Skip to main content

Learn about security log events recorded for your personal account.

Note

  • This article contains the events available in the latest version of GitHub Enterprise Server. Some of the events may not be available in previous versions.
  • This article contains the events that may appear in your user account's security log. For the events that can appear in an organization's audit log or the audit log for an enterprise, see Audit log events for your organization and Audit log events for your enterprise.

About security log events

The name for each audit log entry is composed of a category of events, followed by an operation type. For example, the repo.create entry refers to the create operation on the repo category. The reference information in this article is grouped by categories.

Audit log events

account

account.plan_change
The account's plan changed.
Fields
No fields available
Reference
/billing/managing-the-plan-for-your-github-account/about-billing-for-plans

actions_cache

actions_cache.delete
A GitHub Actions cache was deleted using the REST API.
Fields
No fields available

artifact

artifact.destroy
A workflow run artifact was manually deleted.
Fields
No fields available

billing

billing.change_billing_type
The way the account pays for GitHub was changed.
Fields
No fields available
Reference
Managing your payment and billing information
billing.change_email
The billing email address changed.
Fields
No fields available
Reference
Managing your payment and billing information

business

business.security_center_export_code_scanning_metrics
A CSV export was requested on the "CodeQL pull request alerts" page.
Fields
No fields available
business.security_center_export_coverage
A CSV export was requested on the "Coverage" page.
Fields
No fields available
business.security_center_export_overview_dashboard
A CSV export was requested on the "Overview Dashboard" page.
Fields
No fields available
business.security_center_export_risk
A CSV export was requested on the "Risk" page.
Fields
No fields available
business.set_actions_fork_pr_approvals_policy
The policy for requiring approvals for workflows from public forks was changed for an enterprise.
Fields
No fields available
Reference
Enforcing policies for GitHub Actions in your enterprise
business.set_actions_private_fork_pr_approvals_policy
The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an enterprise.
Fields
No fields available
Reference
Enforcing policies for GitHub Actions in your enterprise
business.set_actions_retention_limit
The retention period for GitHub Actions artifacts and logs was changed for an enterprise.
Fields
No fields available
Reference
Enforcing policies for GitHub Actions in your enterprise
business.set_default_workflow_permissions
The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an enterprise.
Fields
No fields available
Reference
Enforcing policies for GitHub Actions in your enterprise
business.set_fork_pr_workflows_policy
The policy for fork pull request workflows was changed for an enterprise.
Fields
No fields available
Reference
Enforcing policies for GitHub Actions in your enterprise
business.set_workflow_permission_can_approve_pr
The policy for allowing GitHub Actions to create and approve pull requests was changed for an enterprise.
Fields
No fields available
Reference
Enforcing policies for GitHub Actions in your enterprise

checks

checks.auto_trigger_disabled
Automatic creation of check suites was disabled on a repository in the organization or enterprise.
Fields
No fields available
Reference
/rest/checks#update-repository-preferences-for-check-suites
checks.auto_trigger_enabled
Automatic creation of check suites was enabled on a repository in the organization or enterprise.
Fields
No fields available
Reference
/rest/checks#update-repository-preferences-for-check-suites
checks.delete_logs
Logs in a check suite were deleted.
Fields
No fields available

codespaces

codespaces.allow_permissions
A codespace using custom permissions from its devcontainer.json file was launched.
Fields
No fields available
codespaces.connect
Credentials for a codespace were refreshed.
Fields
No fields available
codespaces.create
A codespace was created
Fields
No fields available
Reference
Creating a codespace for a repository
codespaces.destroy
A user deleted a codespace.
Fields
No fields available
Reference
Deleting a codespace
codespaces.export_environment
A codespace was exported to a branch on GitHub.
Fields
No fields available
codespaces.restore
A codespace was restored.
Fields
No fields available
codespaces.start_environment
A codespace was started.
Fields
No fields available
codespaces.suspend_environment
A codespace was stopped.
Fields
No fields available
codespaces.trusted_repositories_access_update
A personal account's access and security setting for Codespaces were updated.
Fields
No fields available
Reference
Managing access to other repositories within your codespace

