1. Docs
  2. Reference
  3. REST API Docs
  4. VCS Integrations

VCS Integrations

    VCS Integrations connect Pulumi Cloud to version control providers like GitHub, GitLab, and Bitbucket. The VCS Integrations API allows you to manage these connections and configure deployment triggers.

    List All VCS Integrations

    GET /api/console/orgs/{orgName}/integrations

    Returns a summary of all VCS integrations across all providers (GitHub, GitLab, Azure DevOps, Generic) for an organization. Each integration includes a hasIndividualAccess flag indicating whether the current user has an OAuth token for that provider.

    Request Parameters

    • orgName string path required
      The organization name

    Responses

    200 OK
    Schema: ListVCSIntegrationSummariesResponse
    • integrations array[VCSIntegrationSummary] required
      The list of VCS integration summaries across all providers.
    • name string optional
      Display name derived from the VCS provider account (read-only).
    • avatarUrl string optional
      Avatar URL derived from the VCS provider account (read-only).
    • id string required
      The unique identifier of the integration.
    • vcsProvider enum required
      The VCS provider type for this integration.
      Values: github, gitlab, bitbucket, azure_devops, generic, github_enterprise
    • hasIndividualAccess boolean required
      Whether the current user has an OAuth token for this integration’s provider.
    • host string optional
      The hostname for self-hosted providers such as GitHub Enterprise. Empty for cloud-hosted providers.
    Errors: 404 Organization not found

    List VCS Repos

    Preview. This endpoint is in preview and may change without notice.
    GET /api/console/orgs/{orgName}/integrations/{provider}/{integrationId}/repos

    Lists repositories available through the integration.

    Request Parameters

    • orgName string path required
      The organization name
    • provider string path required
      The VCS provider (e.g., ‘github’)
    • integrationId string path required
      The VCS integration identifier
    • page integer query optional
      Page number for pagination

    Responses

    200 OK
    Schema: ListVCSReposResponse
    • repos array[VCSRepo] required
      List of repositories
    • id string required
      Repository ID
    • owner string required
      Repository owner (organization or user)
    • name string required
      Repository name
    • nextPageToken string optional
      Next page token for pagination
    Errors: 400 Unknown VCS provider 403 VCS provider access is suspended. 404 VCS integration not found

    List VCS Branches

    Preview. This endpoint is in preview and may change without notice.
    GET /api/console/orgs/{orgName}/integrations/{provider}/{integrationId}/repos/{repoId}/branches

    Lists branches for a repository.

    Request Parameters

    • orgName string path required
      The organization name
    • provider string path required
      The VCS provider (e.g., ‘github’)
    • integrationId string path required
      The VCS integration identifier
    • repoId string path required
      The repository identifier

    Responses

    200 OK
    Schema: ListVCSBranchesResponse
    • branches array[VCSBranch] required
      List of branches
    • name string required
      Branch name
    • isProtected boolean required
      Whether branch is protected
    Errors: 400 Unknown VCS provider 404 VCS integration not found

    List VCS Repo Destinations

    Preview. This endpoint is in preview and may change without notice.
    GET /api/console/orgs/{orgName}/integrations/{provider}/{integrationId}/repos/destinations

    Lists repositories where the authenticated user can create new repos from templates via the integration.

    Request Parameters

    • orgName string path required
      The organization name
    • provider string path required
      The VCS provider (e.g., ‘github’)
    • integrationId string path required
      The VCS integration identifier

    Responses

    200 OK
    Schema: ListVCSReposResponse
    • repos array[VCSRepo] required
      List of repositories
    • id string required
      Repository ID
    • owner string required
      Repository owner (organization or user)
    • name string required
      Repository name
    • nextPageToken string optional
      Next page token for pagination
    Errors: 400 Unknown VCS provider 404 VCS integration or user OAuth token not found

    List Azure DevOps Integrations

    GET /api/console/orgs/{orgName}/integrations/azure-devops

    Lists all Azure DevOps integrations configured for an organization.

    Request Parameters

    • orgName string path required
      The organization name

    Responses

    200 OK
    Schema: ListAzureDevOpsIntegrationsResponse
    • integrations array[AzureDevOpsIntegrationDetails] required
      The list of Azure DevOps integrations.
    • id string required
      The Pulumi ID of the Azure DevOps integration.
    • organization AzureDevOpsOrganization optional
      Metadata about the Azure DevOps organization.
    • project AzureDevOpsProject optional
      Metadata about the Azure DevOps project.
    • valid boolean required
      Whether the integration is currently valid (tokens, hooks, etc.).
    • disablePRComments boolean optional
      Whether PR comments are disabled for this integration
    • disableNeoSummaries boolean optional
      Whether Neo AI summaries are disabled for this integration
    • disableDetailedDiff boolean optional
      Whether detailed property-level diffs are disabled for PR comments
    • disableCodeAccessForReviews boolean optional
      Whether code access for AI reviews is disabled for this integration
    • installationUrl string optional
      URL to initiate the OAuth consent flow to install a new Azure DevOps integration

    Create Azure DevOps Setup

    Preview. This endpoint is in preview and may change without notice.
    POST /api/console/orgs/{orgName}/integrations/azure-devops

    Creates a new Azure DevOps integration for an organization. Requires an Azure DevOps organization and project to be specified in the request body. Returns 409 if an integration already exists for the specified project.

