Skip to main content
REST API теперь версия. Дополнительные сведения см. в разделе "О управлении версиями API".

Конечные точки REST API для проверки секретов пользовательских шаблонов

Используйте REST API для управления пользовательскими шаблонами для сканирования секретов.

List enterprise custom patterns

Lists secret scanning custom patterns for an enterprise.

Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Детализированные токены доступа для «List enterprise custom patterns»

Эта конечная точка не работает с пользовательскими токенами доступа GitHub App, токенами доступа для установки GitHub App или детализированными персональными токенами доступа.

Параметры для «List enterprise custom patterns»

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
enterprise string Обязательное поле

The slug version of the enterprise name.

Параметры запроса
Имя., Тип, Description
state string

Filter custom patterns by state. When absent, returns patterns in all states.

Возможные значения: published, unpublished

push_protection string

Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status.

Возможные значения: enabled, disabled

sort string

The property to sort the results by.

По умолчанию.: created

Возможные значения: created, updated, name

direction string

The direction to sort the results by.

По умолчанию.: desc

Возможные значения: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

По умолчанию.: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

По умолчанию.: 30

HTTP-коды статуса ответа для «List enterprise custom patterns»

Код состоянияDescription
200

OK

403

Forbidden

404

Resource not found

Примеры кода для «List enterprise custom patterns»

Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.

Пример запроса

get/enterprises/{enterprise}/secret-scanning/custom-patterns
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns

Response

Status: 200
[ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "published", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-16T14:20:00Z", "updated_at": "2024-01-17T09:15:00Z" } ]

Bulk create enterprise custom patterns

Bulk creates secret scanning custom patterns for an enterprise.

Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Детализированные токены доступа для «Bulk create enterprise custom patterns»

Эта конечная точка не работает с пользовательскими токенами доступа GitHub App, токенами доступа для установки GitHub App или детализированными персональными токенами доступа.

Параметры для «Bulk create enterprise custom patterns»

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
enterprise string Обязательное поле

The slug version of the enterprise name.

Параметры запроса
Имя., Тип, Description
patterns array of objects Обязательное поле

The list of custom patterns to create.

Имя., Тип, Description
name string Обязательное поле

The name of the custom pattern.

pattern string Обязательное поле

The regular expression of the custom pattern.

start_delimiter string

The start delimiter regex for the custom pattern. Defaults to \A|[^0-9A-Za-z] when not specified.

По умолчанию.: \A|[^0-9A-Za-z]

end_delimiter string

The end delimiter regex for the custom pattern. Defaults to \z|[^0-9A-Za-z] when not specified.

По умолчанию.: \z|[^0-9A-Za-z]

must_match array of strings

List of regexes that the secret must match.

must_not_match array of strings

List of regexes that the secret must not match.

HTTP-коды статуса ответа для «Bulk create enterprise custom patterns»

Код состоянияDescription
201

All patterns created successfully.

400

Bad Request

403

Forbidden

404

Resource not found

422

Validation failed for one or more patterns.

Примеры кода для «Bulk create enterprise custom patterns»

Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.

Пример запроса

post/enterprises/{enterprise}/secret-scanning/custom-patterns
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns \ -d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'

All patterns created successfully.

Status: 201
{ "created_patterns": [ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" } ] }

Bulk delete enterprise custom patterns

Bulk deletes secret scanning custom patterns for an enterprise.

Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Детализированные токены доступа для «Bulk delete enterprise custom patterns»

Эта конечная точка не работает с пользовательскими токенами доступа GitHub App, токенами доступа для установки GitHub App или детализированными персональными токенами доступа.

Параметры для «Bulk delete enterprise custom patterns»

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
enterprise string Обязательное поле

The slug version of the enterprise name.

Параметры запроса
Имя., Тип, Description
patterns array of objects Обязательное поле

The list of custom patterns to delete.

Имя., Тип, Description
pattern_id integer Обязательное поле

The ID of the custom pattern to delete.

custom_pattern_version string or null

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

post_delete_action string

What to do with alerts associated with the deleted patterns. delete_alerts permanently removes the alerts. resolve_alerts resolves the alerts as "pattern deleted". Defaults to delete_alerts when not specified.

По умолчанию.: delete_alerts

Возможные значения: delete_alerts, resolve_alerts

HTTP-коды статуса ответа для «Bulk delete enterprise custom patterns»

Код состоянияDescription
204

All patterns deleted successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

Примеры кода для «Bulk delete enterprise custom patterns»

Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.