copilot

copilot.cfb_seat_added
A Copilot Business or Copilot Enterprise seat was added for a user and they have received access to GitHub Copilot. This can occur as the result of directly assigning a seat for a user, assigning a seat for a team, or setting the organization to allow access for all members.
Fields
No fields available
copilot.cfb_seat_assignment_created
A Copilot Business or Copilot Enterprise seat assignment was newly created for a user or a team, and seats are being created.
Fields
No fields available
Reference
What is GitHub Copilot?
copilot.cfb_seat_assignment_refreshed
A seat assignment that was previously pending cancellation was re-assigned and the user will retain access to Copilot.
Fields
No fields available
copilot.cfb_seat_assignment_reused
A Copilot Business or Copilot Enterprise seat assignment was re-created for a user who already had a seat with no pending cancellation date, and the user will retain access to Copilot.
Fields
No fields available
copilot.cfb_seat_assignment_unassigned
A user or team's Copilot Business or Copilot Enterprise seat assignment was unassigned, and the user(s) will lose access to Copilot at the end of the current billing cycle.
Fields
No fields available
copilot.cfb_seat_cancelled
A user's Copilot Business or Copilot Enterprise seat was canceled, and the user no longer has access to Copilot.
Fields
No fields available
copilot.cfb_seat_cancelled_by_staff
A user's Copilot Business or Copilot Enterprise seat was canceled manually by GitHub staff, and the user no longer has access to Copilot.
Fields
No fields available

dependabot_alerts

dependabot_alerts_new_repos

dependabot_repository_access

dependabot_repository_access.repositories_updated
The repositories that Dependabot can access were updated.
Fields
No fields available

dependabot_security_updates

dependabot_security_updates.disable
Dependabot security updates were disabled for all existing repositories.
Fields
No fields available
Reference
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization
dependabot_security_updates.enable
Dependabot security updates were enabled for all existing repositories.
Fields
No fields available

dependabot_security_updates_new_repos

dependabot_security_updates_new_repos.disable
Dependabot security updates were disabled for all new repositories.
Fields
No fields available
Reference
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization
dependabot_security_updates_new_repos.enable
Dependabot security updates were enabled for all new repositories.
Fields
No fields available

dependency_graph

dependency_graph.disable
The dependency graph was disabled for all existing repositories.
Fields
No fields available
Reference
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization
dependency_graph.enable
The dependency graph was enabled for all existing repositories.
Fields
No fields available

dependency_graph_new_repos

dependency_graph_new_repos.disable
The dependency graph was disabled for all new repositories.
Fields
No fields available
Reference
/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization
dependency_graph_new_repos.enable
The dependency graph was enabled for all new repositories.
Fields
No fields available

environment

environment.add_protection_rule
A GitHub Actions deployment protection rule was created via the API.
Fields
No fields available
Reference
Managing environments for deployment
environment.create_actions_secret
A secret was created for a GitHub Actions environment.
Fields
No fields available
Reference
Managing environments for deployment
environment.create_actions_variable
A variable was created for a GitHub Actions environment.
Fields
No fields available
Reference
Store information in variables
environment.delete
An environment was deleted.
Fields
No fields available
Reference
Managing environments for deployment
environment.remove_actions_secret
A secret was deleted for a GitHub Actions environment.
Fields
No fields available
Reference
Managing environments for deployment
environment.remove_actions_variable
A variable was deleted for a GitHub Actions environment.
Fields
No fields available
Reference
Store information in variables
environment.remove_protection_rule
A GitHub Actions deployment protection rule was deleted via the API.
Fields
No fields available
Reference
Managing environments for deployment
environment.update_actions_secret
A secret was updated for a GitHub Actions environment.
Fields
No fields available
Reference
Managing environments for deployment
environment.update_actions_variable
A variable was updated for a GitHub Actions environment.
Fields
No fields available
Reference
Store information in variables
environment.update_protection_rule
A GitHub Actions deployment protection rule was updated via the API.
Fields
No fields available
Reference
Managing environments for deployment

gist

gist.create
A gist was created.
Fields
No fields available
gist.destroy
A gist was deleted.
Fields
No fields available
gist.visibility_change
The visibility of a gist was updated.
Fields
No fields available

git_signing_ssh_public_key

git_signing_ssh_public_key.create
An SSH key was added to a user account as a Git commit signing key.
Fields
No fields available
Reference
/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key
git_signing_ssh_public_key.delete
An SSH key was removed from a user account as a Git commit signing key.
Fields
No fields available
Reference
/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key

hook

hook.active_changed
A hook's active status was updated.
Fields
No fields available
hook.config_changed
A hook's configuration was changed.
Fields
No fields available
hook.create
A new hook was added.
Fields
No fields available
Reference
About webhooks
hook.destroy
A hook was deleted.
Fields
No fields available
hook.events_changed
A hook's configured events were changed.
Fields
No fields available

integration

integration.create
A GitHub App was created.
Fields
No fields available
integration.destroy
A GitHub App was deleted.
Fields
No fields available
integration.manager_removed
A member of an enterprise or organization was removed from being a GitHub App manager.
Fields
No fields available
Reference
/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#removing-a-github-app-managers-permissions-for-the-entire-organization
integration.remove_client_secret
A client secret for a GitHub App was removed.
Fields
No fields available
integration.revoke_all_tokens
All user tokens for a GitHub App were requested to be revoked.
Fields
No fields available
integration.revoke_tokens
Token(s) for a GitHub App were revoked.
Fields
No fields available
integration.suspend
A GitHub App was suspended.
Fields
No fields available
Reference
/apps/maintaining-github-apps/suspending-a-github-app-installation
integration.transfer
Ownership of a GitHub App was transferred to another user or organization.
Fields
No fields available
Reference
/apps/maintaining-github-apps/transferring-ownership-of-a-github-app
integration.unsuspend
A GitHub App was unsuspended.
Fields
No fields available
Reference
/apps/maintaining-github-apps/suspending-a-github-app-installation