    Request Parameters

    • orgName string path required
      The organization name

    Request Body

    Schema: UpdateAzureDevOpsAppIntegrationRequest
    • organizationName string optional
      The name of the Azure DevOps organization (e.g., ‘mycompany’ in dev.azure.com/mycompany)
    • projectId string optional
      The ID of the Azure DevOps project to integrate
    • disablePRComments boolean optional
      Whether PR comments are disabled for this integration
    • disableNeoSummaries boolean optional
      Whether Neo AI summaries are disabled for this integration
    • disableDetailedDiff boolean optional
      Whether detailed property-level diffs are disabled for PR comments
    • disableCodeAccessForReviews boolean optional
      Whether to disable code access for AI reviews

    Responses

    204 Created successfully
    Errors: 400 Missing Azure DevOps organization or project 409 Azure DevOps integration already exists for this project

    Get Azure DevOps Integration

    GET /api/console/orgs/{orgName}/integrations/azure-devops/{integrationId}

    Gets a specific Azure DevOps integration by its integration ID. Returns the integration details including organization, project, and authentication configuration.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The Azure DevOps integration identifier

    Responses

    200 OK
    Schema: AzureDevOpsAppIntegrationResponse
    • installed boolean required
      Does the org have an Azure DevOps app integration configured
    • valid boolean required
      Is the app integration valid
    • organization AzureDevOpsOrganization optional
      Metadata about the Azure DevOps organization linked to the Pulumi organization
    • id string optional
      The unique ID of the organization
    • name string required
      The name of the organization
    • accountUrl string optional
      The account URL for the organization (e.g., https://dev.azure.com/myorg)
    • hasRequiredPermissions boolean optional
      Whether the current user has the required permissions
    • project AzureDevOpsProject optional
      Metadata about the Azure DevOps project linked to the Pulumi organization
    • id string required
      The unique ID of the project
    • name string required
      The name of the project
    • authUser User optional
      The Pulumi user whose Azure DevOps authentication token is being used
    • id string required
      The unique identifier of the user.
    • githubLogin string required
      The user’s login name (originally from GitHub).
    • name string required
      The user’s display name.
    • email string required
      The user’s email address.
    • avatarUrl string required
      The URL of the user’s avatar image.
    • organizations array[OrganizationSummaryWithRole] required
      Organizations is the list of Pulumi organizations the user is a member of.
    • potentialOrganizations array[OrganizationSummaryWithRole] optional
      PotentialOrganizations is the list of Pulumi organizations the user is a potential member of.
    • identities array[string] required
      Identities is the array of identities a Pulumi user’s account is tied to.
    • siteAdmin boolean optional
      SiteAdministrator is whether or not the user is a site administrator.
    • registryAdmin boolean optional
      RegistryAdmin is whether or not the user is a registry administrator.
    • tokenInfo TokenInfo optional
      TokenInfo is contains metadata, set only for machine tokens & to be used only in the CLI
    • hasMFA boolean required
      Whether the user has multi-factor authentication enabled.
    • isOrgManaged boolean required
      Whether the user’s account is managed by an organization.
    • isManagedByMultiOrg boolean required
      Whether the user’s account is managed by multiple organizations.
    • disablePRComments boolean optional
      Whether PR comments are disabled for this integration
    • disableNeoSummaries boolean optional
      Whether Neo AI summaries are disabled for this integration
    • disableDetailedDiff boolean optional
      Whether detailed property-level diffs are disabled for PR comments
    Errors: 404 Azure DevOps integration not found

    Update Azure DevOps Integration

    PATCH /api/console/orgs/{orgName}/integrations/azure-devops/{integrationId}

    Updates an existing Azure DevOps integration’s settings. Can modify the Azure DevOps organization, project, or authentication configuration.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The Azure DevOps integration identifier

    Request Body

    Schema: AzureDevOpsSettingsRequest
    • disablePRComments boolean optional
      Whether PR comments are disabled for this integration
    • disableNeoSummaries boolean optional
      Whether Neo AI summaries are disabled for this integration
    • disableDetailedDiff boolean optional
      Whether detailed property-level diffs are disabled for PR comments

    Responses

    204 No Content
    Errors: 400 Missing Azure DevOps organization or project 404 Azure DevOps integration not found

    Delete Azure DevOps Integration

    DELETE /api/console/orgs/{orgName}/integrations/azure-devops/{integrationId}

    Removes a specific Azure DevOps integration from the organization.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The Azure DevOps integration identifier

    Responses

    204 No Content
    Errors: 404 Azure DevOps integration not found

    Get Azure DevOps Access Status

    GET /api/console/orgs/{orgName}/integrations/azure-devops/access-status

    Returns information about a user’s Azure DevOps access status for an organization, including whether the user has a valid OAuth token.

