provider actions PUT /repos/{owner}/{repo}/actions/permissions/selected-actions
@utdk/github /repos/{owner}/{repo}/actions/permissions/selected-actions
Set allowed actions and reusable workflows for a repository
Sets the actions and reusable workflows that are allowed in a repository. To use this endpoint, the repository permission policy for `allowed_actions` must be configured to `selected`. For more information, see "[Set GitHub Actions permissions for a repository](#set-github-actions-permissions-for-a-repository)." OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.
owner path required
The account owner of the repository. The name is not case sensitive.
string
repo path required
The name of the repository without the `.git` extension. The name is not case sensitive.
string

Try it

Authentication
Configure credentials for GitHub v3 REST API
Gateway
The gateway proxies requests and injects credentials server-side. Configure credentials above, then enter your gateway URL.

Saved automatically to browser storage.

actions.setAllowedActionsRepository
PUT/repos/{owner}/{repo}/actions/permissions/selected-actions
Sets the actions and reusable workflows that are allowed in a repository. To use this endpoint, the repository permission policy for `allowed_actions` must be configured to `selected`. For more information, see "[Set GitHub Actions permissions for a repository](#set-github-actions-permissions-for-a-repository)." OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint.

Parameters

required

The account owner of the repository. The name is not case sensitive.

required

The name of the repository without the `.git` extension. The name is not case sensitive.

Input

Whether GitHub-owned actions are allowed. For example, this includes the actions in the `actions` organization.

Whether actions from GitHub Marketplace verified creators are allowed. Set to `true` to allow all actions by GitHub Marketplace verified creators.

Specifies a list of string-matching patterns to allow specific action(s) and reusable workflow(s). Wildcards, tags, and SHAs are allowed. For example, `monalisa/octocat@*`, `monalisa/octocat@v2`, `monalisa/*`. > [!NOTE] > The `patterns_allowed` setting only applies to public repositories.

Enter a gateway URL above to enable sending.

Code snippet
Updates live as you fill in the form above.

TypeScript

import github from '@utdk/github';

await github.actions.setAllowedActionsRepository()