integration_installation

integration_installation.create
A GitHub App was installed.
Fields
No fields available
Reference
/apps/using-github-apps/authorizing-github-apps
integration_installation.destroy
A GitHub App was uninstalled.
Fields
No fields available
Reference
/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access
integration_installation.repositories_added
Repositories were added to a GitHub App.
Fields
No fields available
Reference
/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access
integration_installation.repositories_removed
Repositories were removed from a GitHub App.
Fields
No fields available
Reference
/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access
integration_installation.suspend
A GitHub App was suspended.
Fields
No fields available
Reference
/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access
integration_installation.unsuspend
A GitHub App was unsuspended.
Fields
No fields available
Reference
/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access
integration_installation.version_updated
Permissions for a GitHub App were updated.
Fields
No fields available
Reference
/apps/using-github-apps/approving-updated-permissions-for-a-github-app

marketplace_agreement_signature

marketplace_agreement_signature.create
The GitHub Marketplace Developer Agreement was signed.
Fields
No fields available

marketplace_listing

marketplace_listing.approve
A listing was approved for inclusion in GitHub Marketplace.
Fields
No fields available
marketplace_listing.change_category
A category for a listing for an app in GitHub Marketplace was changed.
Fields
No fields available
marketplace_listing.create
A listing for an app in GitHub Marketplace was created.
Fields
No fields available
marketplace_listing.delist
A listing was removed from GitHub Marketplace.
Fields
No fields available
marketplace_listing.redraft
A listing was sent back to draft state.
Fields
No fields available
marketplace_listing.reject
A listing was not accepted for inclusion in GitHub Marketplace.
Fields
No fields available

migration

migration.create
A migration file was created for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance.
Fields
No fields available

oauth_access

oauth_access.create
An OAuth access token was generated.
Fields
No fields available
Reference
/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps, Managing your personal access tokens
oauth_access.destroy
An OAuth access token was deleted.
Fields
No fields available
Reference
/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps
oauth_access.regenerate
An OAuth access token was regenerated.
Fields
No fields available
oauth_access.update
An OAuth access token was updated.
Fields
No fields available

oauth_application

oauth_application.create
An OAuth application was created.
Fields
No fields available
Reference
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.destroy
An OAuth application was deleted.
Fields
No fields available
Reference
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.generate_client_secret
An OAuth application's secret key was generated.
Fields
No fields available
Reference
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.remove_client_secret
An OAuth application's secret key was deleted.
Fields
No fields available
Reference
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.reset_secret
The secret key for an OAuth application was reset.
Fields
No fields available
Reference
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.revoke_all_tokens
All user tokens for an OAuth application were requested to be revoked.
Fields
No fields available
Reference
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.revoke_tokens
Token(s) for an OAuth application were revoked.
Fields
No fields available
Reference
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
oauth_application.transfer
An OAuth application was transferred from one account to another.
Fields
No fields available
Reference
/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app

oauth_authorization

oauth_authorization.create
An authorization for an OAuth application was created.
Fields
No fields available
Reference
/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps
oauth_authorization.destroy
An authorization for an OAuth application was deleted.
Fields
No fields available
Reference
Reviewing and revoking authorization of GitHub Apps
oauth_authorization.update
An authorization for an OAuth application was updated.
Fields
No fields available
Reference
/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps

