app.js

> GitHub App toolset for Node.js

![@latest](https://www.npmjs.com/package/@octokit/app)
![Build Status](https://github.com/octokit/app.js/actions?workflow=Test)

- Usage
- App.defaults(options)
- Constructor
- API
- app.octokit
- app.log
- app.getInstallationOctokit
- app.eachInstallation
- app.eachRepository
- app.getInstallationUrl
- app.webhooks
- app.oauth
- Middlewares
- createNodeMiddleware(app, options)
- Contributing
- License

Usage

Browsers	`@octokit/app` is not meant for browser usage.
Node	Install with `npm install @octokit/app` ```js const { App, createNodeMiddleware } = require("@octokit/app");``

Browsers

@octokit/app is not meant for browser usage.

Node

Install with npm install @octokit/app

``js const { App, createNodeMiddleware } = require("@octokit/app");`

> [!IMPORTANT]
> As we use conditional exports, you will need to adapt your tsconfig.json by setting "moduleResolution": "node16", "module": "node16". > > See the TypeScript docs on package.json "exports". > See this helpful guide on transitioning to ESM from @sindresorhus

`js const app = new App({ appId: 123, privateKey: "-----BEGIN PRIVATE KEY-----\n...", oauth: { clientId: "0123", clientSecret: "0123secret", }, webhooks: { secret: "secret", }, });

const { data } = await app.octokit.request("/app"); console.log("authenticated as %s", data.name); for await (const { installation } of app.eachInstallation.iterator()) { for await (const { octokit, repository } of app.eachRepository.iterator({ installationId: installation.id, })) { await octokit.request("POST /repos/{owner}/{repo}/dispatches", { owner: repository.owner.login, repo: repository.name, event_type: "my_event", }); } }

app.webhooks.on("issues.opened", async ({ octokit, payload }) => { await octokit.request( "POST /repos/{owner}/{repo}/issues/{issue_number}/comments", { owner: payload.repository.owner.login, repo: payload.repository.name, issue_number: payload.issue.number, body: "Hello World!", }, ); });

app.oauth.on("token", async ({ token, octokit }) => { const { data } = await octokit.request("GET /user"); console.log(Token retrieved for ${data.login}); });

require("http").createServer(createNodeMiddleware(app)).listen(3000); // can now receive requests at /api/github/*`

App.defaults(options)

Create a new App with custom defaults for the constructor options

`js const MyApp = App.defaults({ Octokit: MyOctokit, }); const app = new MyApp({ clientId, clientSecret }); // app.octokit is now an instance of MyOctokit`

`Constructor`

name	type	description
`appId`	`number`	Required. Find the App ID on the app’s about page in settings.
`privateKey`	`string`	Required. Content of the `*.pem` file you downloaded from the app’s about page. You can generate a new private key if needed.
`Octokit`	`Constructor`	You can pass in your own Octokit constructor with custom defaults and plugins. Note that authStrategy `will be always be set to` createAppAuth `from` @octokit/auth-app`.` `For usage with enterprise, set` baseUrl `to the hostname +` /api/v3`. Example:` ``js const { Octokit } = require("@octokit/core"); new App({ appId: 123, privateKey: "-----BEGIN PRIVATE KEY-----\n...", oauth: { clientId: 123, clientSecret: "secret", }, webhooks: { secret: "secret", }, Octokit: Octokit.defaults({ baseUrl: "https://ghe.my-company.com/api/v3", }), });`` `Defaults to` @octokit/core`.`
`log`	`object`	Used for internal logging. Defaults to `console`.
`webhooks.secret`	`string`	Required. Secret as configured in the GitHub App's settings.
`webhooks.transform`	`function`	Only relevant for app.webhooks.on`. Transform emitted event before calling handlers. Can be asynchronous.`
`oauth.clientId`	`number`	Find the OAuth Client ID on the app’s about page in settings.
`oauth.clientSecret`	`number`	Find the OAuth Client Secret on the app’s about page in settings.
`oauth.allowSignup`	`boolean`	Sets the default value for `app.oauth.getAuthorizationUrl(options)`.

`API`

`$3`

Octokit instance. Uses the Octokit constructor option if passed.

`$3`

See https://github.com/octokit/core.js#logging. Customize using the log constructor option.

`$3`

`js const octokit = await app.getInstallationOctokit(123);`

`$3`

`js for await (const { octokit, installation } of app.eachInstallation.iterator()) { / ... / } await app.eachInstallation(({ octokit, installation }) => / ... /)`

`$3`

`js for await (const { octokit, repository } of app.eachRepository.iterator()) { / ... / } await app.eachRepository(({ octokit, repository }) => / ... /)`

Optionally pass installation ID to iterate through all repositories in one installation

`js for await (const { octokit, repository } of app.eachRepository.iterator({ installationId })) { / ... / } await app.eachRepository({ installationId }, ({ octokit, repository }) => / ... /)`

`$3`

`js const installationUrl = await app.getInstallationUrl(); return res.redirect(installationUrl);`

Optionally pass the ID of a GitHub organization or user to request installation on that specific target.

