Skip to main content
REST API 现已开始进行版本化。 有关详细信息,请参阅“关于 API 版本控制”。

用于机密扫描自定义模式的 REST API 终结点

使用 REST API 管理用于机密扫描的自定义模式。

List organization custom patterns

Lists secret scanning custom patterns for an organization.

Personal access tokens (classic) need the read:org scope to use this endpoint.

“List organization custom patterns”的细粒度访问令牌

此端点支持以下精细令牌类型:

细粒度令牌必须具有以下权限集:

  • "Administration" organization permissions (read)

“”List organization custom patterns 的参数

标头
名称, 类型, 说明
accept string

Setting to application/vnd.github+json is recommended.

路径参数
名称, 类型, 说明
org string 必须

The organization name. The name is not case sensitive.

查询参数
名称, 类型, 说明
state string

Filter custom patterns by state. When absent, returns patterns in all states.

可以是以下选项之一: published, unpublished

push_protection string

Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status.

可以是以下选项之一: enabled, disabled

sort string

The property to sort the results by.

默认: created

可以是以下选项之一: created, updated, name

direction string

The direction to sort the results by.

默认: desc

可以是以下选项之一: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

默认: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

默认: 30

“List organization custom patterns”的 HTTP 响应状态代码

状态代码说明
200

OK

403

Forbidden

404

Resource not found

“List organization custom patterns”的代码示例

请求示例

get/orgs/{org}/secret-scanning/custom-patterns
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns

Response

Status: 200
[ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "published", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-16T14:20:00Z", "updated_at": "2024-01-17T09:15:00Z" } ]

Bulk create organization custom patterns

Bulk creates secret scanning custom patterns for an organization.

Personal access tokens (classic) need the write:org scope to use this endpoint.

“Bulk create organization custom patterns”的细粒度访问令牌

此端点支持以下精细令牌类型:

细粒度令牌必须具有以下权限集:

  • "Administration" organization permissions (write)

“”Bulk create organization custom patterns 的参数

标头
名称, 类型, 说明
accept string

Setting to application/vnd.github+json is recommended.

路径参数
名称, 类型, 说明
org string 必须

The organization name. The name is not case sensitive.

主体参数
名称, 类型, 说明
patterns array of objects 必须

The list of custom patterns to create.

名称, 类型, 说明
name string 必须

The name of the custom pattern.

pattern string 必须

The regular expression of the custom pattern.

start_delimiter string

The start delimiter regex for the custom pattern. Defaults to \A|[^0-9A-Za-z] when not specified.

默认: \A|[^0-9A-Za-z]

end_delimiter string

The end delimiter regex for the custom pattern. Defaults to \z|[^0-9A-Za-z] when not specified.

默认: \z|[^0-9A-Za-z]

must_match array of strings

List of regexes that the secret must match.

must_not_match array of strings

List of regexes that the secret must not match.

“Bulk create organization custom patterns”的 HTTP 响应状态代码

状态代码说明
201

All patterns created successfully.

400

Bad Request

403

Forbidden

404

Resource not found

422

Validation failed for one or more patterns.

“Bulk create organization custom patterns”的代码示例

请求示例

post/orgs/{org}/secret-scanning/custom-patterns
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns \ -d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'

All patterns created successfully.

Status: 201
{ "created_patterns": [ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" } ] }

Bulk delete organization custom patterns

Bulk deletes secret scanning custom patterns for an organization.

Personal access tokens (classic) need the write:org scope to use this endpoint.

“Bulk delete organization custom patterns”的细粒度访问令牌

此端点支持以下精细令牌类型:

细粒度令牌必须具有以下权限集:

  • "Administration" organization permissions (write)

“”Bulk delete organization custom patterns 的参数

标头
名称, 类型, 说明
accept string

Setting to application/vnd.github+json is recommended.

路径参数
名称, 类型, 说明
org string 必须

The organization name. The name is not case sensitive.

主体参数
名称, 类型, 说明
patterns array of objects 必须

The list of custom patterns to delete.

名称, 类型, 说明
pattern_id integer 必须

The ID of the custom pattern to delete.

custom_pattern_version string or null

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

post_delete_action string

What to do with alerts associated with the deleted patterns. delete_alerts permanently removes the alerts. resolve_alerts resolves the alerts as "pattern deleted". Defaults to delete_alerts when not specified.

