Pontos de extremidade da API REST para padrões personalizados de verificação secreta
Use a API REST para gerenciar padrões personalizados para verificação secreta.
List organization custom patterns
Lists secret scanning custom patterns for an organization.
Personal access tokens (classic) need the read:org scope to use this endpoint.
Tokens de acesso granulares para "List organization custom patterns"
Este endpoint funciona com os seguintes tipos de token granulares:
- tokens de acesso do usuário do aplicativo GitHub
- tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Administration" organization permissions (read)
Parâmetros para "List organization custom patterns"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
org string ObrigatórioThe organization name. The name is not case sensitive. |
| Nome, Tipo, Descrição |
|---|
state string Filter custom patterns by state. When absent, returns patterns in all states. Pode ser um dos: |
push_protection string Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status. Pode ser um dos: |
sort string The property to sort the results by. Padrão: Pode ser um dos: |
direction string The direction to sort the results by. Padrão: Pode ser um dos: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Padrão: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Padrão: |
Códigos de status de resposta HTTP para "List organization custom patterns"
| Código de status | Descrição |
|---|---|
200 | OK |
403 | Forbidden |
404 | Resource not found |
Exemplos de código para "List organization custom patterns"
Exemplo de solicitação
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/orgs/ORG/secret-scanning/custom-patternsResponse
Status: 200[
{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "[a-z]+_token_[0-9]+",
"slug": "example-custom-pattern",
"state": "published",
"push_protection_enabled": true,
"start_delimiter": null,
"end_delimiter": null,
"must_match": null,
"must_not_match": null,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
},
{
"id": 2,
"name": "Another Custom Pattern",
"pattern": "prefix_[a-zA-Z0-9]{32}",
"slug": "another-custom-pattern",
"state": "published",
"push_protection_enabled": false,
"start_delimiter": "\\b",
"end_delimiter": "\\b",
"must_match": [
"^prefix_prod"
],
"must_not_match": [
"test"
],
"created_at": "2024-01-16T14:20:00Z",
"updated_at": "2024-01-17T09:15:00Z"
}
]Bulk create organization custom patterns
Bulk creates secret scanning custom patterns for an organization.
Personal access tokens (classic) need the write:org scope to use this endpoint.
Tokens de acesso granulares para "Bulk create organization custom patterns"
Este endpoint funciona com os seguintes tipos de token granulares:
- tokens de acesso do usuário do aplicativo GitHub
- tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Administration" organization permissions (write)
Parâmetros para "Bulk create organization custom patterns"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
org string ObrigatórioThe organization name. The name is not case sensitive. |
| Nome, Tipo, Descrição | |||||||
|---|---|---|---|---|---|---|---|
patterns array of objects ObrigatórioThe list of custom patterns to create. | |||||||
Properties of |
| Nome, Tipo, Descrição |
|---|
name string ObrigatórioThe name of the custom pattern. |
pattern string ObrigatórioThe regular expression of the custom pattern. |
start_delimiter string The start delimiter regex for the custom pattern.
Defaults to Padrão: |
end_delimiter string The end delimiter regex for the custom pattern.
Defaults to Padrão: |
must_match array of strings List of regexes that the secret must match. |
must_not_match array of strings List of regexes that the secret must not match. |
Códigos de status de resposta HTTP para "Bulk create organization custom patterns"
| Código de status | Descrição |
|---|---|
201 | All patterns created successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
422 | Validation failed for one or more patterns. |
Exemplos de código para "Bulk create organization custom patterns"
Exemplo de solicitação
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/orgs/ORG/secret-scanning/custom-patterns \
-d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'All patterns created successfully.
Status: 201{
"created_patterns": [
{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "[a-z]+_token_[0-9]+",
"slug": "example-custom-pattern",
"state": "unpublished",
"push_protection_enabled": false,
"start_delimiter": null,
"end_delimiter": null,
"must_match": null,
"must_not_match": null,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
},
{
"id": 2,
"name": "Another Custom Pattern",
"pattern": "prefix_[a-zA-Z0-9]{32}",
"slug": "another-custom-pattern",
"state": "unpublished",
"push_protection_enabled": false,
"start_delimiter": "\\b",
"end_delimiter": "\\b",
"must_match": [
"^prefix_prod"
],
"must_not_match": [
"test"
],
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
}
]
}Bulk delete organization custom patterns
Bulk deletes secret scanning custom patterns for an organization.
Personal access tokens (classic) need the write:org scope to use this endpoint.
Tokens de acesso granulares para "Bulk delete organization custom patterns"
Este endpoint funciona com os seguintes tipos de token granulares:
- tokens de acesso do usuário do aplicativo GitHub
- tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Administration" organization permissions (write)
Parâmetros para "Bulk delete organization custom patterns"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
org string ObrigatórioThe organization name. The name is not case sensitive. |
| Nome, Tipo, Descrição | |||
|---|---|---|---|
patterns array of objects ObrigatórioThe list of custom patterns to delete. | |||
Properties of |
| Nome, Tipo, Descrição |
|---|
pattern_id integer ObrigatórioThe ID of the custom pattern to delete. |
custom_pattern_version string or null The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. |
post_delete_action string What to do with alerts associated with the deleted patterns.
delete_alerts permanently removes the alerts.
resolve_alerts resolves the alerts as "pattern deleted".
