat@okta.example.com",
"name": {
"givenName": "Monalisa",
"familyName": "Octocat"
},
"emails": [
{
"value": "mona.octocat@okta.example.com",
"type": "work",
"primary": true
},
{
"value": "monalisa@octocat.github.com",
"type": "home"
}
],
"groups": [
{
"value": "468dd3fa-a1d6-11ea-9031-15a1f0d7811d"
}
],
"active": true,
"meta": {
"resourceType": "User",
"created": "2017-03-09T16:11:13-05:00",
"lastModified": "2017-03-09T16:11:13-05:00",
"location": "https://api.github.com/scim/v2/enterprises/octo-corp/Users/92b58aaa-a1d6-11ea-8227-b9ce9e023ccc"
}
}
Notes
Delete a SCIM user from an enterprise
Note: The SCIM API endpoints for enterprise accounts are currently in beta and are subject to change.
delete /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}Parámetros
| Name | Type | In | Description |
|---|---|---|---|
accept |
string | header |
Setting to
|
enterprise |
string | path |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
scim_user_id |
string | path |
scim_user_id parameter |
Ejemplos de código
Shell
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/scim/v2/enterprises/ENTERPRISE/Users/SCIM_USER_IDJavaScript (@octokit/core.js)
await octokit.request('DELETE /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}', {
enterprise: 'enterprise',
scim_user_id: 'scim_user_id'
})
Response
Status: 204 No Content