GitHub Enterprise

Published on May 25th, 2026

Introduction

The Context Store has several GitHub templated Data Sources to allow users to quickly pull relevant data into their Data Store. These templates are a starting point and often you'll want to apply filters or chained Data Sources to modify these templates to suit your needs.

Authentication

The built-in GitHub Enterprise Server Data Source are split across two integrations:

  • github-enterprise-app (GitHub App installation auth)
  • github-enterprise-token (PAT/header auth)

Pre-built Data Sources

App

Permissions are expressed as GitHub App permissions.

For github-enterprise-app as a starting point, permissions across the following all Data Sources:

  • Metadata (read)
  • Pull requests (read)
  • Contents (read)
  • Actions (read)
  • Dependabot alerts (read)
  • Administration (read)
Data source seedGitHub Enterprise endpoint(s) usedRecommended GitHub App permission(s)
GitHub Enterprise App installationGET /installationMetadata (read)
GitHub Enterprise App repositoriesGET /installation/repositoriesMetadata (read)
GitHub Enterprise App pull requests (per repo)GET /installation/repositories then GET /repos/{full_name}/pulls?state=openMetadata (read), Pull requests (read)
GitHub Enterprise App releases (per repo)GET /installation/repositories then GET /repos/{full_name}/releasesMetadata (read), Contents (read)
GitHub Enterprise App Actions workflowsGET /installation/repositories then GET /repos/{full_name}/actions/workflowsMetadata (read), Actions (read)
GitHub Enterprise App Dependabot alerts (per repo)GET /installation/repositories then GET /repos/{full_name}/dependabot/alerts?state=openMetadata (read), Dependabot alerts (read)
GitHub Enterprise App collaborators (per repo)GET /installation/repositories then GET /repos/{full_name}/collaboratorsMetadata (read), Administration (read)
GitHub Enterprise App markdown files (per repo)GET /installation/repositories then GET /search/code?q=extension:md+repo:{full_name}Metadata (read), Contents (read)
GitHub Enterprise App YAML files (per repo)GET /installation/repositories then GET /search/code?q=extension:yaml+extension:yml+repo:{full_name}Metadata (read), Contents (read)

Token

Permissions are expressed as classic PAT scopes (or GHES equivalents).

For github-enterprise-token as a starting point, permissions across the following all Data Sources:

  • repo
  • read:org
  • workflow
  • security_events (if using Dependabot alerts seeds)
Data source seedGitHub Enterprise endpoint(s) usedRecommended token permission(s)
GitHub Enterprise repositoriesGET /user/reposrepo
GitHub Enterprise organizationsGET /user/orgsread:org
GitHub Enterprise open pull requestsGET /search/issues?q=is:pr+is:open+author:@merepo
GitHub Enterprise pull requests (per repo)GET /user/repos then GET /repos/{full_name}/pulls?state=openrepo
GitHub Enterprise releases (per repo)GET /user/repos then GET /repos/{full_name}/releasesrepo
GitHub Enterprise Actions workflowsGET /user/repos then GET /repos/{full_name}/actions/workflowsrepo, workflow
GitHub Enterprise installed appsGET /user/installationsToken tied to account with app-installation visibility
GitHub Enterprise organization membersGET /user/orgs then GET /orgs/{login}/membersread:org
GitHub Enterprise teamsGET /user/orgs then GET /orgs/{login}/teamsread:org
GitHub Enterprise Dependabot alerts (per repo)GET /user/repos then GET /repos/{full_name}/dependabot/alerts?state=openrepo, security_events
GitHub Enterprise collaborators (per repo)GET /user/repos then GET /repos/{full_name}/collaboratorsrepo, read:org
GitHub Enterprise catalog-info.yaml filesGET /search/code?q=filename:catalog-info.yaml+org:{org}repo (private repos), read:org
GitHub Enterprise markdown filesGET /search/code?q=extension:md+org:{org}repo (private repos), read:org
GitHub Enterprise YAML filesGET /search/code?q=extension:yaml+extension:yml+org:{org}repo (private repos), read:org

Also ensure the PAT identity or app installation is granted access to the target organizations/repositories on your GHES instance.