Skip to content
Send parameterized requests to GitHub’s APIs with sensible defaults in browsers and Node
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


Send parameterized requests to GitHub’s APIs with sensible defaults in browsers and Node

@latest Build Status Greenkeeper

@octokit/request is a request library for browsers & node that makes it easier to interact with GitHub’s REST API and GitHub’s GraphQL API.

It uses @octokit/endpoint to parse the passed options and sends the request using fetch (node-fetch in Node).


🤩 1:1 mapping of REST API endpoint documentation, e.g. Add labels to an issue becomes

request("POST /repos/:owner/:repo/issues/:number/labels", {
  mediaType: {
    previews: ["symmetra"]
  owner: "octokit",
  repo: "request.js",
  number: 1,
  labels: ["🐛 bug"]

👶 Small bundle size (<4kb minified + gzipped)

😎 Authenticate with any of GitHubs Authentication Strategies.

👍 Sensible defaults

  • baseUrl:
  • headers.accept: application/vnd.github.v3+json
  • headers.agent: octokit-request.js/<current version> <OS information>, e.g. octokit-request.js/1.2.3 Node.js/10.15.0 (macOS Mojave; x64)

👌 Simple to test: mock requests by passing a custom fetch method.

🧐 Simple to debug: Sets error.request to request options causing the error (with redacted credentials).


Browsers Load @octokit/request directly from
<script type="module">
import { request } from "";

Install with npm install @octokit/request

const { request } = require("@octokit/request");
// or: import { request } from "@octokit/request";

REST API example

// Following GitHub docs formatting:
const result = await request("GET /orgs/:org/repos", {
  headers: {
    authorization: "token 0000000000000000000000000000000000000001"
  org: "octokit",
  type: "private"

console.log(`${} repos found.`);

GraphQL example

For GraphQL request we recommend using @octokit/graphql

const result = await request("POST /graphql", {
  headers: {
    authorization: "token 0000000000000000000000000000000000000001"
  query: `query ($login: String!) {
    organization(login: $login) {
      repositories(privacy: PRIVATE) {
  variables: {
    login: "octokit"

Alternative: pass method & url as part of options

Alternatively, pass in a method and a url

const result = await request({
  method: "GET",
  url: "/orgs/:org/repos",
  headers: {
    authorization: "token 0000000000000000000000000000000000000001"
  org: "octokit",
  type: "private"


The simplest way to authenticate a request is to set the Authorization header directly, e.g. to a personal access token.

const requestWithAuth = request.defaults({
  headers: {
    authorization: "token 0000000000000000000000000000000000000001"
const result = await request("GET /user");

For more complex authentication strategies such as GitHub Apps or Basic, we recommend the according authentication library exported by @octokit/auth.

const { createAppAuth } = require("@octokit/auth-app");
const auth = createAppAuth({
  id: process.env.APP_ID,
  privateKey: process.env.PRIVATE_KEY,
  installationId: 123
const requestWithAuth = request.defaults({
  request: {
    hook: auth.hook
  mediaType: {
    previews: ["machine-man"]

const { data: app } = await requestWithAuth("GET /app");
const { data: app } = await requestWithAuth("POST /repos/:owner/:repo/issues", {
  owner: "octocat",
  repo: "hello-world",
  title: "Hello from the engine room"


request(route, options) or request(options).


name type description
route String If route is set it has to be a string consisting of the request method and URL, e.g. GET /orgs/:org
options.baseUrl String Required. Any supported http verb, case insensitive. Defaults to
options.headers Object Custom headers. Passed headers are merged with defaults:
headers['user-agent'] defaults to octokit-rest.js/1.2.3 (where 1.2.3 is the released version).
headers['accept'] defaults to application/vnd.github.v3+json.
Use options.mediaType.{format,previews} to request API previews and custom media types.
options.mediaType.format String Media type param, such as `raw`, `html`, or `full`. See Media Types.
options.mediaType.previews Array of strings Name of previews, such as `mercy`, `symmetra`, or `scarlet-witch`. See API Previews.
options.method String Required. Any supported http verb, case insensitive. Defaults to Get.
options.url String Required. A path or full URL which may contain :variable or {variable} placeholders, e.g. /orgs/:org/repos. The url is parsed using url-template. Any Set request body directly instead of setting it to JSON based on additional parameters. See "The `data` parameter" below.
options.request.agent http(s).Agent instance Node only. Useful for custom proxy, certificate, or dns lookup.
options.request.fetch Function Custom replacement for built-in fetch method. Useful for testing or request hooks.
options.request.hook Function Function with the signature hook(request, endpointOptions), where endpointOptions are the parsed options as returned by endpoint.merge(), and request is request(). This option works great in conjuction with before-after-hook.
options.request.signal new AbortController().signal Use an AbortController instance to cancel a request. In node you can only cancel streamed requests.
options.request.timeout Number Node only. Request/response timeout in ms, it resets on redirect. 0 to disable (OS limit applies). options.request.signal is recommended instead.