org

org.add_member
A user joined an organization.
Fields
No fields available
org.add_outside_collaborator
An outside collaborator was added to a repository.
Fields
No fields available
org.advanced_security_disabled_for_new_repos
GitHub Advanced Security was disabled for new repositories in an organization.
Fields
No fields available
org.advanced_security_disabled_on_all_repos
GitHub Advanced Security was disabled for all repositories in an organization.
Fields
No fields available
org.advanced_security_enabled_for_new_repos
GitHub Advanced Security was enabled for new repositories in an organization.
Fields
No fields available
org.advanced_security_enabled_on_all_repos
GitHub Advanced Security was enabled for all repositories in an organization.
Fields
No fields available
org.remove_member
A member was removed from an organization, either manually or due to a two-factor authentication requirement.
Fields
No fields available
org.security_center_export_code_scanning_metrics
A CSV export was requested on the CodeQL pull request alerts page.
Fields
No fields available
org.security_center_export_coverage
A CSV export was requested on the Coverage page.
Fields
No fields available
org.security_center_export_overview_dashboard
A CSV export was requested on the Overview Dashboard page.
Fields
No fields available
org.security_center_export_risk
A CSV export was requested on the Risk page.
Fields
No fields available
org.set_actions_fork_pr_approvals_policy
The setting for requiring approvals for workflows from public forks was changed for an organization.
Fields
No fields available
Reference
/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#requiring-approval-for-workflows-from-public-forks
org.set_actions_private_fork_pr_approvals_policy
The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an organization.
Fields
No fields available
Reference
/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks
org.set_actions_retention_limit
The retention period for GitHub Actions artifacts and logs in an organization was changed.
Fields
No fields available
Reference
/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization
org.set_default_workflow_permissions
The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an organization.
Fields
No fields available
Reference
/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization
org.set_fork_pr_workflows_policy
The policy for workflows on private repository forks was changed.
Fields
No fields available
Reference
/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks
org.set_workflow_permission_can_approve_pr
The policy for allowing GitHub Actions to create and approve pull requests was changed for an organization.
Fields
No fields available
Reference
/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests
org.update_member
A person's role was changed from owner to member or member to owner.
Fields
No fields available
org.update_member_repository_creation_permission
The create repository permission for organization members was changed.
Fields
No fields available
org.update_member_repository_invitation_permission
An organization owner changed the policy setting for organization members inviting outside collaborators to repositories.
Fields
No fields available
Reference
Setting permissions for adding outside collaborators

pages_protected_domain

pages_protected_domain.create
A GitHub Pages verified domain was created for an organization or enterprise.
Fields
No fields available
Reference
/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages
pages_protected_domain.delete
A GitHub Pages verified domain was deleted from an organization or enterprise.
Fields
No fields available
Reference
/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages
pages_protected_domain.verify
A GitHub Pages domain was verified for an organization or enterprise.
Fields
No fields available
Reference
/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages

passkey

passkey.register
A new passkey was added.
Fields
No fields available
passkey.remove
A new passkey was removed.
Fields
No fields available

payment_method

payment_method.create
A new payment method was added, such as a new credit card or PayPal account.
Fields
No fields available
payment_method.remove
A payment method was removed.
Fields
No fields available
payment_method.update
An existing payment method was updated.
Fields
No fields available

personal_access_token

personal_access_token.access_granted
A fine-grained personal access token was granted access to resources.
Fields
No fields available
Reference
/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization
personal_access_token.access_revoked
A fine-grained personal access token was revoked. The token can still read public organization resources.
Fields
No fields available
Reference
/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization
personal_access_token.create
Triggered when you create a fine-grained personal access token.
Fields
No fields available
personal_access_token.credential_regenerated
Triggered when you regenerate a fine-grained personal access token.
Fields
No fields available
personal_access_token.credential_revoked
A fine-grained personal access token was revoked by GitHub Advanced Security.
Fields
No fields available
Reference
/code-security/getting-started/github-security-features#secret-scanning-alerts-for-users
personal_access_token.destroy
Triggered when you delete a fine-grained personal access token.
Fields
No fields available
personal_access_token.request_cancelled
A pending request for a fine-grained personal access token to access organization resources was canceled.
Fields
No fields available
personal_access_token.request_created
Triggered when a fine-grained personal access token was created to access organization resources and the organization requires approval before the token can access organization resources.
Fields
No fields available
Reference
/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization
personal_access_token.request_denied
A request for a fine-grained personal access token to access organization resources was denied.
Fields
No fields available
Reference
/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization
personal_access_token.update
A fine-grained personal access token was updated.
Fields
No fields available
Reference
/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens

profile_picture

profile_picture.update
A profile picture was updated.
Fields
No fields available
Reference
/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile

project

project.access
A project board visibility was changed.
Fields
No fields available
project.close
A project board was closed.
Fields
No fields available
Reference
Closing a project (classic)
project.create
A project board was created.
Fields
No fields available
project.delete
A project board was deleted.
Fields
No fields available
project.link
A repository was linked to a project board.
Fields
No fields available
project.open
A project board was reopened.
Fields
No fields available
Reference
Reopening a closed project (classic)
project.rename
A project board was renamed.
Fields
No fields available
project.unlink
A repository was unlinked from a project board.
Fields
No fields available
project.update_org_permission
The project's base-level permission for all organization members was changed or removed.
Fields
No fields available
project.update_team_permission
A team's project board permission level was changed or when a team was added or removed from a project board.
Fields
No fields available
project.update_user_permission
A user was added to or removed from a project board or had their permission level changed.
Fields
No fields available
project.visibility_private
A project's visibility was changed from public to private.
Fields
No fields available
project.visibility_public
A project's visibility was changed from private to public.
Fields
No fields available