    Request Parameters

    • orgName string path required
      The organization name

    Responses

    200 OK
    Schema: AzureDevOpsAccessResponse
    • hasUserToken boolean required
      Whether the user has an Azure DevOps OAuth or PAT token.
    • hasIntegration boolean required
      Whether the org has an Azure DevOps integration installed.
    • availableOrgs array[AzureDevOpsOrganization] optional
      The Azure DevOps organizations the user’s token can access.
    • id string optional
      The unique ID of the organization
    • name string required
      The name of the organization
    • accountUrl string optional
      The account URL for the organization (e.g., https://dev.azure.com/myorg)
    • hasRequiredPermissions boolean optional
      Whether the current user has the required permissions

    Complete Azure DevOps O Auth

    Preview. This endpoint is in preview and may change without notice.
    POST /api/console/orgs/{orgName}/integrations/azure-devops/oauth/complete

    Completes the OAuth authorization flow for Azure DevOps VCS integration by exchanging the authorization code for access and refresh tokens.

    Request Parameters

    • orgName string path required
      The organization name

    Request Body

    Schema: CompleteOAuthRequest
    • provider CloudSetupProvider required
      CloudSetupProvider configuration for OAuth authentication
    • name string required
      CloudSetupProvider name (e.g., ‘azure’, ‘gcp’)
    • azure AzureOptions optional
      Azure-specific configuration options
    • sessionID string required
      Session identifier from OAuth initiation
    • code string required
      Authorization code returned from OAuth provider

    Responses

    200 OK
    Schema: CompleteOAuthResponse
    Errors: 400 Failed to complete OAuth

    Initiate Azure DevOps O Auth

    Preview. This endpoint is in preview and may change without notice.
    POST /api/console/orgs/{orgName}/integrations/azure-devops/oauth/initiate

    Initiates the OAuth authorization flow for Azure DevOps VCS integration. Returns a redirect URL that the user should be directed to for authorization.

    Request Parameters

    • orgName string path required
      The organization name

    Request Body

    Schema: InitiateOAuthRequest
    • provider CloudSetupProvider required
      CloudSetupProvider configuration for OAuth authentication
    • name string required
      CloudSetupProvider name (e.g., ‘azure’, ‘gcp’)
    • azure AzureOptions optional
      Azure-specific configuration options

    Responses

    200 OK
    Schema: InitiateOAuthResponse
    • url string required
      Authorization URL to redirect user to
    • sessionID string required
      Session identifier for tracking the OAuth flow
    Errors: 400 Invalid provider configuration

    List Azure DevOps Organizations

    Preview. This endpoint is in preview and may change without notice.
    GET /api/console/orgs/{orgName}/integrations/azure-devops/setup/organizations

    Lists Azure DevOps organizations available to the current user. Requires an active Azure DevOps OAuth token.

    Request Parameters

    • orgName string path required
      The organization name

    Responses

    200 OK

    List Azure DevOps Projects

    Preview. This endpoint is in preview and may change without notice.
    GET /api/console/orgs/{orgName}/integrations/azure-devops/setup/organizations/{adoOrgName}/projects

    Lists Azure DevOps projects within a specified Azure DevOps organization that are available to the current user.

    Request Parameters

    • orgName string path required
      The organization name
    • adoOrgName string path required
      The Azure DevOps organization name

    Responses

    200 OK

    List Bit Bucket Integrations

    Preview. This endpoint is in preview and may change without notice.
    GET /api/console/orgs/{orgName}/integrations/bitbucket

    Lists all BitBucket integrations configured for an organization, including their validity status and linked workspace metadata.

    Request Parameters

    • orgName string path required
      The organization name

    Responses

    200 OK
    Schema: ListBitBucketIntegrationsResponse
    • integrations array[BitBucketIntegrationDetails] required
      The list of BitBucket integrations.
    • id string required
      Unique identifier for this BitBucket integration.
    • workspaceUuid string required
      The UUID of the linked BitBucket workspace.
    • workspaceSlug string required
      The slug (URL-friendly name) of the linked BitBucket workspace.
    • workspaceName string optional
      Display name of the BitBucket workspace.
    • avatarUrl string optional
      URL of the BitBucket workspace avatar image.
    • installed boolean required
      Whether this integration is fully installed and operational.
    • valid boolean required
      Whether the integration’s credentials are currently valid.
    • authType string optional
      The authentication type used: ‘workspace_token’, ‘user_token’, or ‘pat’.
    • authUser User optional
      The user whose BitBucket OAuth token is being used for authentication, if user-based auth is configured.
    • disablePRComments boolean required
      Whether PR comments are disabled for this integration.
    • disableNeoSummaries boolean required
      Whether Neo AI summaries are disabled for this integration.
    • disableDetailedDiff boolean required
      Whether detailed property-level diffs are disabled for PR comments.