Пример запроса

delete/enterprises/{enterprise}/secret-scanning/custom-patterns
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns \ -d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'

All patterns deleted successfully.

Status: 204

Update an enterprise custom pattern

Updates a secret scanning custom pattern for an enterprise.

Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Детализированные токены доступа для «Update an enterprise custom pattern»

Эта конечная точка не работает с пользовательскими токенами доступа GitHub App, токенами доступа для установки GitHub App или детализированными персональными токенами доступа.

Параметры для «Update an enterprise custom pattern»

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
enterprise string Обязательное поле

The slug version of the enterprise name.

pattern_id integer Обязательное поле

The ID of the custom pattern.

Параметры запроса
Имя., Тип, Description
pattern string

The updated regular expression of the custom pattern.

start_delimiter string

The updated start delimiter regex for the custom pattern.

end_delimiter string

The updated end delimiter regex for the custom pattern.

must_match array of strings

Updated list of regexes that the secret must match.

must_not_match array of strings

Updated list of regexes that the secret must not match.

custom_pattern_version string or null Обязательное поле

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

HTTP-коды статуса ответа для «Update an enterprise custom pattern»

Код состоянияDescription
200

Pattern updated successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

422

Validation failed, or the endpoint has been spammed.

Примеры кода для «Update an enterprise custom pattern»

Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.

Пример запроса

patch/enterprises/{enterprise}/secret-scanning/custom-patterns/{pattern_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns/PATTERN_ID \ -d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'

Pattern updated successfully.

Status: 200
{ "id": 1, "name": "Example Custom Pattern", "pattern": "updated_secret_[0-9A-Z]{16}", "slug": "example_custom_pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": "[^0-9A-Za-z]", "end_delimiter": "[^0-9A-Za-z]", "must_match": [ "updated_secret_[0-9]{2}*" ], "must_not_match": [ "updated_secret_1234567890ABCDEF" ], "custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K", "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-06-01T12:00:00Z" }

List organization custom patterns

Lists secret scanning custom patterns for an organization.

Personal access tokens (classic) need the read:org scope to use this endpoint.

Детализированные токены доступа для «List organization custom patterns»

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (read)

Параметры для «List organization custom patterns»

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

Параметры запроса
Имя., Тип, Description
state string

Filter custom patterns by state. When absent, returns patterns in all states.

Возможные значения: published, unpublished

push_protection string

Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status.

Возможные значения: enabled, disabled

sort string

The property to sort the results by.

По умолчанию.: created

Возможные значения: created, updated, name

direction string

The direction to sort the results by.

По умолчанию.: desc

Возможные значения: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

По умолчанию.: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

По умолчанию.: 30

HTTP-коды статуса ответа для «List organization custom patterns»

Код состоянияDescription
200

OK

403

Forbidden

404

Resource not found

Примеры кода для «List organization custom patterns»

Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.

Пример запроса

get/orgs/{org}/secret-scanning/custom-patterns
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns

Response

Status: 200
[ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "published", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-16T14:20:00Z", "updated_at": "2024-01-17T09:15:00Z" } ]

Bulk create organization custom patterns

Bulk creates secret scanning custom patterns for an organization.

Personal access tokens (classic) need the write:org scope to use this endpoint.

Детализированные токены доступа для «Bulk create organization custom patterns»

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для «Bulk create organization custom patterns»

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

Параметры запроса
Имя., Тип, Description
patterns array of objects Обязательное поле

The list of custom patterns to create.

Имя., Тип, Description
name string Обязательное поле

The name of the custom pattern.

pattern string Обязательное поле

The regular expression of the custom pattern.

start_delimiter string

The start delimiter regex for the custom pattern. Defaults to \A|[^0-9A-Za-z] when not specified.

По умолчанию.: \A|[^0-9A-Za-z]

end_delimiter string

The end delimiter regex for the custom pattern. Defaults to \z|[^0-9A-Za-z] when not specified.

По умолчанию.: \z|[^0-9A-Za-z]

must_match array of strings

List of regexes that the secret must match.

must_not_match array of strings

List of regexes that the secret must not match.

HTTP-коды статуса ответа для «Bulk create organization custom patterns»

Код состоянияDescription
201

All patterns created successfully.

400

Bad Request

403

Forbidden

404

Resource not found

422

Validation failed for one or more patterns.

Примеры кода для «Bulk create organization custom patterns»

Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.

