API
tryapis.com
Find anything
⌘ K
GitHub API Endpoints
actions
activity
apps
billing
checks
code-scanning
codes-of-conduct
emojis
enterprise-admin
gists
gitignore
interactions
issues
licenses
markdown
meta
migrations
oauth-authorizations
orgs
packages
projects
pulls
rate-limit
reactions
repos
scim
search
secret-scanning
teams
users

GET

https://api.github.com/repos/owner/repo/git/commits/commit_sha

Gets a Git commit object.

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

| Name | Type | Description | | ---- | ---- | ----------- | | verified | boolean | Indicates whether GitHub considers the signature in this commit to be verified. | | reason | string | The reason for verified value. Possible values and their meanings are enumerated in table below. | | signature | string | The signature that was extracted from the commit. | | payload | string | The value that was signed. |

These are the possible values for reason in the verification object:

| Value | Description | | ----- | ----------- | | expired_key | The key that made the signature is expired. | | not_signing_key | The "signing" flag is not among the usage flags in the GPG key that made the signature. | | gpgverify_error | There was an error communicating with the signature verification service. | | gpgverify_unavailable | The signature verification service is currently unavailable. | | unsigned | The object does not include a signature. | | unknown_signature_type | A non-PGP signature was found in the commit. | | no_user | No user was associated with the committer email address in the commit. | | unverified_email | The committer email address in the commit was associated with a user, but the email address is not verified on her/his account. | | bad_email | The committer email address in the commit is not included in the identities of the PGP key that made the signature. | | unknown_key | The key that made the signature has not been registered with any user's account. | | malformed_signature | There was an error parsing the signature. | | invalid | The signature could not be cryptographically verified using the key whose key-id was found in the signature. | | valid | None of the above errors applied, so the signature is considered to be verified. |

Scopes requested: user, public_repo, repo, notifications, gist
Authorization
tryapis.com never stores your requests or responses