REST API endpoints for secret scanning custom patterns
Use the REST API to manage custom patterns for secret scanning.
List enterprise custom patterns
Lists secret scanning custom patterns for an enterprise.
Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Tokens de acceso granulares para "List enterprise custom patterns"
Este punto de conexión no funciona con tokens de acceso de usuario de aplicación de GitHub, tokens de acceso de instalación de aplicaciones de GitHub ni tokens de acceso personales específicos.
Parámetros para "List enterprise custom patterns"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
enterprise string ObligatorioThe slug version of the enterprise name. |
| Nombre, Tipo, Descripción |
|---|
state string Filter custom patterns by state. When absent, returns patterns in all states. Puede ser uno de los siguientes: |
push_protection string Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status. Puede ser uno de los siguientes: |
sort string The property to sort the results by. Valor predeterminado: Puede ser uno de los siguientes: |
direction string The direction to sort the results by. Valor predeterminado: Puede ser uno de los siguientes: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Valor predeterminado: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Valor predeterminado: |
Códigos de estado de respuesta HTTP para "List enterprise custom patterns"
| código de estado | Descripción |
|---|---|
200 | OK |
403 | Forbidden |
404 | Resource not found |
Ejemplos de código para "List enterprise custom patterns"
Si accede a GitHub en GHE.com, reemplace api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patternsResponse
Status: 200[
{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "[a-z]+_token_[0-9]+",
"slug": "example-custom-pattern",
"state": "published",
"push_protection_enabled": true,
"start_delimiter": null,
"end_delimiter": null,
"must_match": null,
"must_not_match": null,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
},
{
"id": 2,
"name": "Another Custom Pattern",
"pattern": "prefix_[a-zA-Z0-9]{32}",
"slug": "another-custom-pattern",
"state": "published",
"push_protection_enabled": false,
"start_delimiter": "\\b",
"end_delimiter": "\\b",
"must_match": [
"^prefix_prod"
],
"must_not_match": [
"test"
],
"created_at": "2024-01-16T14:20:00Z",
"updated_at": "2024-01-17T09:15:00Z"
}
]Bulk create enterprise custom patterns
Bulk creates secret scanning custom patterns for an enterprise.
Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Tokens de acceso granulares para "Bulk create enterprise custom patterns"
Este punto de conexión no funciona con tokens de acceso de usuario de aplicación de GitHub, tokens de acceso de instalación de aplicaciones de GitHub ni tokens de acceso personales específicos.
Parámetros para "Bulk create enterprise custom patterns"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
enterprise string ObligatorioThe slug version of the enterprise name. |
| Nombre, Tipo, Descripción | |||||||
|---|---|---|---|---|---|---|---|
patterns array of objects ObligatorioThe list of custom patterns to create. | |||||||
Properties of |
| Nombre, Tipo, Descripción |
|---|
name string ObligatorioThe name of the custom pattern. |
pattern string ObligatorioThe regular expression of the custom pattern. |
start_delimiter string The start delimiter regex for the custom pattern.
Defaults to Valor predeterminado: |
end_delimiter string The end delimiter regex for the custom pattern.
Defaults to Valor predeterminado: |
must_match array of strings List of regexes that the secret must match. |
must_not_match array of strings List of regexes that the secret must not match. |
Códigos de estado de respuesta HTTP para "Bulk create enterprise custom patterns"
| código de estado | Descripción |
|---|---|
201 | All patterns created successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
422 | Validation failed for one or more patterns. |
Ejemplos de código para "Bulk create enterprise custom patterns"
Si accede a GitHub en GHE.com, reemplace api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns \
-d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'All patterns created successfully.
Status: 201{
"created_patterns": [
{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "[a-z]+_token_[0-9]+",
"slug": "example-custom-pattern",
"state": "unpublished",
"push_protection_enabled": false,
"start_delimiter": null,
"end_delimiter": null,
"must_match": null,
"must_not_match": null,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
},
{
"id": 2,
"name": "Another Custom Pattern",
"pattern": "prefix_[a-zA-Z0-9]{32}",
"slug": "another-custom-pattern",
"state": "unpublished",
"push_protection_enabled": false,
"start_delimiter": "\\b",
"end_delimiter": "\\b",
"must_match": [
"^prefix_prod"
],
"must_not_match": [
"test"
],
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
}
]
}Bulk delete enterprise custom patterns
Bulk deletes secret scanning custom patterns for an enterprise.
Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Tokens de acceso granulares para "Bulk delete enterprise custom patterns"
Este punto de conexión no funciona con tokens de acceso de usuario de aplicación de GitHub, tokens de acceso de instalación de aplicaciones de GitHub ni tokens de acceso personales específicos.