Пример запроса

post/orgs/{org}/secret-scanning/custom-patterns
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns \ -d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'

All patterns created successfully.

Status: 201
{ "created_patterns": [ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" } ] }

Bulk delete organization custom patterns

Bulk deletes secret scanning custom patterns for an organization.

Personal access tokens (classic) need the write:org scope to use this endpoint.

Детализированные токены доступа для «Bulk delete organization custom patterns»

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для «Bulk delete organization custom patterns»

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

Параметры запроса
Имя., Тип, Description
patterns array of objects Обязательное поле

The list of custom patterns to delete.

Имя., Тип, Description
pattern_id integer Обязательное поле

The ID of the custom pattern to delete.

custom_pattern_version string or null

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

post_delete_action string

What to do with alerts associated with the deleted patterns. delete_alerts permanently removes the alerts. resolve_alerts resolves the alerts as "pattern deleted". Defaults to delete_alerts when not specified.

По умолчанию.: delete_alerts

Возможные значения: delete_alerts, resolve_alerts

HTTP-коды статуса ответа для «Bulk delete organization custom patterns»

Код состоянияDescription
204

All patterns deleted successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

Примеры кода для «Bulk delete organization custom patterns»

Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.

Пример запроса

delete/orgs/{org}/secret-scanning/custom-patterns
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns \ -d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'

All patterns deleted successfully.

Status: 204

Update an organization custom pattern

Updates a secret scanning custom pattern for an organization.

Personal access tokens (classic) need the write:org scope to use this endpoint.

Детализированные токены доступа для «Update an organization custom pattern»

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для «Update an organization custom pattern»

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

pattern_id integer Обязательное поле

The ID of the custom pattern.

Параметры запроса
Имя., Тип, Description
pattern string

The updated regular expression of the custom pattern.

start_delimiter string

The updated start delimiter regex for the custom pattern.

end_delimiter string

The updated end delimiter regex for the custom pattern.

must_match array of strings

Updated list of regexes that the secret must match.

must_not_match array of strings

Updated list of regexes that the secret must not match.

custom_pattern_version string or null Обязательное поле

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

HTTP-коды статуса ответа для «Update an organization custom pattern»

Код состоянияDescription
200

Pattern updated successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

422

Validation failed, or the endpoint has been spammed.

Примеры кода для «Update an organization custom pattern»

Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.

Пример запроса

patch/orgs/{org}/secret-scanning/custom-patterns/{pattern_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns/PATTERN_ID \ -d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'

Pattern updated successfully.

Status: 200
{ "id": 1, "name": "Example Custom Pattern", "pattern": "updated_secret_[0-9A-Z]{16}", "slug": "example_custom_pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": "[^0-9A-Za-z]", "end_delimiter": "[^0-9A-Za-z]", "must_match": [ "updated_secret_[0-9]{2}*" ], "must_not_match": [ "updated_secret_1234567890ABCDEF" ], "custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K", "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-06-01T12:00:00Z" }

List repository custom patterns

Lists secret scanning custom patterns for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Детализированные токены доступа для «List repository custom patterns»

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Secret scanning alerts" repository permissions (read)

Параметры для «List repository custom patterns»

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
owner string Обязательное поле

The account owner of the repository. The name is not case sensitive.

repo string Обязательное поле

The name of the repository without the .git extension. The name is not case sensitive.

Параметры запроса
Имя., Тип, Description
state string

Filter custom patterns by state. When absent, returns patterns in all states.

Возможные значения: published, unpublished

push_protection string

Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status.

Возможные значения: enabled, disabled

sort string

The property to sort the results by.

По умолчанию.: created

Возможные значения: created, updated, name

direction string

The direction to sort the results by.

По умолчанию.: desc

Возможные значения: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

По умолчанию.: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

По умолчанию.: 30

HTTP-коды статуса ответа для «List repository custom patterns»

Код состоянияDescription
200

OK

403

Forbidden

404

Resource not found

Примеры кода для «List repository custom patterns»

Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.

Пример запроса

get/repos/{owner}/{repo}/secret-scanning/custom-patterns
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns

Response

Status: 200
[ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "published", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-16T14:20:00Z", "updated_at": "2024-01-17T09:15:00Z" } ]

Bulk create repository custom patterns

Bulk creates secret scanning custom patterns for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Детализированные токены доступа для «Bulk create repository custom patterns»

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Secret scanning alerts" repository permissions (write)

Параметры для «Bulk create repository custom patterns»

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
owner string Обязательное поле

The account owner of the repository. The name is not case sensitive.

repo string Обязательное поле

The name of the repository without the .git extension. The name is not case sensitive.