If the user will be sent to a redirect URL after installation (such as if you request user authorization during installation), you can also supply a state string that will be included in the query of the post-install redirect.

`js const installationUrl = await app.getInstallationUrl({ state, target_id }); return res.redirect(installationUrl);`

`$3`

An @octokit/webhooks instance

`$3`

An @octokit/oauth-app instance

`Middlewares`

A middleware is a method or set of methods to handle requests for common environments.

By default, all middlewares expose the following routes

| Route | Route Description | | -------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | |POST /api/github/webhooks| Endpoint to receive GitHub Webhook Event requests | |GET /api/github/oauth/login | Redirects to GitHub's authorization endpoint. Accepts optional ?statequery parameter. | |GET /api/github/oauth/callback | The client's redirect endpoint. This is where the tokenevent gets triggered | |POST /api/github/oauth/token | Exchange an authorization code for an OAuth Access token. If successful, the tokenevent gets triggered. | |GET /api/github/oauth/token | Check if token is valid. Must authenticate using token in Authorization header. Uses GitHub's POST /applications/{client_id}/tokenendpoint | |PATCH /api/github/oauth/token | Resets a token (invalidates current one, returns new token). Must authenticate using token in Authorization header. Uses GitHub's PATCH /applications/{client_id}/tokenendpoint. | |DELETE /api/github/oauth/token | Invalidates current token, basically the equivalent of a logout. Must authenticate using token in Authorizationheader. | |DELETE /api/github/oauth/grant | Revokes the user's grant, basically the equivalent of an uninstall. must authenticate using token in Authorization header. |

`$3`

Middleware for Node's built in http server or express.

`js const { App, createNodeMiddleware } = require("@octokit/app");

const app = new App({ appId: 123, privateKey: "-----BEGIN PRIVATE KEY-----\n...", oauth: { clientId: "0123", clientSecret: "0123secret", }, webhooks: { secret: "secret", }, });

const middleware = createNodeMiddleware(app); require("http") .createServer(async (req, res) => { //middleware returns false when req is unhandled (beyond /api/github) if (await middleware(req, res)) return; res.writeHead(404); res.end(); }) .listen(3000); // can now receive user authorization callbacks at /api/github/*`

The middleware returned from createNodeMiddlewarecan also serve as anExpress.js middleware directly.

name type description

app App instance Required.

name	type	description
`app`	`App instance`	Required.
`options.pathPrefix`	`string`	All exposed paths will be prefixed with the provided prefix. Defaults to "/api/github"
`log` object	Used for internal logging. Defaults to console `with` debug `and` info` doing nothing.

options.pathPrefix

string

All exposed paths will be prefixed with the provided prefix. Defaults to "/api/github"

log

object

Used for internal logging. Defaults to console with debug and info` doing nothing.

`Contributing`

See CONTRIBUTING.md

`License`

MIT

`app.js`

> GitHub App toolset for Node.js

![@latest](https://www.npmjs.com/package/@octokit/app) ![Build Status](https://github.com/octokit/app.js/actions?workflow=Test)

- Usage - App.defaults(options) - Constructor - API - app.octokit - app.log - app.getInstallationOctokit - app.eachInstallation - app.eachRepository - app.getInstallationUrl - app.webhooks - app.oauth - Middlewares - createNodeMiddleware(app, options) - Contributing - License

`Usage`

Browsers	`@octokit/app` is not meant for browser usage.
Node	Install with `npm install @octokit/app` ```js const { App, createNodeMiddleware } = require("@octokit/app");``

Browsers

@octokit/app is not meant for browser usage.

Node

Install with npm install @octokit/app

``js const { App, createNodeMiddleware } = require("@octokit/app");`

> [!IMPORTANT] > As we use conditional exports, you will need to adapt yourtsconfig.json by setting "moduleResolution": "node16", "module": "node16". > > See the TypeScript docs on package.json "exports". > See this helpful guide on transitioning to ESM from @sindresorhus

`js const app = new App({ appId: 123, privateKey: "-----BEGIN PRIVATE KEY-----\n...", oauth: { clientId: "0123", clientSecret: "0123secret", }, webhooks: { secret: "secret", }, });

app.oauth.on("token", async ({ token, octokit }) => { const { data } = await octokit.request("GET /user"); console.log(Token retrieved for ${data.login}); });

require("http").createServer(createNodeMiddleware(app)).listen(3000); // can now receive requests at /api/github/*`

