GitHub App: how to get the authenticated user organizations


I have a GitHub app, and I’d like to get the authenticated user’s organization list. When I do a request to /user/orgs (as described in I get an empty list back. The documentation says that OAuth apps need the read:org permission, but I don’t see the equivalent for GitHub apps.



1 Like

Hi @fermayo,

Thank you for being here! 

  • GitHub App installations can be listed both at the organization and user levels using the GitHub Apps endpoint.
  • GitHub App permissions can be listed both at the organization and user levels. You will find permission information under the permissions key in the JSON response.

Thanks Andrea.

However, I don’t want to list the user installations, but the organizations the user is part of, including private memberships, using the ‘/user/orgs’ endpoint.

Thanks for the clarification @fermayo

The REST API’s Organizations endpoint does have a “List User Organizations” method that can list  public  organization memberships for the specified user. However, as mentioned in that description, it just includes public memberships:

“This method only lists public memberships, regardless of authentication. If you need to fetch all of the organization memberships (public and private) for the authenticated user, use the List your organizations API instead.”


In other words, if you needed to get Public and Private organizations that the user is a member of you could create an impersonation token and then make the request to the List Your Organizations as that user, and then delete the token when you’re finished.

If you are still unable to see the orgs, please send us the full output of a curl -v request

That should help us investigate the issue. Also, please make sure you mask any sensitive information like OAuth tokens and Authorization headers in the output of the curl command. Please send the output to And include a link to this thread to give support some background on the ticket.

I hope this helps!

Hello Andrea,

I’m using the user’s access token I get when authorizing them with the OAuth flow. I still don’t see the private organizations of that user (I only see the public ones). It’s like I don’t have permissions to see their organizations, but I don’t see how I can request those permissions (it’s not on the GitHub app permissions list).