> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cysmiq.com/llms.txt
> Use this file to discover all available pages before exploring further.

# List repositories

> Returns repositories the caller can access, optionally filtered by org and VCS source.



## OpenAPI

````yaml https://app.cysmiq.com/docs/tenant/openapi.json get /{tenant_slug}/repositories
openapi: 3.1.0
info:
  title: Cysmiq
  version: v1
  description: Tenant API
servers:
  - url: https://app.cysmiq.com/api/v1
    description: Production
security:
  - bearerAuth: []
tags:
  - name: Token
    description: Token introspection and authentication context.
  - name: Organizations
    description: Read-only organizational unit (org) data.
  - name: Repositories
    description: Read-only repository data.
  - name: Applications
    description: Read-only application data.
  - name: Scans
    description: Read-only scan status data for CI integrations.
  - name: Vulnerabilities
    description: Read-only vulnerability data for CI and reporting.
  - name: Policy Violations
    description: Read-only policy violation data for CI and reporting.
paths:
  /{tenant_slug}/repositories:
    get:
      tags:
        - Repositories
      summary: List repositories
      description: >-
        Returns repositories the caller can access, optionally filtered by org
        and VCS source.
      operationId: listRepositories
      parameters:
        - name: org
          in: query
          schema:
            type:
              - string
              - 'null'
            maxLength: 255
        - name: source
          in: query
          schema:
            type:
              - string
              - 'null'
            maxLength: 255
        - name: application
          in: query
          schema:
            type:
              - string
              - 'null'
            maxLength: 255
        - name: limit
          in: query
          schema:
            type:
              - integer
              - 'null'
            minimum: 1
            maximum: 200
        - name: cursor
          in: query
          schema:
            type:
              - string
              - 'null'
        - name: tenant_slug
          in: path
          required: true
          description: Workspace slug for the tenant context.
          schema:
            type: string
          example: acme
      responses:
        '200':
          description: Repository list response.
          content:
            application/json:
              schema:
                type: object
                examples:
                  - items:
                      - id: repo_01hxyz
                        name: widgets
                        full_name: acme/widgets
                        source: ghc
                        is_private: false
                        is_archived: false
                        is_enabled: true
                        scan_state: active
                        external_id: '987654'
                        org:
                          id: org_01hxyz
                          name: acme
                          full_path: acme
                        created_at: '2024-08-01T10:00:00Z'
                        updated_at: '2026-01-14T17:45:00Z'
                    next_cursor: null
                properties:
                  filters:
                    type: object
                    properties:
                      org:
                        type:
                          - object
                          - 'null'
                        properties:
                          id:
                            type: string
                          name:
                            type: string
                          full_path:
                            type: string
                        required:
                          - id
                          - name
                          - full_path
                      source:
                        type:
                          - array
                          - 'null'
                        items:
                          type: string
                      application:
                        type:
                          - object
                          - 'null'
                        properties:
                          id:
                            type: string
                          name:
                            type: string
                        required:
                          - id
                          - name
                    required:
                      - org
                      - source
                      - application
                  items:
                    type: array
                    items:
                      type: object
                      properties:
                        id:
                          type: string
                        name:
                          type:
                            - string
                            - 'null'
                        full_name:
                          type:
                            - string
                            - 'null'
                        source:
                          type:
                            - string
                            - 'null'
                        is_private:
                          type: boolean
                        is_archived:
                          type: boolean
                        is_enabled:
                          type: boolean
                        scan_state:
                          anyOf:
                            - type: string
                            - $ref: '#/components/schemas/RepositoryScanState'
                            - type: 'null'
                        external_id:
                          type:
                            - string
                            - 'null'
                        org:
                          type:
                            - object
                            - 'null'
                          properties:
                            id:
                              type: string
                            name:
                              type: string
                            full_path:
                              type: string
                          required:
                            - id
                            - name
                            - full_path
                        created_at:
                          type: string
                        updated_at:
                          type: string
                      required:
                        - id
                        - name
                        - full_name
                        - source
                        - is_private
                        - is_archived
                        - is_enabled
                        - scan_state
                        - external_id
                        - org
                        - created_at
                        - updated_at
                  next_cursor:
                    type: string
                required:
                  - filters
                  - items
                  - next_cursor
        '401':
          $ref: '#/components/responses/UnauthorizedError'
        '403':
          $ref: '#/components/responses/ForbiddenError'
        '404':
          $ref: '#/components/responses/NotFoundError'
        '422':
          $ref: '#/components/responses/ValidationFailedError'
        '429':
          $ref: '#/components/responses/RateLimitedError'
        '500':
          $ref: '#/components/responses/InternalError'
        '503':
          $ref: '#/components/responses/ServiceUnavailableError'
components:
  schemas:
    RepositoryScanState:
      type: string
      enum:
        - initializing
        - active
        - recovery
        - failed
      title: RepositoryScanState
    ApiError:
      type: object
      required:
        - code
        - message
      properties:
        code:
          type: string
          description: Machine-readable error code.
        message:
          type: string
          description: Human-readable error message.
        details:
          type: object
          description: Optional structured error details.
          additionalProperties: true
  responses:
    UnauthorizedError:
      description: Authentication is required or the token is invalid.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ApiError'
          examples:
            authenticationRequired:
              value:
                code: AUTHENTICATION_REQUIRED
                message: Unauthenticated.
    ForbiddenError:
      description: The token is authenticated but not permitted for this tenant or action.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ApiError'
          examples:
            tokenInvalidForTenant:
              value:
                code: TOKEN_INVALID_FOR_TENANT
                message: Token not valid for this tenant.
            tokenAbilityDenied:
              value:
                code: TOKEN_ABILITY_DENIED
                message: Forbidden.
    NotFoundError:
      description: The workspace or requested resource was not found.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ApiError'
          examples:
            tenantNotFound:
              value:
                code: TENANT_NOT_FOUND
                message: Workspace not found
            resourceNotFound:
              value:
                code: RESOURCE_NOT_FOUND
                message: Not found.
    ValidationFailedError:
      description: >-
        The request could not be processed because validation failed or filter
        values were unsupported.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ApiError'
          examples:
            validationFailed:
              value:
                code: VALIDATION_FAILED
                message: The given data was invalid.
                details:
                  errors:
                    severity:
                      - The selected severity is invalid.
            invalidFilterValue:
              value:
                code: INVALID_FILTER_VALUE
                message: 'Invalid filter value(s): critical'
                details:
                  invalid_values:
                    - critical
    RateLimitedError:
      description: The request exceeded the tenant API rate limit.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ApiError'
          examples:
            rateLimited:
              value:
                code: RATE_LIMITED
                message: Too Many Attempts.
    InternalError:
      description: The server encountered an unexpected error.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ApiError'
          examples:
            internalError:
              value:
                code: INTERNAL_ERROR
                message: Internal server error
    ServiceUnavailableError:
      description: The workspace or service is temporarily unavailable.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ApiError'
          examples:
            serviceUnavailable:
              value:
                code: SERVICE_UNAVAILABLE
                message: Service Unavailable
  securitySchemes:
    bearerAuth:
      type: http
      description: 'Use a Cysmiq API token in the Authorization header: Bearer {token}.'
      scheme: bearer
      bearerFormat: Token

````