    Create Bit Bucket Setup

    Preview. This endpoint is in preview and may change without notice.
    POST /api/console/orgs/{orgName}/integrations/bitbucket

    Creates a new BitBucket integration for an organization. Requires a BitBucket workspace UUID and optionally configures authentication via the user’s BitBucket OAuth token or a workspace access token / PAT. Returns 409 if an integration already exists for the specified workspace.

    Request Parameters

    • orgName string path required
      The organization name

    Request Body

    Schema: BitBucketSetupRequest
    • workspaceUuid string required
      The UUID of the BitBucket workspace to integrate.
    • workspaceSlug string required
      The slug (URL-friendly name) of the BitBucket workspace.
    • useUserAuth boolean optional
      If true, use the current user’s BitBucket OAuth token for authentication instead of a workspace access token.
    • workspaceAccessToken string optional
      Optional workspace access token or personal access token (PAT) for authenticating with the BitBucket API. Required if useUserAuth is false.

    Responses

    204 Created successfully
    Errors: 400 Missing or invalid BitBucket workspace 409 BitBucket integration already exists for this workspace

    Get Bit Bucket Integration

    Preview. This endpoint is in preview and may change without notice.
    GET /api/console/orgs/{orgName}/integrations/bitbucket/{integrationId}

    Gets a specific BitBucket integration by its integration ID. Returns the integration details including the linked BitBucket workspace, authentication configuration, and validity status.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The BitBucket integration identifier

    Responses

    200 OK
    Schema: BitBucketIntegrationDetails
    • id string required
      Unique identifier for this BitBucket integration.
    • workspaceUuid string required
      The UUID of the linked BitBucket workspace.
    • workspaceSlug string required
      The slug (URL-friendly name) of the linked BitBucket workspace.
    • workspaceName string optional
      Display name of the BitBucket workspace.
    • avatarUrl string optional
      URL of the BitBucket workspace avatar image.
    • installed boolean required
      Whether this integration is fully installed and operational.
    • valid boolean required
      Whether the integration’s credentials are currently valid.
    • authType string optional
      The authentication type used: ‘workspace_token’, ‘user_token’, or ‘pat’.
    • authUser User optional
      The user whose BitBucket OAuth token is being used for authentication, if user-based auth is configured.
    • id string required
      The unique identifier of the user.
    • githubLogin string required
      The user’s login name (originally from GitHub).
    • name string required
      The user’s display name.
    • email string required
      The user’s email address.
    • avatarUrl string required
      The URL of the user’s avatar image.
    • organizations array[OrganizationSummaryWithRole] required
      Organizations is the list of Pulumi organizations the user is a member of.
    • potentialOrganizations array[OrganizationSummaryWithRole] optional
      PotentialOrganizations is the list of Pulumi organizations the user is a potential member of.
    • identities array[string] required
      Identities is the array of identities a Pulumi user’s account is tied to.
    • siteAdmin boolean optional
      SiteAdministrator is whether or not the user is a site administrator.
    • registryAdmin boolean optional
      RegistryAdmin is whether or not the user is a registry administrator.
    • tokenInfo TokenInfo optional
      TokenInfo is contains metadata, set only for machine tokens & to be used only in the CLI
    • hasMFA boolean required
      Whether the user has multi-factor authentication enabled.
    • isOrgManaged boolean required
      Whether the user’s account is managed by an organization.
    • isManagedByMultiOrg boolean required
      Whether the user’s account is managed by multiple organizations.
    • disablePRComments boolean required
      Whether PR comments are disabled for this integration.
    • disableNeoSummaries boolean required
      Whether Neo AI summaries are disabled for this integration.
    • disableDetailedDiff boolean required
      Whether detailed property-level diffs are disabled for PR comments.
    Errors: 404 BitBucket integration not found

    Update Bit Bucket Integration

    Preview. This endpoint is in preview and may change without notice.
    PATCH /api/console/orgs/{orgName}/integrations/bitbucket/{integrationId}

    Updates an existing BitBucket integration’s settings, such as PR comment preferences and AI summary options.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The BitBucket integration identifier

    Request Body

    Schema: BitBucketSettingsRequest
    • disablePRComments boolean optional
      If true, disable automatic PR comments on deployments.
    • disableNeoSummaries boolean optional
      If true, disable Neo AI-generated deployment summaries in PR comments.
    • disableDetailedDiff boolean optional
      If true, disable detailed property-level diffs in PR comments.

    Responses

    204 No Content
    Errors: 404 BitBucket integration not found

    Delete Bit Bucket Integration

    Preview. This endpoint is in preview and may change without notice.
    DELETE /api/console/orgs/{orgName}/integrations/bitbucket/{integrationId}

    Removes a specific BitBucket integration from the organization. Cleans up associated webhooks and access tokens.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The BitBucket integration identifier

    Responses

    204 No Content

    Get Bit Bucket Access Status

    Preview. This endpoint is in preview and may change without notice.
    GET /api/console/orgs/{orgName}/integrations/bitbucket/access-status

    Returns information about a user’s BitBucket access status for an organization, including whether they have a valid OAuth token and available BitBucket workspaces for new integrations.

