How to list organization's private repositories via GitHub API?

Question

I'm trying to get a list of an organization's all repositories, including private ones. (Or to be more specific, all of the private repositories a certain user has access to.)

Reqesting info for the organization (https://api.github.com/orgs/acme?access_token=[...]) shows that there indeed are plenty of private repositories:

...
"public_repos": 5,
"total_private_repos": 68, 
"owned_private_repos": 68, 
...

(The access token I'm using had been previously generated using the API for username/passwd.)

But whatever I try to list the repos...

https://api.github.com/orgs/acme/repos?access_token=[...]   

...GitHub API just returns the 5 public repositories. (Documentation says type=all is default. Also tried adding the parameter type=private; no difference.)

Any idea what I'm doing wrong?

The user to whom the access token was generated in fact has Push & Pull access to just some of the organization's private repositories, but none of those appear in the list I get (just the 5 public repositories).

Answer 1

The 2022 answer:

## List all repos ( private, internal, public )

curl "https://api.github.com/orgs/foobar-org/repos" \
     -u 'username:<personal access token>'

GitHub API reference here.

Answer 2

username = "Your_org"
token = "your_TOKEN"
request = requests.get('https://api.github.com/orgs/'+username+'/repos?per_page=1000', auth=(username, token))

Answer 3

You can use the gh command https://cli.github.com/

gh repo list <org name> -L <total number of repos> --json sshUrl -q .[].sshUrl

To see the list of json fields run gh repo list --json help. If you only want to see public or private repos then you can use these flags

FLAGS
      --archived          Show only archived repositories
      --no-archived       Omit archived repositories
      --private           Show only private repositories
      --public            Show only public repositories

Answer 4

I've recently had the same symptoms but my cause was different. I'd registered a GitHub App, not an OAuth App, without really being aware of the difference. For a GitHub App to list private repos from an organisation, the app has to be installed for that organisation, as well as being authorised by the user. Otherwise, you just get the public repos listed.

Answer 5

# Get Github Repo Names

"""
>>>> pip install PyGithub
>>>> Reference Link: https://pypi.org/project/PyGithub/
>>>> Getting the access token.
        Go to github <settings>.
        Go to <Developer Settings>.
        Go to <Personal access tokens>.
        Click on <Generate new token> button.
        Add a note.
        Check all the setting in that page.
        Click on <Generate token> button.
        Copy  the access token and paste in below code.

>>>>
>>>>
>>>>
>>>>
"""

from github import Github

access_token = ''
g = Github(access_token)
repo_list = [i for i in g.get_user().get_repos()]
for i in repo_list:
    repo_name = str(i).replace('Repository(full_name="', '')
    repo_name = str(repo_name).replace('")', '')
    print('https://www.github.com/' + repo_name)

Answer 6

Your url needs a ? not an &. It should be this:

https://api.github.com/orgs/acme/repos?access_token=your_access_token

Answer 7

It should also be noted that if you are accessing private repositories from an Organization, the OAuth application needs to be authorized by the owners depending on the settings.

https://help.github.com/articles/authorizing-oauth-apps/

For organizations with OAuth App access restrictions, you can request that organization admins approve the application for use in that organization. If the organization does not approve the application, then the application will only be able to access the organization's public resources. If you're an organization admin, you can approve the application yourself.

For organizations without OAuth App access restrictions, the application will automatically be authorized for access to that organization's resources. For this reason, you should be careful about which OAuth Apps you approve for access to your personal account resources as well as any organization resources.

Answer 8

Everything you are doing is OK. However, when creating OAuth tokens for authentication, be sure that you are defining the right scopes. Each scope defines a specific set of permitted actions (information you can read/write), so you should check that you are creating the token with the repo scope.