App.defaults(options)

Create a new App with custom defaults for the constructor options

`js const MyApp = App.defaults({ Octokit: MyOctokit, }); const app = new MyApp({ clientId, clientSecret }); // app.octokit is now an instance of MyOctokit`

`Constructor`

name	type	description
`appId`	`number`	Required. Find the App ID on the app’s about page in settings.
`privateKey`	`string`	Required. Content of the `*.pem` file you downloaded from the app’s about page. You can generate a new private key if needed.
`Octokit`	`Constructor`	You can pass in your own Octokit constructor with custom defaults and plugins. Note that authStrategy `will be always be set to` createAppAuth `from` @octokit/auth-app`.` `For usage with enterprise, set` baseUrl `to the hostname +` /api/v3`. Example:` ``js const { Octokit } = require("@octokit/core"); new App({ appId: 123, privateKey: "-----BEGIN PRIVATE KEY-----\n...", oauth: { clientId: 123, clientSecret: "secret", }, webhooks: { secret: "secret", }, Octokit: Octokit.defaults({ baseUrl: "https://ghe.my-company.com/api/v3", }), });`` `Defaults to` @octokit/core`.`
`log`	`object`	Used for internal logging. Defaults to `console`.
`webhooks.secret`	`string`	Required. Secret as configured in the GitHub App's settings.
`webhooks.transform`	`function`	Only relevant for app.webhooks.on`. Transform emitted event before calling handlers. Can be asynchronous.`
`oauth.clientId`	`number`	Find the OAuth Client ID on the app’s about page in settings.
`oauth.clientSecret`	`number`	Find the OAuth Client Secret on the app’s about page in settings.
`oauth.allowSignup`	`boolean`	Sets the default value for `app.oauth.getAuthorizationUrl(options)`.

`API`

`$3`

Octokit instance. Uses the Octokit constructor option if passed.

`$3`

See https://github.com/octokit/core.js#logging. Customize using the log constructor option.

`$3`

`js const octokit = await app.getInstallationOctokit(123);`

`$3`

`js for await (const { octokit, installation } of app.eachInstallation.iterator()) { / ... / } await app.eachInstallation(({ octokit, installation }) => / ... /)`

`$3`

`js for await (const { octokit, repository } of app.eachRepository.iterator()) { / ... / } await app.eachRepository(({ octokit, repository }) => / ... /)`

Optionally pass installation ID to iterate through all repositories in one installation

`js for await (const { octokit, repository } of app.eachRepository.iterator({ installationId })) { / ... / } await app.eachRepository({ installationId }, ({ octokit, repository }) => / ... /)`

`$3`

`js const installationUrl = await app.getInstallationUrl(); return res.redirect(installationUrl);`

Optionally pass the ID of a GitHub organization or user to request installation on that specific target.

`js const installationUrl = await app.getInstallationUrl({ state, target_id }); return res.redirect(installationUrl);`

`$3`

An @octokit/webhooks instance

`$3`

An @octokit/oauth-app instance

`Middlewares`

A middleware is a method or set of methods to handle requests for common environments.

By default, all middlewares expose the following routes

`$3`

Middleware for Node's built in http server or express.

`js const { App, createNodeMiddleware } = require("@octokit/app");

const app = new App({ appId: 123, privateKey: "-----BEGIN PRIVATE KEY-----\n...", oauth: { clientId: "0123", clientSecret: "0123secret", }, webhooks: { secret: "secret", }, });

The middleware returned from createNodeMiddlewarecan also serve as anExpress.js middleware directly.

name type description

app App instance Required.

name	type	description
`app`	`App instance`	Required.
`options.pathPrefix`	`string`	All exposed paths will be prefixed with the provided prefix. Defaults to "/api/github"
`log` object	Used for internal logging. Defaults to console `with` debug `and` info` doing nothing.

options.pathPrefix

string

All exposed paths will be prefixed with the provided prefix. Defaults to "/api/github"

log

object

Used for internal logging. Defaults to console with debug and info` doing nothing.

`Contributing`

See CONTRIBUTING.md

`License`

MIT

@octokit/app

app.js

Usage

App.defaults(options)

`Constructor`

`API`

`$3`

`$3`

`$3`

`$3`

`$3`

`$3`

`$3`

`$3`

`Middlewares`

`$3`

`Contributing`

`License`

`@octokit/app`

`app.js`

`Usage`

App.defaults(options)

`Constructor`

`API`

`$3`

`$3`

`$3`

`$3`

`$3`

`$3`

`$3`

`$3`

`Middlewares`

`$3`

`Contributing`

`License`

`Dist Tags`