Defaults to delete_alerts when not specified.
Padrão: delete_alerts
Pode ser um dos: delete_alerts, resolve_alerts
Códigos de status de resposta HTTP para "Bulk delete organization custom patterns"
| Código de status | Descrição |
|---|---|
204 | All patterns deleted successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
412 | Precondition Failed |
Exemplos de código para "Bulk delete organization custom patterns"
Exemplo de solicitação
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/orgs/ORG/secret-scanning/custom-patterns \
-d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'All patterns deleted successfully.
Status: 204Update an organization custom pattern
Updates a secret scanning custom pattern for an organization.
Personal access tokens (classic) need the write:org scope to use this endpoint.
Tokens de acesso granulares para "Update an organization custom pattern"
Este endpoint funciona com os seguintes tipos de token granulares:
- tokens de acesso do usuário do aplicativo GitHub
- tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Administration" organization permissions (write)
Parâmetros para "Update an organization custom pattern"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
org string ObrigatórioThe organization name. The name is not case sensitive. |
pattern_id integer ObrigatórioThe ID of the custom pattern. |
| Nome, Tipo, Descrição |
|---|
pattern string The updated regular expression of the custom pattern. |
start_delimiter string The updated start delimiter regex for the custom pattern. |
end_delimiter string The updated end delimiter regex for the custom pattern. |
must_match array of strings Updated list of regexes that the secret must match. |
must_not_match array of strings Updated list of regexes that the secret must not match. |
custom_pattern_version string or null ObrigatórioThe version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. |
Códigos de status de resposta HTTP para "Update an organization custom pattern"
| Código de status | Descrição |
|---|---|
200 | Pattern updated successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
412 | Precondition Failed |
422 | Validation failed, or the endpoint has been spammed. |
Exemplos de código para "Update an organization custom pattern"
Exemplo de solicitação
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/orgs/ORG/secret-scanning/custom-patterns/PATTERN_ID \
-d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'Pattern updated successfully.
Status: 200{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "updated_secret_[0-9A-Z]{16}",
"slug": "example_custom_pattern",
"state": "published",
"push_protection_enabled": true,
"start_delimiter": "[^0-9A-Za-z]",
"end_delimiter": "[^0-9A-Za-z]",
"must_match": [
"updated_secret_[0-9]{2}*"
],
"must_not_match": [
"updated_secret_1234567890ABCDEF"
],
"custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K",
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-06-01T12:00:00Z"
}List repository custom patterns
Lists secret scanning custom patterns for a repository.
OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.
Tokens de acesso granulares para "List repository custom patterns"
Este endpoint funciona com os seguintes tipos de token granulares:
- tokens de acesso do usuário do aplicativo GitHub
- tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Secret scanning alerts" repository permissions (read)
Parâmetros para "List repository custom patterns"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
| Nome, Tipo, Descrição |
|---|
state string Filter custom patterns by state. When absent, returns patterns in all states. Pode ser um dos: |
push_protection string Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status. Pode ser um dos: |
sort string The property to sort the results by. Padrão: Pode ser um dos: |
direction string The direction to sort the results by. Padrão: Pode ser um dos: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Padrão: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Padrão: |
Códigos de status de resposta HTTP para "List repository custom patterns"
| Código de status | Descrição |
|---|---|
200 | OK |
403 | Forbidden |
404 | Resource not found |
Exemplos de código para "List repository custom patterns"
Exemplo de solicitação
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patternsResponse
Status: 200[
{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "[a-z]+_token_[0-9]+",
"slug": "example-custom-pattern",
"state": "published",
"push_protection_enabled": true,
"start_delimiter": null,
"end_delimiter": null,
"must_match": null,
"must_not_match": null,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
},
{
"id": 2,
"name": "Another Custom Pattern",
"pattern": "prefix_[a-zA-Z0-9]{32}",
"slug": "another-custom-pattern",
"state": "published",
"push_protection_enabled": false,
"start_delimiter": "\\b",
"end_delimiter": "\\b",
"must_match": [
"^prefix_prod"
],
"must_not_match": [
"test"
],
"created_at": "2024-01-16T14:20:00Z",
"updated_at": "2024-01-17T09:15:00Z"
}
]Bulk create repository custom patterns
Bulk creates secret scanning custom patterns for a repository.
OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.
