Installing this application allows you to call an API endpoint to trigger a GitHub action run on your repo without authentication. Useful for triggering actions from a public github pages site as an anonymous user.

This follows the same format as calling a repository dispatch, but allows you to do so without having to provide an access token (i.e. it is then publicly accessible).

Usage

First you need to install this GitHub app and give it access to the repositories you wish to be able to trigger actions on.

Then from any public website you can run a fetch as follows to trigger any github action listening for repository_dispatch (like this one)

fetch("https://publicactiontrigger.azurewebsites.net/api/dispatches/{owner}/{repo}", {
  method: 'POST',
  mode: 'cors',
  body: JSON.stringify({ event_type: 'some-event', client_payload: { data: 'somedata' } })
});

Replace {owner} with the repo owner and {repo} with the repo. Pass whatever data you want inside the client_payload, these will be received as github.event.client_payload in the action. The keys on client_payload are capped at 10, so an easy way to pass more information is to pass a JSON string as one of the values.

Technical Information

Behind the scenes this endpoint runs in an Azure function (could take a couple seconds to warm up) to trigger the endpoint via the permissions given to it by installing this app to your repository. You can revoke this GitHub app at any point to remove public access to repository dispatch events. We do not store any keys or tokens for your app installation at rest, instead we request installation keys at execution time and let GitHub maintain all the permissions.

Why not just use a Personal Access Token (PAT)?

You can achieve the exact same task by using your personal access token. However due to scoping limitations you would then be exposing write access to all your repositories to the public.

Ideally this GitHub app would not be required and you could just issue a PAT scoped to only running actions on a specific repository. I'm actively speaking with GitHub employees to allow this.