    Request Parameters

    • orgName string path required
      The organization name

    Responses

    200 OK
    Schema: BitBucketAccessStatusResponse
    • hasUserToken boolean required
      Whether the current user has a valid BitBucket OAuth token.
    • availableWorkspaces array[BitBucketWorkspace] optional
      List of BitBucket workspaces available to the user for integration.
    • uuid string required
      The unique UUID of the BitBucket workspace.
    • name string required
      The display name of the workspace.
    • slug string required
      The URL-friendly slug of the workspace.
    • avatarUrl string optional
      URL of the workspace’s avatar image.

    List GitHub Integrations

    GET /api/console/orgs/{orgName}/integrations/github

    Lists all GitHub App integrations for an organization.

    Request Parameters

    • orgName string path required
      The organization name

    Responses

    200 OK
    Schema: ListGitHubIntegrationsResponse
    • integrations array[GitHubIntegrationDetails] required
      The list of GitHub App integrations.
    • avatarUrl string optional
      The avatar URL of the GitHub account.
    • id string required
      The Pulumi ID of the GitHub App installation.
    • installationID integer required
      The GitHub installation ID.
    • accountID integer optional
      The GitHub account ID (user or org).
    • accountName string optional
      The GitHub account name (login).
    • isOrganization boolean required
      Whether the GitHub account is an organization (as opposed to a personal account).
    • isSelfHosted boolean required
      Whether this is a self-hosted GitHub Enterprise installation.
    • created string optional
      When the installation was created.
    • disablePRComments boolean required
      Whether PR comments are disabled for this installation.
    • disableNeoSummaries boolean required
      Whether Neo AI summaries are disabled for this installation.
    • disableDetailedDiff boolean required
      Whether detailed property-level diffs are disabled for PR comments.
    • disableCodeAccessForReviews boolean required
      Whether code access for AI reviews is disabled for this installation.
    • hasMembersPermission boolean required
      Whether the installation has the ‘members’ permission (only relevant for organization accounts).
    • hasContentsPermission boolean required
      Whether the installation has the ‘contents’ permission.
    • neoGitHubAppPermissionRequirements array[GitHubAppPermissionRequirement] optional
      Neo GitHub App permission requirements for this installation.
    • ghUrls GitHubAppURLs optional
      URL to configure repository access for this GitHub App installation.
    • installationUrl string optional
      URL to install the Pulumi GitHub App for this organization.

    Start GitHub Setup

    Preview. This endpoint is in preview and may change without notice.
    POST /api/console/orgs/{orgName}/integrations/github

    Initiates GitHub App setup, returns installation URL with state.

    Request Parameters

    • orgName string path required
      The organization name

    Responses

    200 OK
    Schema: GitHubSetupResponse
    • installationUrl string required
      URL to install the GitHub App

    List GitHub Enterprise Integrations

    GET /api/console/orgs/{orgName}/integrations/github-enterprise

    Lists all GitHub Enterprise Server integrations for an organization. Returns only self-hosted GitHub App installations.

    Request Parameters

    • orgName string path required
      The organization name

    Responses

    200 OK
    Schema: ListGitHubIntegrationsResponse
    • integrations array[GitHubIntegrationDetails] required
      The list of GitHub App integrations.
    • avatarUrl string optional
      The avatar URL of the GitHub account.
    • id string required
      The Pulumi ID of the GitHub App installation.
    • installationID integer required
      The GitHub installation ID.
    • accountID integer optional
      The GitHub account ID (user or org).
    • accountName string optional
      The GitHub account name (login).
    • isOrganization boolean required
      Whether the GitHub account is an organization (as opposed to a personal account).
    • isSelfHosted boolean required
      Whether this is a self-hosted GitHub Enterprise installation.
    • created string optional
      When the installation was created.
    • disablePRComments boolean required
      Whether PR comments are disabled for this installation.
    • disableNeoSummaries boolean required
      Whether Neo AI summaries are disabled for this installation.
    • disableDetailedDiff boolean required
      Whether detailed property-level diffs are disabled for PR comments.
    • disableCodeAccessForReviews boolean required
      Whether code access for AI reviews is disabled for this installation.
    • hasMembersPermission boolean required
      Whether the installation has the ‘members’ permission (only relevant for organization accounts).
    • hasContentsPermission boolean required
      Whether the installation has the ‘contents’ permission.
    • neoGitHubAppPermissionRequirements array[GitHubAppPermissionRequirement] optional
      Neo GitHub App permission requirements for this installation.
    • ghUrls GitHubAppURLs optional
      URL to configure repository access for this GitHub App installation.
    • installationUrl string optional
      URL to install the Pulumi GitHub App for this organization.