All other options except options.request.* will be passed depending on the method and url options.

  1. If the option key is a placeholder in the url, it will be used as replacement. For example, if the passed options are {url: '/orgs/:org/repos', org: 'foo'} the returned options.url is
  2. If the method is GET or HEAD, the option is passed as query parameter
  3. Otherwise the parameter is passed in the request body as JSON key.


request returns a promise and resolves with 4 keys

key type description
status Integer Response status status
url String URL of response. If a request results in redirects, this is the final URL. You can send a HEAD request to retrieve it without loading the full response body.
headers Object All response headers
data Any The response body as returned from server. If the response is JSON then it will be parsed into an object

If an error occurs, the error instance has additional properties to help with debugging

  • error.status The http response status code
  • error.headers The http response headers as an object
  • error.request The request options such as method, url and data


Override or set default options. Example:

const myrequest = require("@octokit/request").defaults({
  baseUrl: "",
  headers: {
    "user-agent": "myApp/1.2.3",
    authorization: `token 0000000000000000000000000000000000000001`
  org: "my-project",
  per_page: 100

myrequest(`GET /orgs/:org/repos`);

You can call .defaults() again on the returned method, the defaults will cascade.

const myProjectRequest = request.defaults({
  baseUrl: "",
  headers: {
    "user-agent": "myApp/1.2.3"
  org: "my-project"
const myProjectRequestWithAuth = myProjectRequest.defaults({
  headers: {
    authorization: `token 0000000000000000000000000000000000000001`

myProjectRequest now defaults the baseUrl, headers['user-agent'], org and headers['authorization'] on top of headers['accept'] that is set by the global default.


See Example

const options = request.endpoint("GET /orgs/:org/repos", {
  org: "my-project",
  type: "private"

// {
//   method: 'GET',
//   url: '',
//   headers: {
//     accept: 'application/vnd.github.v3+json',
//     authorization: 'token 0000000000000000000000000000000000000001',
//     'user-agent': 'octokit/endpoint.js v1.2.3'
//   }
// }

All of the @octokit/endpoint API can be used:

Special cases

The data parameter – set request body directly

Some endpoints such as Render a Markdown document in raw mode don’t have parameters that are sent as request body keys, instead the request body needs to be set directly. In these cases, set the data parameter.

const response = await request("POST /markdown/raw", {
  data: "Hello world github/linguist#1 **cool**, and #1!",
  headers: {
    accept: "text/html;charset=utf-8",
    "content-type": "text/plain"

// Request is sent as
//     {
//       method: 'post',
//       url: '',
//       headers: {
//         accept: 'text/html;charset=utf-8',
//         'content-type': 'text/plain',
//         'user-agent': userAgent
//       },
//       body: 'Hello world github/linguist#1 **cool**, and #1!'
//     }
// not as
//     {
//       ...
//       body: '{"data": "Hello world github/linguist#1 **cool**, and #1!"}'
//     }

Set parameters for both the URL/query and the request body

There are API endpoints that accept both query parameters as well as a body. In that case you need to add the query parameters as templates to options.url, as defined in the RFC 6570 URI Template specification.


    name: "",
    label: "short description",
    headers: {
      "content-type": "text/plain",
      "content-length": 14,
      authorization: `token 0000000000000000000000000000000000000001`
    data: "Hello, world!"



You can’t perform that action at this time.