Parámetros para "Bulk delete enterprise custom patterns"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
enterprise string ObligatorioThe slug version of the enterprise name. |
| Nombre, Tipo, Descripción | |||
|---|---|---|---|
patterns array of objects ObligatorioThe list of custom patterns to delete. | |||
Properties of |
| Nombre, Tipo, Descripción |
|---|
pattern_id integer ObligatorioThe ID of the custom pattern to delete. |
custom_pattern_version string or null The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. |
post_delete_action string What to do with alerts associated with the deleted patterns.
delete_alerts permanently removes the alerts.
resolve_alerts resolves the alerts as "pattern deleted".
Defaults to delete_alerts when not specified.
Valor predeterminado: delete_alerts
Puede ser uno de los siguientes: delete_alerts, resolve_alerts
Códigos de estado de respuesta HTTP para "Bulk delete enterprise custom patterns"
| código de estado | Descripción |
|---|---|
204 | All patterns deleted successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
412 | Precondition Failed |
Ejemplos de código para "Bulk delete enterprise custom patterns"
Si accede a GitHub en GHE.com, reemplace api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns \
-d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'All patterns deleted successfully.
Status: 204Update an enterprise custom pattern
Updates a secret scanning custom pattern for an enterprise.
Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Tokens de acceso granulares para "Update an enterprise custom pattern"
Este punto de conexión no funciona con tokens de acceso de usuario de aplicación de GitHub, tokens de acceso de instalación de aplicaciones de GitHub ni tokens de acceso personales específicos.
Parámetros para "Update an enterprise custom pattern"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
enterprise string ObligatorioThe slug version of the enterprise name. |
pattern_id integer ObligatorioThe ID of the custom pattern. |
| Nombre, Tipo, Descripción |
|---|
pattern string The updated regular expression of the custom pattern. |
start_delimiter string The updated start delimiter regex for the custom pattern. |
end_delimiter string The updated end delimiter regex for the custom pattern. |
must_match array of strings Updated list of regexes that the secret must match. |
must_not_match array of strings Updated list of regexes that the secret must not match. |
custom_pattern_version string or null ObligatorioThe version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. |
Códigos de estado de respuesta HTTP para "Update an enterprise custom pattern"
| código de estado | Descripción |
|---|---|
200 | Pattern updated successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
412 | Precondition Failed |
422 | Validation failed, or the endpoint has been spammed. |
Ejemplos de código para "Update an enterprise custom pattern"
Si accede a GitHub en GHE.com, reemplace api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns/PATTERN_ID \
-d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'Pattern updated successfully.
Status: 200{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "updated_secret_[0-9A-Z]{16}",
"slug": "example_custom_pattern",
"state": "published",
"push_protection_enabled": true,
"start_delimiter": "[^0-9A-Za-z]",
"end_delimiter": "[^0-9A-Za-z]",
"must_match": [
"updated_secret_[0-9]{2}*"
],
"must_not_match": [
"updated_secret_1234567890ABCDEF"
],
"custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K",
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-06-01T12:00:00Z"
}List organization custom patterns
Lists secret scanning custom patterns for an organization.
Personal access tokens (classic) need the read:org scope to use this endpoint.
Tokens de acceso granulares para "List organization custom patterns"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Administration" organization permissions (read)
Parámetros para "List organization custom patterns"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
org string ObligatorioThe organization name. The name is not case sensitive. |
| Nombre, Tipo, Descripción |
|---|
state string Filter custom patterns by state. When absent, returns patterns in all states. Puede ser uno de los siguientes: |
push_protection string Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status. Puede ser uno de los siguientes: |
sort string The property to sort the results by. Valor predeterminado: Puede ser uno de los siguientes: |
direction string The direction to sort the results by. Valor predeterminado: Puede ser uno de los siguientes: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Valor predeterminado: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Valor predeterminado: |
Códigos de estado de respuesta HTTP para "List organization custom patterns"
| código de estado | Descripción |
|---|---|
200 | OK |
403 | Forbidden |
404 | Resource not found |
Ejemplos de código para "List organization custom patterns"
Si accede a GitHub en GHE.com, reemplace api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/orgs/ORG/secret-scanning/custom-patternsResponse
Status: 200[
{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "[a-z]+_token_[0-9]+",
"slug": "example-custom-pattern",
"state": "published",
"push_protection_enabled": true,
"start_delimiter": null,
"end_delimiter": null,
"must_match": null,
"must_not_match": null,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
},
{
"id": 2,
"name": "Another Custom Pattern",
"pattern": "prefix_[a-zA-Z0-9]{32}",
"slug": "another-custom-pattern",
"state": "published",
"push_protection_enabled": false,
"start_delimiter": "\\b",
"end_delimiter": "\\b",
"must_match": [
"^prefix_prod"
],
"must_not_match": [
"test"
],
"created_at": "2024-01-16T14:20:00Z",
"updated_at": "2024-01-17T09:15:00Z"
}
]Bulk create organization custom patterns
Bulk creates secret scanning custom patterns for an organization.