    Get GitHub Enterprise Integration

    GET /api/console/orgs/{orgName}/integrations/github-enterprise/{integrationId}

    Gets a specific GitHub Enterprise Server integration.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The GitHub Enterprise integration identifier

    Responses

    200 OK
    Schema: GitHubIntegrationDetails
    • avatarUrl string optional
      The avatar URL of the GitHub account.
    • id string required
      The Pulumi ID of the GitHub App installation.
    • installationID integer required
      The GitHub installation ID.
    • accountID integer optional
      The GitHub account ID (user or org).
    • accountName string optional
      The GitHub account name (login).
    • isOrganization boolean required
      Whether the GitHub account is an organization (as opposed to a personal account).
    • isSelfHosted boolean required
      Whether this is a self-hosted GitHub Enterprise installation.
    • created string optional
      When the installation was created.
    • disablePRComments boolean required
      Whether PR comments are disabled for this installation.
    • disableNeoSummaries boolean required
      Whether Neo AI summaries are disabled for this installation.
    • disableDetailedDiff boolean required
      Whether detailed property-level diffs are disabled for PR comments.
    • disableCodeAccessForReviews boolean required
      Whether code access for AI reviews is disabled for this installation.
    • hasMembersPermission boolean required
      Whether the installation has the ‘members’ permission (only relevant for organization accounts).
    • hasContentsPermission boolean required
      Whether the installation has the ‘contents’ permission.
    • neoGitHubAppPermissionRequirements array[GitHubAppPermissionRequirement] optional
      Neo GitHub App permission requirements for this installation.
    • name string required
      The permission name (e.g., ‘Checks’, ‘Contents’).
    • required enum required
      The required permission level.
      Values: NoAccess, ReadOnly, ReadWrite
    • actual enum required
      The actual permission level from the installation.
      Values: NoAccess, ReadOnly, ReadWrite
    • reason string required
      Explanation of why this permission is needed.
    • isSufficient boolean required
      Whether the actual permission level satisfies the required level. This is always precomputed from checking that actual satisfies required.
    • ghUrls GitHubAppURLs optional
      URL to configure repository access for this GitHub App installation.
    • installationUrl string required
      URL to install the GitHub App
    • configurationUrl string required
      URL to configure the GitHub App installation
    • permissionsUrl string required
      URL to manage the GitHub App permissions
    • stateParam string required
      OAuth state parameter for CSRF protection
    Errors: 404 GitHub Enterprise integration not found

    Update GitHub Enterprise Integration

    PATCH /api/console/orgs/{orgName}/integrations/github-enterprise/{integrationId}

    Updates GitHub Enterprise Server integration settings.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The GitHub Enterprise integration identifier

    Request Body

    Schema: GitHubSettingsRequest
    • disablePRComments boolean optional
      Whether to disable PR comments from the Pulumi GitHub App
    • disableNeoSummaries boolean optional
      Whether to disable Neo AI summaries on PRs
    • disableDetailedDiff boolean optional
      Whether to disable detailed property-level diffs in PR comments
    • disableCodeAccessForReviews boolean optional
      Whether to disable code access for AI reviews

    Responses

    204 No Content
    Errors: 404 GitHub Enterprise integration not found

    Delete GitHub Enterprise Integration

    DELETE /api/console/orgs/{orgName}/integrations/github-enterprise/{integrationId}

    Removes a GitHub Enterprise Server integration.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The GitHub Enterprise integration identifier

    Responses

    204 No Content
    Errors: 400 GitHub app is used by multiple Pulumi organizations. 404 GitHub Enterprise integration not found

    Get GitHub Integration

    GET /api/console/orgs/{orgName}/integrations/github/{integrationId}

    Gets a specific GitHub App integration by its integration ID. Returns the integration details including installation ID, account info, PR comment settings, and permission status. Returns 404 if the integration is not found.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The GitHub App integration identifier

    Responses

    200 OK
    Schema: GitHubIntegrationDetails
    • avatarUrl string optional
      The avatar URL of the GitHub account.
    • id string required
      The Pulumi ID of the GitHub App installation.
    • installationID integer required
      The GitHub installation ID.
    • accountID integer optional
      The GitHub account ID (user or org).
    • accountName string optional
      The GitHub account name (login).
    • isOrganization boolean required
      Whether the GitHub account is an organization (as opposed to a personal account).
    • isSelfHosted boolean required
      Whether this is a self-hosted GitHub Enterprise installation.
    • created string optional
      When the installation was created.
    • disablePRComments boolean required
      Whether PR comments are disabled for this installation.
    • disableNeoSummaries boolean required
      Whether Neo AI summaries are disabled for this installation.
    • disableDetailedDiff boolean required
      Whether detailed property-level diffs are disabled for PR comments.
    • disableCodeAccessForReviews boolean required
      Whether code access for AI reviews is disabled for this installation.
    • hasMembersPermission boolean required
      Whether the installation has the ‘members’ permission (only relevant for organization accounts).
    • hasContentsPermission boolean required
      Whether the installation has the ‘contents’ permission.
    • neoGitHubAppPermissionRequirements array[GitHubAppPermissionRequirement] optional
      Neo GitHub App permission requirements for this installation.
    • name string required
      The permission name (e.g., ‘Checks’, ‘Contents’).
    • required enum required
      The required permission level.
      Values: NoAccess, ReadOnly, ReadWrite
    • actual enum required
      The actual permission level from the installation.
      Values: NoAccess, ReadOnly, ReadWrite
    • reason string required
      Explanation of why this permission is needed.
    • isSufficient boolean required
      Whether the actual permission level satisfies the required level. This is always precomputed from checking that actual satisfies required.
    • ghUrls GitHubAppURLs optional
      URL to configure repository access for this GitHub App installation.
    • installationUrl string required
      URL to install the GitHub App
    • configurationUrl string required
      URL to configure the GitHub App installation
    • permissionsUrl string required
      URL to manage the GitHub App permissions
    • stateParam string required
      OAuth state parameter for CSRF protection
    Errors: 404 GitHub App integration not found