默认: delete_alerts

可以是以下选项之一: delete_alerts, resolve_alerts

“Bulk delete organization custom patterns”的 HTTP 响应状态代码

状态代码说明
204

All patterns deleted successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

“Bulk delete organization custom patterns”的代码示例

请求示例

delete/orgs/{org}/secret-scanning/custom-patterns
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns \ -d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'

All patterns deleted successfully.

Status: 204

Update an organization custom pattern

Updates a secret scanning custom pattern for an organization.

Personal access tokens (classic) need the write:org scope to use this endpoint.

“Update an organization custom pattern”的细粒度访问令牌

此端点支持以下精细令牌类型:

细粒度令牌必须具有以下权限集:

  • "Administration" organization permissions (write)

“”Update an organization custom pattern 的参数

标头
名称, 类型, 说明
accept string

Setting to application/vnd.github+json is recommended.

路径参数
名称, 类型, 说明
org string 必须

The organization name. The name is not case sensitive.

pattern_id integer 必须

The ID of the custom pattern.

主体参数
名称, 类型, 说明
pattern string

The updated regular expression of the custom pattern.

start_delimiter string

The updated start delimiter regex for the custom pattern.

end_delimiter string

The updated end delimiter regex for the custom pattern.

must_match array of strings

Updated list of regexes that the secret must match.

must_not_match array of strings

Updated list of regexes that the secret must not match.

custom_pattern_version string or null 必须

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

“Update an organization custom pattern”的 HTTP 响应状态代码

状态代码说明
200

Pattern updated successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

422

Validation failed, or the endpoint has been spammed.

“Update an organization custom pattern”的代码示例

请求示例

patch/orgs/{org}/secret-scanning/custom-patterns/{pattern_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns/PATTERN_ID \ -d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'

Pattern updated successfully.

Status: 200
{ "id": 1, "name": "Example Custom Pattern", "pattern": "updated_secret_[0-9A-Z]{16}", "slug": "example_custom_pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": "[^0-9A-Za-z]", "end_delimiter": "[^0-9A-Za-z]", "must_match": [ "updated_secret_[0-9]{2}*" ], "must_not_match": [ "updated_secret_1234567890ABCDEF" ], "custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K", "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-06-01T12:00:00Z" }

List repository custom patterns

Lists secret scanning custom patterns for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

“List repository custom patterns”的细粒度访问令牌

此端点支持以下精细令牌类型:

细粒度令牌必须具有以下权限集:

  • "Secret scanning alerts" repository permissions (read)

“”List repository custom patterns 的参数

标头
名称, 类型, 说明
accept string

Setting to application/vnd.github+json is recommended.

路径参数
名称, 类型, 说明
owner string 必须

The account owner of the repository. The name is not case sensitive.

repo string 必须

The name of the repository without the .git extension. The name is not case sensitive.

查询参数
名称, 类型, 说明
state string

Filter custom patterns by state. When absent, returns patterns in all states.

可以是以下选项之一: published, unpublished

push_protection string

Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status.

可以是以下选项之一: enabled, disabled

sort string

The property to sort the results by.

默认: created

可以是以下选项之一: created, updated, name

direction string

The direction to sort the results by.

默认: desc

可以是以下选项之一: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

默认: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

默认: 30

“List repository custom patterns”的 HTTP 响应状态代码

状态代码说明
200

OK

403

Forbidden

404

Resource not found

“List repository custom patterns”的代码示例

请求示例

get/repos/{owner}/{repo}/secret-scanning/custom-patterns
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns

Response

Status: 200
[ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "published", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-16T14:20:00Z", "updated_at": "2024-01-17T09:15:00Z" } ]

Bulk create repository custom patterns

Bulk creates secret scanning custom patterns for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

“Bulk create repository custom patterns”的细粒度访问令牌

此端点支持以下精细令牌类型:

细粒度令牌必须具有以下权限集:

  • "Secret scanning alerts" repository permissions (write)

“”Bulk create repository custom patterns 的参数

标头
名称, 类型, 说明
accept string

Setting to application/vnd.github+json is recommended.

路径参数
名称, 类型, 说明
owner string 必须

The account owner of the repository. The name is not case sensitive.

repo string 必须

The name of the repository without the .git extension. The name is not case sensitive.

主体参数
名称, 类型, 说明
patterns array of objects 必须

The list of custom patterns to create.

