Branch-Protection-API

Branch Protection API

Branch protection rules control who can push, force-push, delete, merge, and approve on protected branches.

See the swagger docs for full API reference.

Repo-Level Endpoints

Method Path Description
GET /api/v1/repos/{owner}/{repo}/branch_protections List branch protection rules
POST /api/v1/repos/{owner}/{repo}/branch_protections Create rule
GET /api/v1/repos/{owner}/{repo}/branch_protections/{name} Get rule
PATCH  /api/v1/repos/{owner}/{repo}/branch_protections/{name} Edit rule
DELETE /api/v1/repos/{owner}/{repo}/branch_protections/{name} Delete rule

Org-Level Endpoints

See Org Branch Protection API for org-level rulesets that cascade to all repos.

Delete Allowlist (New)

Branch protection rules now support a configurable delete allowlist, following the same pattern as the force-push allowlist.

API Fields

Field Type Description
enable_delete bool Enable deletion of this protected branch
enable_delete_allowlist bool Restrict deletion to allowlisted users/teams
delete_allowlist_usernames string[] Usernames allowed to delete
delete_allowlist_teams string[] Team names allowed to delete
delete_allowlist_deploy_keys bool Allow deploy keys to delete
delete_allowlist_actions_user bool Allow actions bot to delete

Behavior

Example: Allow CI to Delete rc Branch

{
  "rule_name": "rc",
  "enable_delete": true,
  "enable_delete_allowlist": true,
  "delete_allowlist_actions_user": true
}

Revision History

Date Change
2026-06-28 Added delete allowlist fields (#696), restructured as full reference
2026-06-27 Initial page (redirect to org API)

Printed from wiki · Branch-Protection-API