Tokens de acesso granulares para "Bulk create repository custom patterns"
Este endpoint funciona com os seguintes tipos de token granulares:
- tokens de acesso do usuário do aplicativo GitHub
- tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Secret scanning alerts" repository permissions (write)
Parâmetros para "Bulk create repository custom patterns"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
| Nome, Tipo, Descrição | |||||||
|---|---|---|---|---|---|---|---|
patterns array of objects ObrigatórioThe list of custom patterns to create. | |||||||
Properties of |
| Nome, Tipo, Descrição |
|---|
name string ObrigatórioThe name of the custom pattern. |
pattern string ObrigatórioThe regular expression of the custom pattern. |
start_delimiter string The start delimiter regex for the custom pattern.
Defaults to Padrão: |
end_delimiter string The end delimiter regex for the custom pattern.
Defaults to Padrão: |
must_match array of strings List of regexes that the secret must match. |
must_not_match array of strings List of regexes that the secret must not match. |
Códigos de status de resposta HTTP para "Bulk create repository custom patterns"
| Código de status | Descrição |
|---|---|
201 | All patterns created successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
422 | Validation failed for one or more patterns. |
Exemplos de código para "Bulk create repository custom patterns"
Exemplo de solicitação
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns \
-d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'All patterns created successfully.
Status: 201{
"created_patterns": [
{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "[a-z]+_token_[0-9]+",
"slug": "example-custom-pattern",
"state": "unpublished",
"push_protection_enabled": false,
"start_delimiter": null,
"end_delimiter": null,
"must_match": null,
"must_not_match": null,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
},
{
"id": 2,
"name": "Another Custom Pattern",
"pattern": "prefix_[a-zA-Z0-9]{32}",
"slug": "another-custom-pattern",
"state": "unpublished",
"push_protection_enabled": false,
"start_delimiter": "\\b",
"end_delimiter": "\\b",
"must_match": [
"^prefix_prod"
],
"must_not_match": [
"test"
],
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
}
]
}Bulk delete repository custom patterns
Bulk deletes secret scanning custom patterns for a repository.
OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.
Tokens de acesso granulares para "Bulk delete repository custom patterns"
Este endpoint funciona com os seguintes tipos de token granulares:
- tokens de acesso do usuário do aplicativo GitHub
- tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Secret scanning alerts" repository permissions (write)
Parâmetros para "Bulk delete repository custom patterns"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
| Nome, Tipo, Descrição | |||
|---|---|---|---|
patterns array of objects ObrigatórioThe list of custom patterns to delete. | |||
Properties of |
| Nome, Tipo, Descrição |
|---|
pattern_id integer ObrigatórioThe ID of the custom pattern to delete. |
custom_pattern_version string or null The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. |
post_delete_action string What to do with alerts associated with the deleted patterns.
delete_alerts permanently removes the alerts.
resolve_alerts resolves the alerts as "pattern deleted".
Defaults to delete_alerts when not specified.
Padrão: delete_alerts
Pode ser um dos: delete_alerts, resolve_alerts
Códigos de status de resposta HTTP para "Bulk delete repository custom patterns"
| Código de status | Descrição |
|---|---|
204 | All patterns deleted successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
412 | Precondition Failed |
Exemplos de código para "Bulk delete repository custom patterns"
Exemplo de solicitação
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns \
-d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'All patterns deleted successfully.
Status: 204Update a repository custom pattern
Updates a secret scanning custom pattern for a repository.
OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.
Tokens de acesso granulares para "Update a repository custom pattern"
Este endpoint funciona com os seguintes tipos de token granulares:
- tokens de acesso do usuário do aplicativo GitHub
- tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Secret scanning alerts" repository permissions (write)
Parâmetros para "Update a repository custom pattern"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
pattern_id integer ObrigatórioThe ID of the custom pattern. |
| Nome, Tipo, Descrição |
|---|
pattern string The updated regular expression of the custom pattern. |
start_delimiter string The updated start delimiter regex for the custom pattern. |
end_delimiter string The updated end delimiter regex for the custom pattern. |
must_match array of strings Updated list of regexes that the secret must match. |
must_not_match array of strings Updated list of regexes that the secret must not match. |
custom_pattern_version string or null ObrigatórioThe version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. |
Códigos de status de resposta HTTP para "Update a repository custom pattern"
| Código de status | Descrição |
|---|---|
200 | Pattern updated successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
412 | Precondition Failed |
422 | Validation failed, or the endpoint has been spammed. |
Exemplos de código para "Update a repository custom pattern"
Exemplo de solicitação
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns/PATTERN_ID \
-d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'Pattern updated successfully.
Status: 200{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "updated_secret_[0-9A-Z]{16}",
"slug": "example_custom_pattern",
"state": "published",
"push_protection_enabled": true,
"start_delimiter": "[^0-9A-Za-z]",
"end_delimiter": "[^0-9A-Za-z]",
"must_match": [
"updated_secret_[0-9]{2}*"
],
"must_not_match": [
"updated_secret_1234567890ABCDEF"
],
"custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K",
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-06-01T12:00:00Z"
}