Параметры запроса
Имя., Тип, Description
patterns array of objects Обязательное поле

The list of custom patterns to create.

Имя., Тип, Description
name string Обязательное поле

The name of the custom pattern.

pattern string Обязательное поле

The regular expression of the custom pattern.

start_delimiter string

The start delimiter regex for the custom pattern. Defaults to \A|[^0-9A-Za-z] when not specified.

По умолчанию.: \A|[^0-9A-Za-z]

end_delimiter string

The end delimiter regex for the custom pattern. Defaults to \z|[^0-9A-Za-z] when not specified.

По умолчанию.: \z|[^0-9A-Za-z]

must_match array of strings

List of regexes that the secret must match.

must_not_match array of strings

List of regexes that the secret must not match.

HTTP-коды статуса ответа для «Bulk create repository custom patterns»

Код состоянияDescription
201

All patterns created successfully.

400

Bad Request

403

Forbidden

404

Resource not found

422

Validation failed for one or more patterns.

Примеры кода для «Bulk create repository custom patterns»

Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.

Пример запроса

post/repos/{owner}/{repo}/secret-scanning/custom-patterns
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns \ -d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'

All patterns created successfully.

Status: 201
{ "created_patterns": [ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" } ] }

Bulk delete repository custom patterns

Bulk deletes secret scanning custom patterns for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Детализированные токены доступа для «Bulk delete repository custom patterns»

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Secret scanning alerts" repository permissions (write)

Параметры для «Bulk delete repository custom patterns»

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
owner string Обязательное поле

The account owner of the repository. The name is not case sensitive.

repo string Обязательное поле

The name of the repository without the .git extension. The name is not case sensitive.

Параметры запроса
Имя., Тип, Description
patterns array of objects Обязательное поле

The list of custom patterns to delete.

Имя., Тип, Description
pattern_id integer Обязательное поле

The ID of the custom pattern to delete.

custom_pattern_version string or null

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

post_delete_action string

What to do with alerts associated with the deleted patterns. delete_alerts permanently removes the alerts. resolve_alerts resolves the alerts as "pattern deleted". Defaults to delete_alerts when not specified.

По умолчанию.: delete_alerts

Возможные значения: delete_alerts, resolve_alerts

HTTP-коды статуса ответа для «Bulk delete repository custom patterns»

Код состоянияDescription
204

All patterns deleted successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

Примеры кода для «Bulk delete repository custom patterns»

Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.

Пример запроса

delete/repos/{owner}/{repo}/secret-scanning/custom-patterns
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns \ -d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'

All patterns deleted successfully.

Status: 204

Update a repository custom pattern

Updates a secret scanning custom pattern for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Детализированные токены доступа для «Update a repository custom pattern»

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Secret scanning alerts" repository permissions (write)

Параметры для «Update a repository custom pattern»

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
owner string Обязательное поле

The account owner of the repository. The name is not case sensitive.

repo string Обязательное поле

The name of the repository without the .git extension. The name is not case sensitive.

pattern_id integer Обязательное поле

The ID of the custom pattern.

Параметры запроса
Имя., Тип, Description
pattern string

The updated regular expression of the custom pattern.

start_delimiter string

The updated start delimiter regex for the custom pattern.

end_delimiter string

The updated end delimiter regex for the custom pattern.

must_match array of strings

Updated list of regexes that the secret must match.

must_not_match array of strings

Updated list of regexes that the secret must not match.

custom_pattern_version string or null Обязательное поле

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

HTTP-коды статуса ответа для «Update a repository custom pattern»

Код состоянияDescription
200

Pattern updated successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

422

Validation failed, or the endpoint has been spammed.

Примеры кода для «Update a repository custom pattern»

Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.

Пример запроса

patch/repos/{owner}/{repo}/secret-scanning/custom-patterns/{pattern_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns/PATTERN_ID \ -d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'

Pattern updated successfully.

Status: 200
{ "id": 1, "name": "Example Custom Pattern", "pattern": "updated_secret_[0-9A-Z]{16}", "slug": "example_custom_pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": "[^0-9A-Za-z]", "end_delimiter": "[^0-9A-Za-z]", "must_match": [ "updated_secret_[0-9]{2}*" ], "must_not_match": [ "updated_secret_1234567890ABCDEF" ], "custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K", "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-06-01T12:00:00Z" }