名称, 类型, 说明
name string 必须

The name of the custom pattern.

pattern string 必须

The regular expression of the custom pattern.

start_delimiter string

The start delimiter regex for the custom pattern. Defaults to \A|[^0-9A-Za-z] when not specified.

默认: \A|[^0-9A-Za-z]

end_delimiter string

The end delimiter regex for the custom pattern. Defaults to \z|[^0-9A-Za-z] when not specified.

默认: \z|[^0-9A-Za-z]

must_match array of strings

List of regexes that the secret must match.

must_not_match array of strings

List of regexes that the secret must not match.

“Bulk create repository custom patterns”的 HTTP 响应状态代码

状态代码说明
201

All patterns created successfully.

400

Bad Request

403

Forbidden

404

Resource not found

422

Validation failed for one or more patterns.

“Bulk create repository custom patterns”的代码示例

请求示例

post/repos/{owner}/{repo}/secret-scanning/custom-patterns
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns \ -d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'

All patterns created successfully.

Status: 201
{ "created_patterns": [ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" } ] }

Bulk delete repository custom patterns

Bulk deletes secret scanning custom patterns for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

“Bulk delete repository custom patterns”的细粒度访问令牌

此端点支持以下精细令牌类型:

细粒度令牌必须具有以下权限集:

  • "Secret scanning alerts" repository permissions (write)

“”Bulk delete repository custom patterns 的参数

标头
名称, 类型, 说明
accept string

Setting to application/vnd.github+json is recommended.

路径参数
名称, 类型, 说明
owner string 必须

The account owner of the repository. The name is not case sensitive.

repo string 必须

The name of the repository without the .git extension. The name is not case sensitive.

主体参数
名称, 类型, 说明
patterns array of objects 必须

The list of custom patterns to delete.

名称, 类型, 说明
pattern_id integer 必须

The ID of the custom pattern to delete.

custom_pattern_version string or null

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

post_delete_action string

What to do with alerts associated with the deleted patterns. delete_alerts permanently removes the alerts. resolve_alerts resolves the alerts as "pattern deleted". Defaults to delete_alerts when not specified.

默认: delete_alerts

可以是以下选项之一: delete_alerts, resolve_alerts

“Bulk delete repository custom patterns”的 HTTP 响应状态代码

状态代码说明
204

All patterns deleted successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

“Bulk delete repository custom patterns”的代码示例

请求示例

delete/repos/{owner}/{repo}/secret-scanning/custom-patterns
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns \ -d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'

All patterns deleted successfully.

Status: 204

Update a repository custom pattern

Updates a secret scanning custom pattern for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

“Update a repository custom pattern”的细粒度访问令牌

此端点支持以下精细令牌类型:

细粒度令牌必须具有以下权限集:

  • "Secret scanning alerts" repository permissions (write)

“”Update a repository custom pattern 的参数

标头
名称, 类型, 说明
accept string

Setting to application/vnd.github+json is recommended.

路径参数
名称, 类型, 说明
owner string 必须

The account owner of the repository. The name is not case sensitive.

repo string 必须

The name of the repository without the .git extension. The name is not case sensitive.

pattern_id integer 必须

The ID of the custom pattern.

主体参数
名称, 类型, 说明
pattern string

The updated regular expression of the custom pattern.

start_delimiter string

The updated start delimiter regex for the custom pattern.

end_delimiter string

The updated end delimiter regex for the custom pattern.

must_match array of strings

Updated list of regexes that the secret must match.

must_not_match array of strings

Updated list of regexes that the secret must not match.

custom_pattern_version string or null 必须

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

“Update a repository custom pattern”的 HTTP 响应状态代码

状态代码说明
200

Pattern updated successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

422

Validation failed, or the endpoint has been spammed.

“Update a repository custom pattern”的代码示例

请求示例

patch/repos/{owner}/{repo}/secret-scanning/custom-patterns/{pattern_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns/PATTERN_ID \ -d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'

Pattern updated successfully.

Status: 200
{ "id": 1, "name": "Example Custom Pattern", "pattern": "updated_secret_[0-9A-Z]{16}", "slug": "example_custom_pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": "[^0-9A-Za-z]", "end_delimiter": "[^0-9A-Za-z]", "must_match": [ "updated_secret_[0-9]{2}*" ], "must_not_match": [ "updated_secret_1234567890ABCDEF" ], "custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K", "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-06-01T12:00:00Z" }