project_collaborator

project_collaborator.add
A collaborator was added to a project.
Fields
No fields available
project_collaborator.remove
A collaborator was removed from a project.
Fields
No fields available
project_collaborator.update
A project collaborator's permission level was changed.
Fields
No fields available

project_field

project_field.create
A field was created in a project board.
Fields
No fields available
Reference
/issues/planning-and-tracking-with-projects/understanding-fields
project_field.delete
A field was deleted in a project board.
Fields
No fields available
Reference
/issues/planning-and-tracking-with-projects/understanding-fields/deleting-custom-fields

project_view

project_view.create
A view was created in a project board.
Fields
No fields available
Reference
/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views
project_view.delete
A view was deleted in a project board.
Fields
No fields available
Reference
/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views

protected_branch

protected_branch.update_merge_queue_enforcement_level
Enforcement of the merge queue was modified for a branch.
Fields
No fields available
Reference
/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-merge-queue

public_key

public_key.create
An SSH key was added to a user account or a deploy key was added to a repository.
Fields
No fields available
Reference
/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account
public_key.delete
An SSH key was removed from a user account or a deploy key was removed from a repository.
Fields
No fields available
Reference
/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys
public_key.unverification_failure
A user account's SSH key or a repository's deploy key was unable to be unverified.
Fields
No fields available
Reference
/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys
public_key.unverify
A user account's SSH key or a repository's deploy key was unverified.
Fields
No fields available
Reference
/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys
public_key.update
A user account's SSH key or a repository's deploy key was updated.
Fields
No fields available
Reference
/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys
public_key.verification_failure
A user account's SSH key or a repository's deploy key was unable to be verified.
Fields
No fields available
Reference
/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys
public_key.verify
A user account's SSH key or a repository's deploy key was verified.
Fields
No fields available
Reference
/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys

repo

repo.access
The visibility of a repository changed.
Fields
No fields available
Reference
/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility
repo.advanced_security_disabled
GitHub Advanced Security was disabled for a repository.
Fields
No fields available
Reference
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository
repo.advanced_security_enabled
GitHub Advanced Security was enabled for a repository.
Fields
No fields available
Reference
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository
repo.archived
A repository was archived.
Fields
No fields available
Reference
/repositories/archiving-a-github-repository
repo.change_merge_setting
Pull request merge options were changed for a repository.
Fields
No fields available
repo.code_scanning_analysis_deleted
Code scanning analysis for a repository was deleted.
Fields
No fields available
Reference
/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository
repo.code_scanning_configuration_for_branch_deleted
A code scanning configuration for a branch of a repository was deleted.
Fields
No fields available
Reference
Resolving code scanning alerts
repo.config.disable_collaborators_only
The interaction limit for collaborators only was disabled.
Fields
No fields available
Reference
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository
repo.config.disable_contributors_only
The interaction limit for prior contributors only was disabled in a repository.
Fields
No fields available
Reference
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository
repo.config.disable_sockpuppet_disallowed
The interaction limit for existing users only was disabled in a repository.
Fields
No fields available
Reference
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository
repo.config.enable_collaborators_only
The interaction limit for collaborators only was enabled in a repository Users that are not collaborators or organization members were unable to interact with a repository for a set duration.
Fields
No fields available
Reference
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository
repo.config.enable_contributors_only
The interaction limit for prior contributors only was enabled in a repository Users that are not prior contributors, collaborators or organization members were unable to interact with a repository for a set duration.
Fields
No fields available
Reference
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository
repo.config.enable_sockpuppet_disallowed
The interaction limit for existing users was enabled in a repository New users aren't able to interact with a repository for a set duration Existing users of the repository, contributors, collaborators or organization members are able to interact with a repository.
Fields
No fields available
Reference
/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository
repo.create
A repository was created.
Fields
No fields available
Reference
/repositories/creating-and-managing-repositories/creating-a-new-repository
repo.create_actions_secret
A GitHub Actions secret was created for a repository.
Fields
No fields available
Reference
Using secrets in GitHub Actions
repo.create_actions_variable
A GitHub Actions variable was created for a repository.
Fields
No fields available
Reference
Store information in variables
repo.create_integration_secret
A Codespaces or Dependabot secret was created for a repository.
Fields
No fields available
repo.destroy
A repository was deleted.
Fields
No fields available
Reference
/repositories/creating-and-managing-repositories/deleting-a-repository
repo.pages_cname
A GitHub Pages custom domain was modified in a repository.
Fields
No fields available
repo.pages_create
A GitHub Pages site was created.
Fields
No fields available
repo.pages_destroy
A GitHub Pages site was deleted.
Fields
No fields available
repo.pages_https_redirect_disabled
HTTPS redirects were disabled for a GitHub Pages site.
Fields
No fields available
repo.pages_https_redirect_enabled
HTTPS redirects were enabled for a GitHub Pages site.
Fields
No fields available
repo.pages_private
A GitHub Pages site visibility was changed to private.
Fields
No fields available
repo.pages_public
A GitHub Pages site visibility was changed to public.
Fields
No fields available
repo.pages_soft_delete
A GitHub Pages site was soft-deleted because its owner's plan changed.
Fields
No fields available
repo.pages_soft_delete_restore
A GitHub Pages site that was previously soft-deleted was restored.
Fields
No fields available
repo.pages_source
A GitHub Pages source was modified.
Fields
No fields available
repo.register_self_hosted_runner
A new self-hosted runner was registered.
Fields
No fields available
Reference
Adding self-hosted runners
repo.remove_actions_secret
A GitHub Actions secret was deleted for a repository.
Fields
No fields available
Reference
Using secrets in GitHub Actions
repo.remove_actions_variable
A GitHub Actions variable was deleted for a repository.
Fields
No fields available
Reference
Store information in variables
repo.remove_integration_secret
A Codespaces or Dependabot secret was deleted for a repository.
Fields
No fields available
repo.remove_self_hosted_runner
A self-hosted runner was removed.
Fields
No fields available
Reference
Removing self-hosted runners
repo.remove_topic
A topic was removed from a repository.
Fields
No fields available
repo.rename
A repository was renamed.
Fields
No fields available
Reference
/repositories/creating-and-managing-repositories/renaming-a-repository
repo.set_actions_fork_pr_approvals_policy
The setting for requiring approvals for workflows from public forks was changed for a repository.
Fields
No fields available
Reference
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks
repo.set_actions_private_fork_pr_approvals_policy
The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for a repository.
Fields
No fields available
Reference
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories
repo.set_default_workflow_permissions
The default permissions granted to the GITHUB_TOKEN when running workflows were changed for a repository.
Fields
No fields available
Reference
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository
repo.set_fork_pr_workflows_policy
Triggered when the policy for workflows on private repository forks is changed.
Fields
No fields available
Reference
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks
repo.set_workflow_permission_can_approve_pr
The policy for allowing GitHub Actions to create and approve pull requests was changed for a repository.
Fields
No fields available
Reference
/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests
repo.staff_unlock
An enterprise owner or GitHub staff (with permission from a repository administrator) temporarily unlocked the repository.
Fields
No fields available
repo.temporary_access_granted
Temporary access was enabled for a repository.
Fields
No fields available
Reference
Accessing user-owned repositories in your enterprise
repo.transfer
A user accepted a request to receive a transferred repository.
Fields
No fields available
Reference
/repositories/creating-and-managing-repositories/transferring-a-repository
repo.transfer_outgoing
A repository was transferred to another repository network.
Fields
No fields available
repo.transfer_start
A user sent a request to transfer a repository to another user or organization.
Fields
No fields available
repo.unarchived
A repository was unarchived.
Fields
No fields available
Reference
/repositories/archiving-a-github-repository
repo.update_actions_access_settings
The setting to control how a repository was used by GitHub Actions workflows in other repositories was changed.
Fields
No fields available
repo.update_actions_secret
A GitHub Actions secret was updated for a repository.
Fields
No fields available
Reference
Using secrets in GitHub Actions
repo.update_actions_settings
A repository administrator changed GitHub Actions policy settings for a repository.
Fields
No fields available
repo.update_actions_variable
A GitHub Actions variable was updated for a repository.
Fields
No fields available
Reference
Store information in variables
repo.update_default_branch
The default branch for a repository was changed.
Fields
No fields available
repo.update_integration_secret
A Codespaces or Dependabot secret was updated for a repository.
Fields
No fields available
repo.update_member
A user's permission to a repository was changed.
Fields
No fields available

repository_image

repository_image.create
An image to represent a repository was uploaded.
Fields
No fields available
repository_image.destroy
An image to represent a repository was deleted.
Fields
No fields available

repository_invitation

repository_invitation.accept
An invitation to join a repository was accepted.
Fields
No fields available
repository_invitation.cancel
An invitation to join a repository was canceled.
Fields
No fields available
repository_invitation.create
An invitation to join a repository was sent.
Fields
No fields available
repository_invitation.reject
An invitation to join a repository was declined.
Fields
No fields available

repository_ruleset

repository_ruleset.create
A repository ruleset was created.
Fields
No fields available
Reference
/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository
repository_ruleset.destroy
A repository ruleset was deleted.
Fields
No fields available
Reference
/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#deleting-a-ruleset
repository_ruleset.update
A repository ruleset was edited.
Fields
No fields available
Reference
/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#editing-a-ruleset