    Update GitHub Integration

    PATCH /api/console/orgs/{orgName}/integrations/github/{integrationId}

    Updates GitHub App integration settings.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The GitHub App integration identifier

    Request Body

    Schema: GitHubSettingsRequest
    • disablePRComments boolean optional
      Whether to disable PR comments from the Pulumi GitHub App
    • disableNeoSummaries boolean optional
      Whether to disable Neo AI summaries on PRs
    • disableDetailedDiff boolean optional
      Whether to disable detailed property-level diffs in PR comments
    • disableCodeAccessForReviews boolean optional
      Whether to disable code access for AI reviews

    Responses

    204 No Content
    Errors: 404 GitHub App integration not found

    Delete GitHub Integration

    DELETE /api/console/orgs/{orgName}/integrations/github/{integrationId}

    Removes a GitHub App integration.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The GitHub App integration identifier

    Responses

    204 No Content
    Errors: 400 GitHub app is used by multiple Pulumi organizations. 404 GitHub App integration not found

    Get GitHub Access

    GET /api/console/orgs/{orgName}/integrations/github/access-status

    Returns information about a user’s GitHub OAuth status.

    Request Parameters

    • orgName string path required
      The organization name

    Responses

    200 OK
    Schema: VCSGitHubAccessResponse
    • hasUserToken boolean required
      Whether the user has a GitHub user token.
    • hasIntegration boolean required
      Whether the user has a GitHub app installed.
    • availableOrgs array[string] required
      The list of GitHub organizations available to the user.
    • integrations array[GitHubIntegrationPermissions] optional
      Per-integration permissions for the current user
    • id string required
      Pulumi installation ID
    • canCreateRepo boolean required
      Whether the user can create repos under this installation
    Errors: 404 GitHub App integration not found

    List GitLab Integrations

    GET /api/console/orgs/{orgName}/integrations/gitlab

    Lists all GitLab integrations configured for an organization, including their validity status and linked group metadata.

    Request Parameters

    • orgName string path required
      The organization name

    Responses

    200 OK
    Schema: ListGitLabIntegrationsResponse
    • integrations array[GitLabIntegrationDetails] required
      The list of GitLab integrations.
    • id string required
      The unique identifier of the GitLab integration.
    • gitLabGroupId integer required
      The GitLab group ID linked to this integration.
    • groupName string optional
      The display name of the GitLab group.
    • groupPath string optional
      The URL-safe path of the GitLab group (e.g. ‘parent-group/child-group’).
    • avatarUrl string optional
      The URL of the GitLab group’s avatar image.
    • installed boolean required
      Whether the integration has been fully installed.
    • valid boolean required
      Whether the integration is currently valid (tokens, hooks, etc.).
    • gitLabOrg GitLabAppOrganization optional
      Metadata about the GitLab group linked to this integration.
    • authUser User optional
      The Pulumi user whose GitLab authentication token is being used, if applicable.
    • groupAccessTokenExpiration string optional
      The expiration date of the group access token, if one is being used for authentication.
    • disablePRComments boolean required
      Whether PR comments are disabled for this integration.
    • disableNeoSummaries boolean required
      Whether Neo AI summaries are disabled for this integration.
    • disableDetailedDiff boolean required
      Whether detailed property-level diffs are disabled for PR comments.

    Create GitLab Setup

    Preview. This endpoint is in preview and may change without notice.
    POST /api/console/orgs/{orgName}/integrations/gitlab

    Creates a new GitLab integration for an organization. Requires a GitLab group ID and optionally configures authentication via the user’s GitLab OAuth token or a group access token. Returns 409 if an integration already exists for the specified group.

    Request Parameters

    • orgName string path required
      The organization name

    Request Body

    Schema: GitLabSetupRequest
    • gitLabGroupId integer required
      The GitLab group ID to integrate with the Pulumi organization.
    • useUserGitLabAuth boolean optional
      Whether to use the current user’s GitLab OAuth token instead of a group access token for authentication.

