New user blocking APIs and webhook

February 28, 2017
benbalter

You've been able to block users from your personal account and from organizations you administer for a while now. Starting today, you can block and unblock users via the API and can subscribe to receive a webhook when you do.

Blocking users from your personal account

Blocking a user denies them access to your activity and repositories, and prevents them from sending you notifications. With the user blocking API preview, you can block and unblock a particular user, see which users you've blocked, and check whether you've blocked a particular user.

For example, to block the @octocat user from your personal account:

curl https://api.github.com/user/blocks/octocat \
 -X PUT
 -H 'Authorization: token TOKEN' \
 -H "Accept: application/vnd.github.giant-sentry-fist-preview+json"

Blocking users from your organization

Organization owners can block users to remove their ability to collaborate on the organization's repositories. With the organization user blocking API, organization administrators can see which users the organization has blocked, check if a particular user is blocked, and of course, block or unblock users from the organization.

For example, to get a list of the users that the @atom organization has blocked:

curl https://api.github.com/orgs/atom/blocks \
 -X GET
 -H 'Authorization: token TOKEN' \
 -H "Accept: application/vnd.github.giant-sentry-fist-preview+json"

Accessing the user blocking API during the Early Access period

To access the user blocking API during the Early Access period, you must provide a custom media type in the Accept header:

application/vnd.github.giant-sentry-fist-preview+json

During the preview period, we may change aspects of these API methods based on developer feedback. If we do, we will announce the changes here on the developer blog, but we will not provide any advance notice.

New webhook: `OrgBlockEvent`

You can now subscribe to a new webhook event for when an organization blocks or unblocks a user. You'll automatically begin receiving these events if your organization has a webhook that is subscribed to wildcard events. As always, we continue to recommend listening for the actions in order to future-proof your code.

The new OrgBlockEvent contains the following payload:

action - Either blocked or unblocked
blocked_user - The user that was blocked or unblocked
organization - The organization that blocked or unblocked the user
sender - The user who sent the blocking/unblocking request on behalf of the organization

As always, if you have any questions or feedback, please get in touch with us.

This content may be out of date. For the newest content, see the API posts on the GitHub Blog.

All of GitHub's Docs are now in one place! You can see Apps, REST API, and GraphQL API on GitHub Docs.