security_key

security_key.register
A security key was registered for an account.
Fields
No fields available
security_key.remove
A security key was removed from an account.
Fields
No fields available

sponsors

sponsors.agreement_sign
A GitHub Sponsors agreement was signed on behalf of an organization.
Fields
No fields available
sponsors.custom_amount_settings_change
Custom amounts for GitHub Sponsors were enabled or disabled, or the suggested custom amount was changed.
Fields
No fields available
Reference
/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers
sponsors.fiscal_host_change
The fiscal host for a GitHub Sponsors listing was updated.
Fields
No fields available
sponsors.repo_funding_links_file_action
The FUNDING file in a repository was changed.
Fields
No fields available
Reference
/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository
sponsors.sponsor_sponsorship_cancel
A sponsorship was canceled.
Fields
No fields available
Reference
Downgrading a sponsorship
sponsors.sponsor_sponsorship_create
A sponsorship was created, by sponsoring an account.
Fields
No fields available
Reference
/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes
sponsors.sponsor_sponsorship_payment_complete
After you sponsor an account and a payment has been processed, the sponsorship payment was marked as complete.
Fields
No fields available
Reference
/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes
sponsors.sponsor_sponsorship_preference_change
The option to receive email updates from a sponsored account was changed.
Fields
No fields available
Reference
/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship
sponsors.sponsor_sponsorship_tier_change
A sponsorship was upgraded or downgraded.
Fields
No fields available
Reference
Upgrading a sponsorship, Downgrading a sponsorship
sponsors.sponsored_developer_approve
A GitHub Sponsors account was approved.
Fields
No fields available
Reference
/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account
sponsors.sponsored_developer_create
A GitHub Sponsors account was created.
Fields
No fields available
Reference
/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account
sponsors.sponsored_developer_disable
A GitHub Sponsors account was disabled.
Fields
No fields available
sponsors.sponsored_developer_profile_update
The profile for GitHub Sponsors account was edited.
Fields
No fields available
Reference
/sponsors/receiving-sponsorships-through-github-sponsors/editing-your-profile-details-for-github-sponsors
sponsors.sponsored_developer_redraft
A GitHub Sponsors account was returned to draft state from approved state.
Fields
No fields available
sponsors.sponsored_developer_request_approval
An application for GitHub Sponsors was submitted for approval.
Fields
No fields available
Reference
/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account
sponsors.sponsored_developer_tier_description_update
The description for a sponsorship tier was changed.
Fields
No fields available
Reference
/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers
sponsors.sponsored_developer_update_newsletter_send
Triggered when you send an email update to your sponsors.
Fields
No fields available
Reference
/sponsors/receiving-sponsorships-through-github-sponsors/contacting-your-sponsors
sponsors.sponsors_patreon_user_create
A Patreon account was linked to a user account for use with GitHub Sponsors.
Fields
No fields available
Reference
/sponsors/receiving-sponsorships-through-github-sponsors/enabling-sponsorships-through-patreon#linking-your-patreon-account-to-your-github-account
sponsors.sponsors_patreon_user_destroy
A Patreon account for use with GitHub Sponsors was unlinked from a user account.
Fields
No fields available
Reference
Unlinking your Patreon account from GitHub
sponsors.update_tier_repository
A GitHub Sponsors tier changed access for a repository.
Fields
No fields available
sponsors.update_tier_welcome_message
The welcome message for a GitHub Sponsors tier for an organization was updated.
Fields
No fields available
sponsors.waitlist_join
You join the waitlist to join GitHub Sponsors.
Fields
No fields available
Reference
/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account
sponsors.withdraw_agreement_signature
A signature was withdrawn from a GitHub Sponsors agreement that applies to an organization.
Fields
No fields available

successor_invitation

trusted_device

trusted_device.register
A new trusted device was added.
Fields
No fields available
trusted_device.remove
A trusted device was removed.
Fields
No fields available

two_factor_authentication

two_factor_authentication.add_factor
A secondary authentication factor was added to a user account.
Fields
No fields available
Reference
/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication
two_factor_authentication.disabled
Two-factor authentication was disabled for a user account.
Fields
No fields available
Reference
Disabling two-factor authentication for your personal account
two_factor_authentication.enabled
Two-factor authentication was enabled for a user account.
Fields
No fields available
Reference
Configuring two-factor authentication
two_factor_authentication.password_reset_fallback_sms
A one-time password code was sent to a user account fallback phone number.
Fields
No fields available
two_factor_authentication.recovery_codes_regenerated
Two factor recovery codes were regenerated for a user account.
Fields
No fields available
two_factor_authentication.remove_factor
A secondary authentication factor was removed from a user account.
Fields
No fields available
Reference
/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication
two_factor_authentication.sign_in_fallback_sms
A one-time password code was sent to a user account fallback phone number.
Fields
No fields available
two_factor_authentication.update_fallback
The two-factor authentication fallback for a user account was changed.
Fields
No fields available