    Responses

    204 Created successfully
    Errors: 400 Missing or invalid GitLab group ID 409 GitLab integration already exists for this group

    Get GitLab Integration

    GET /api/console/orgs/{orgName}/integrations/gitlab/{integrationId}

    Gets a specific GitLab integration by its integration ID. Returns the integration details including the linked GitLab group, authentication configuration, and validity status.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The GitLab integration identifier

    Responses

    200 OK
    Schema: GitLabIntegrationDetails
    • id string required
      The unique identifier of the GitLab integration.
    • gitLabGroupId integer required
      The GitLab group ID linked to this integration.
    • groupName string optional
      The display name of the GitLab group.
    • groupPath string optional
      The URL-safe path of the GitLab group (e.g. ‘parent-group/child-group’).
    • avatarUrl string optional
      The URL of the GitLab group’s avatar image.
    • installed boolean required
      Whether the integration has been fully installed.
    • valid boolean required
      Whether the integration is currently valid (tokens, hooks, etc.).
    • gitLabOrg GitLabAppOrganization optional
      Metadata about the GitLab group linked to this integration.
    • id integer required
      The GitLab group or organization ID
    • name string required
      The name of the GitLab organization
    • avatarURL string required
      The URL of the organization’s avatar image
    • hasRequiredPermissions boolean required
      Whether the integration has the required permissions
    • authUser User optional
      The Pulumi user whose GitLab authentication token is being used, if applicable.
    • id string required
      The unique identifier of the user.
    • githubLogin string required
      The user’s login name (originally from GitHub).
    • name string required
      The user’s display name.
    • email string required
      The user’s email address.
    • avatarUrl string required
      The URL of the user’s avatar image.
    • organizations array[OrganizationSummaryWithRole] required
      Organizations is the list of Pulumi organizations the user is a member of.
    • potentialOrganizations array[OrganizationSummaryWithRole] optional
      PotentialOrganizations is the list of Pulumi organizations the user is a potential member of.
    • identities array[string] required
      Identities is the array of identities a Pulumi user’s account is tied to.
    • siteAdmin boolean optional
      SiteAdministrator is whether or not the user is a site administrator.
    • registryAdmin boolean optional
      RegistryAdmin is whether or not the user is a registry administrator.
    • tokenInfo TokenInfo optional
      TokenInfo is contains metadata, set only for machine tokens & to be used only in the CLI
    • hasMFA boolean required
      Whether the user has multi-factor authentication enabled.
    • isOrgManaged boolean required
      Whether the user’s account is managed by an organization.
    • isManagedByMultiOrg boolean required
      Whether the user’s account is managed by multiple organizations.
    • groupAccessTokenExpiration string optional
      The expiration date of the group access token, if one is being used for authentication.
    • disablePRComments boolean required
      Whether PR comments are disabled for this integration.
    • disableNeoSummaries boolean required
      Whether Neo AI summaries are disabled for this integration.
    • disableDetailedDiff boolean required
      Whether detailed property-level diffs are disabled for PR comments.
    Errors: 404 GitLab integration not found

    Update GitLab Integration

    PATCH /api/console/orgs/{orgName}/integrations/gitlab/{integrationId}

    Updates an existing GitLab integration’s settings, such as PR comment preferences and AI summary options.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The GitLab integration identifier

    Request Body

    Schema: GitLabSettingsRequest
    • disablePRComments boolean optional
      Whether PR comments are disabled for this integration.
    • disableNeoSummaries boolean optional
      Whether Neo AI summaries are disabled for this integration.
    • disableDetailedDiff boolean optional
      Whether detailed property-level diffs are disabled for PR comments.

    Responses

    204 No Content
    Errors: 404 GitLab integration not found

    Delete GitLab Integration

    DELETE /api/console/orgs/{orgName}/integrations/gitlab/{integrationId}

    Removes a specific GitLab integration from the organization. Cleans up associated webhooks, access tokens, and group tokens.

    Request Parameters

    • orgName string path required
      The organization name
    • integrationId string path required
      The GitLab integration identifier

    Responses

    204 No Content
    Errors: 404 GitLab integration not found

    Get GitLab Access Status

    GET /api/console/orgs/{orgName}/integrations/gitlab/access-status

    Returns information about a user’s GitLab access status for an organization, including whether they have a valid OAuth token, existing integrations, and available GitLab groups for new integrations.

    Request Parameters

    • orgName string path required
      The organization name

    Responses

    200 OK
    Schema: GitLabAccessStatusResponse
    • hasUserToken boolean required
      Whether the user has a valid GitLab OAuth token.
    • availableGroups array[GitLabAppOrganization] optional
      GitLab groups available for integration that the user has access to.
    • id integer required
      The GitLab group or organization ID
    • name string required
      The name of the GitLab organization
    • avatarURL string required
      The URL of the organization’s avatar image
    • hasRequiredPermissions boolean required
      Whether the integration has the required permissions