# GitHub Enterprise

> Learn how to get started with GitHub pre-built Data Sources for the Roadie Context Store.

*Published: 2026-05-25T12:00:00.0Z*


## Introduction

The Context Store has several GitHub templated Data Sources to allow users to quickly pull relevant data into their Data Store. These templates are a starting point and often you'll want to apply filters or chained Data Sources to modify these templates to suit your needs.

## Authentication

The built-in GitHub Enterprise Server Data Source are split across two integrations:
- `github-enterprise-app` (GitHub App installation auth)
- `github-enterprise-token` (PAT/header auth)

## Pre-built Data Sources

### App

Permissions are expressed as **GitHub App permissions**.

For `github-enterprise-app` as a starting point, permissions across the following all Data Sources:

- `Metadata` (read)
- `Pull requests` (read)
- `Contents` (read)
- `Actions` (read)
- `Dependabot alerts` (read)
- `Administration` (read)

| Data source seed | GitHub Enterprise endpoint(s) used | Recommended GitHub App permission(s) |
| --- | --- | --- |
| `GitHub Enterprise App installation` | `GET /installation` | `Metadata` (read) |
| `GitHub Enterprise App repositories` | `GET /installation/repositories` | `Metadata` (read) |
| `GitHub Enterprise App pull requests (per repo)` | `GET /installation/repositories` then `GET /repos/{full_name}/pulls?state=open` | `Metadata` (read), `Pull requests` (read) |
| `GitHub Enterprise App releases (per repo)` | `GET /installation/repositories` then `GET /repos/{full_name}/releases` | `Metadata` (read), `Contents` (read) |
| `GitHub Enterprise App Actions workflows` | `GET /installation/repositories` then `GET /repos/{full_name}/actions/workflows` | `Metadata` (read), `Actions` (read) |
| `GitHub Enterprise App Dependabot alerts (per repo)` | `GET /installation/repositories` then `GET /repos/{full_name}/dependabot/alerts?state=open` | `Metadata` (read), `Dependabot alerts` (read) |
| `GitHub Enterprise App collaborators (per repo)` | `GET /installation/repositories` then `GET /repos/{full_name}/collaborators` | `Metadata` (read), `Administration` (read) |
| `GitHub Enterprise App markdown files (per repo)` | `GET /installation/repositories` then `GET /search/code?q=extension:md+repo:{full_name}` | `Metadata` (read), `Contents` (read) |
| `GitHub Enterprise App YAML files (per repo)` | `GET /installation/repositories` then `GET /search/code?q=extension:yaml+extension:yml+repo:{full_name}` | `Metadata` (read), `Contents` (read) |

### Token

Permissions are expressed as **classic PAT scopes** (or GHES equivalents).

For `github-enterprise-token` as a starting point, permissions across the following all Data Sources:

- `repo`
- `read:org`
- `workflow`
- `security_events` (if using Dependabot alerts seeds)

| Data source seed | GitHub Enterprise endpoint(s) used | Recommended token permission(s) |
| --- | --- | --- |
| `GitHub Enterprise repositories` | `GET /user/repos` | `repo` |
| `GitHub Enterprise organizations` | `GET /user/orgs` | `read:org` |
| `GitHub Enterprise open pull requests` | `GET /search/issues?q=is:pr+is:open+author:@me` | `repo` |
| `GitHub Enterprise pull requests (per repo)` | `GET /user/repos` then `GET /repos/{full_name}/pulls?state=open` | `repo` |
| `GitHub Enterprise releases (per repo)` | `GET /user/repos` then `GET /repos/{full_name}/releases` | `repo` |
| `GitHub Enterprise Actions workflows` | `GET /user/repos` then `GET /repos/{full_name}/actions/workflows` | `repo`, `workflow` |
| `GitHub Enterprise installed apps` | `GET /user/installations` | Token tied to account with app-installation visibility |
| `GitHub Enterprise organization members` | `GET /user/orgs` then `GET /orgs/{login}/members` | `read:org` |
| `GitHub Enterprise teams` | `GET /user/orgs` then `GET /orgs/{login}/teams` | `read:org` |
| `GitHub Enterprise Dependabot alerts (per repo)` | `GET /user/repos` then `GET /repos/{full_name}/dependabot/alerts?state=open` | `repo`, `security_events` |
| `GitHub Enterprise collaborators (per repo)` | `GET /user/repos` then `GET /repos/{full_name}/collaborators` | `repo`, `read:org` |
| `GitHub Enterprise catalog-info.yaml files` | `GET /search/code?q=filename:catalog-info.yaml+org:{org}` | `repo` (private repos), `read:org` |
| `GitHub Enterprise markdown files` | `GET /search/code?q=extension:md+org:{org}` | `repo` (private repos), `read:org` |
| `GitHub Enterprise YAML files` | `GET /search/code?q=extension:yaml+extension:yml+org:{org}` | `repo` (private repos), `read:org` |

Also ensure the PAT identity or app installation is granted access to the target organizations/repositories on your GHES instance.