user

user.async_delete
An asynchronous job was started to destroy a user account, eventually triggering a user.delete event.
Fields
No fields available
user.audit_log_export
Audit log entries were exported.
Fields
No fields available
user.block_user
A user was blocked by another user.
Fields
No fields available
user.change_password
A user changed their password.
Fields
No fields available
user.codespaces_trusted_repo_access_granted
Triggered when you allow the codespaces you create for a repository to access other repositories owned by your personal account.
Fields
No fields available
Reference
Managing access to other repositories within your codespace
user.codespaces_trusted_repo_access_revoked
Triggered when you disallow the codespaces you create for a repository to access other repositories owned by your personal account.
Fields
No fields available
Reference
Managing access to other repositories within your codespace
user.create
A new user account was created.
Fields
No fields available
user.create_integration_secret
A user secret for Codespaces was created.
Fields
No fields available
user.creation_rate_limit_exceeded
The rate of creation of user accounts, applications, issues, pull requests or other resources exceeded the configured rate limits, or too many users were followed too quickly.
Fields
No fields available
user.delete
A user account was destroyed by an asynchronous job.
Fields
No fields available
user.demote
A site administrator was demoted to an ordinary user account.
Fields
No fields available
user.destroy
A user deleted his or her account, triggering user.async_delete.
Fields
No fields available
user.failed_login
A user tried to sign in with an incorrect username, password, or two-factor authentication code.
Fields
No fields available
user.forgot_password
A user requested a password reset.
Fields
No fields available
Reference
/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials
user.hide_private_contributions_count
A user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now hidden.
Fields
No fields available
Reference
/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile
user.login
A user signed in.
Fields
No fields available
user.logout
A user signed out.
Fields
No fields available
user.new_device_used
A user signed in from a new device.
Fields
No fields available
user.promote
An ordinary user account was promoted to a site administrator.
Fields
No fields available
user.recreate
A user's account was restored.
Fields
No fields available
user.remove_email
An email address was removed from a user account.
Fields
No fields available
user.remove_integration_secret
A user secret for Codespaces was deleted.
Fields
No fields available
user.rename
A username was changed.
Fields
No fields available
user.reset_password
A user reset their account password.
Fields
No fields available
user.show_private_contributions_count
A user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now shown.
Fields
No fields available
Reference
/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile
user.sign_in_from_unrecognized_device
A user signed in from an unrecognized device.
Fields
No fields available
user.sign_in_from_unrecognized_device_and_location
A user signed in from an unrecognized device and location.
Fields
No fields available
user.suspend
A user account was suspended.
Fields
No fields available
user.two_factor_challenge_failure
A 2FA challenge issued for a user account failed.
Fields
No fields available
user.two_factor_challenge_success
A 2FA challenge issued for a user account succeeded.
Fields
No fields available
user.two_factor_recover
A user used their 2FA recovery codes.
Fields
No fields available
user.two_factor_recovery_codes_downloaded
A user downloaded 2FA recovery codes for their account.
Fields
No fields available
user.two_factor_recovery_codes_printed
A user printed 2FA recovery codes for their account.
Fields
No fields available
user.two_factor_recovery_codes_viewed
A user viewed 2FA recovery codes for their account.
Fields
No fields available
user.two_factor_requested
A user was prompted for a two-factor authentication code.
Fields
No fields available
Reference
/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication
user.unblock_user
A user was unblocked by another user.
Fields
No fields available
user.unsuspend
A user account was unsuspended.
Fields
No fields available
user.update_integration_secret
A user secret for Codespaces was updated.
Fields
No fields available

user_email

user_email.confirm_claim
An enterprise managed user claimed an email address.
Fields
No fields available

user_status

user_status.destroy
Triggered when you clear the status on your profile.
Fields
No fields available
user_status.update
Triggered when you set or change the status on your profile.
Fields
No fields available
Reference
/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#setting-a-status

workflows

workflows.approve_workflow_job
A workflow job was approved.
Fields
No fields available
Reference
Reviewing deployments
workflows.delete_workflow_run
A workflow run was deleted.
Fields
No fields available
Reference
Deleting a workflow run
workflows.disable_workflow
A workflow was disabled.
Fields
No fields available
workflows.enable_workflow
A workflow was enabled, after previously being disabled by disable_workflow.
Fields
No fields available
workflows.pin_workflow
A workflow was pinned.
Fields
No fields available
workflows.reject_workflow_job
A workflow job was rejected.
Fields
No fields available
Reference
Reviewing deployments
workflows.unpin_workflow
A workflow was unpinned after previously being pinned.
Fields
No fields available