Personal access tokens (classic) need the write:org scope to use this endpoint.
Tokens de acceso granulares para "Bulk create organization custom patterns"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Administration" organization permissions (write)
Parámetros para "Bulk create organization custom patterns"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
org string ObligatorioThe organization name. The name is not case sensitive. |
| Nombre, Tipo, Descripción | |||||||
|---|---|---|---|---|---|---|---|
patterns array of objects ObligatorioThe list of custom patterns to create. | |||||||
Properties of |
| Nombre, Tipo, Descripción |
|---|
name string ObligatorioThe name of the custom pattern. |
pattern string ObligatorioThe regular expression of the custom pattern. |
start_delimiter string The start delimiter regex for the custom pattern.
Defaults to Valor predeterminado: |
end_delimiter string The end delimiter regex for the custom pattern.
Defaults to Valor predeterminado: |
must_match array of strings List of regexes that the secret must match. |
must_not_match array of strings List of regexes that the secret must not match. |
Códigos de estado de respuesta HTTP para "Bulk create organization custom patterns"
| código de estado | Descripción |
|---|---|
201 | All patterns created successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
422 | Validation failed for one or more patterns. |
Ejemplos de código para "Bulk create organization custom patterns"
Si accede a GitHub en GHE.com, reemplace api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/orgs/ORG/secret-scanning/custom-patterns \
-d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'All patterns created successfully.
Status: 201{
"created_patterns": [
{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "[a-z]+_token_[0-9]+",
"slug": "example-custom-pattern",
"state": "unpublished",
"push_protection_enabled": false,
"start_delimiter": null,
"end_delimiter": null,
"must_match": null,
"must_not_match": null,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
},
{
"id": 2,
"name": "Another Custom Pattern",
"pattern": "prefix_[a-zA-Z0-9]{32}",
"slug": "another-custom-pattern",
"state": "unpublished",
"push_protection_enabled": false,
"start_delimiter": "\\b",
"end_delimiter": "\\b",
"must_match": [
"^prefix_prod"
],
"must_not_match": [
"test"
],
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
}
]
}Bulk delete organization custom patterns
Bulk deletes secret scanning custom patterns for an organization.
Personal access tokens (classic) need the write:org scope to use this endpoint.
Tokens de acceso granulares para "Bulk delete organization custom patterns"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Administration" organization permissions (write)
Parámetros para "Bulk delete organization custom patterns"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
org string ObligatorioThe organization name. The name is not case sensitive. |
| Nombre, Tipo, Descripción | |||
|---|---|---|---|
patterns array of objects ObligatorioThe list of custom patterns to delete. | |||
Properties of |
| Nombre, Tipo, Descripción |
|---|
pattern_id integer ObligatorioThe ID of the custom pattern to delete. |
custom_pattern_version string or null The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. |
post_delete_action string What to do with alerts associated with the deleted patterns.
delete_alerts permanently removes the alerts.
resolve_alerts resolves the alerts as "pattern deleted".
Defaults to delete_alerts when not specified.
Valor predeterminado: delete_alerts
Puede ser uno de los siguientes: delete_alerts, resolve_alerts
Códigos de estado de respuesta HTTP para "Bulk delete organization custom patterns"
| código de estado | Descripción |
|---|---|
204 | All patterns deleted successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
412 | Precondition Failed |
Ejemplos de código para "Bulk delete organization custom patterns"
Si accede a GitHub en GHE.com, reemplace api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/orgs/ORG/secret-scanning/custom-patterns \
-d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'All patterns deleted successfully.
Status: 204Update an organization custom pattern
Updates a secret scanning custom pattern for an organization.
Personal access tokens (classic) need the write:org scope to use this endpoint.
Tokens de acceso granulares para "Update an organization custom pattern"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Administration" organization permissions (write)
Parámetros para "Update an organization custom pattern"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
org string ObligatorioThe organization name. The name is not case sensitive. |
pattern_id integer ObligatorioThe ID of the custom pattern. |
| Nombre, Tipo, Descripción |
|---|
pattern string The updated regular expression of the custom pattern. |
start_delimiter string The updated start delimiter regex for the custom pattern. |
end_delimiter string The updated end delimiter regex for the custom pattern. |
must_match array of strings Updated list of regexes that the secret must match. |
must_not_match array of strings Updated list of regexes that the secret must not match. |
custom_pattern_version string or null ObligatorioThe version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. |
Códigos de estado de respuesta HTTP para "Update an organization custom pattern"
| código de estado | Descripción |
|---|---|
200 | Pattern updated successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
412 | Precondition Failed |
422 | Validation failed, or the endpoint has been spammed. |
Ejemplos de código para "Update an organization custom pattern"
Si accede a GitHub en GHE.com, reemplace api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/orgs/ORG/secret-scanning/custom-patterns/PATTERN_ID \
-d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'Pattern updated successfully.
Status: 200{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "updated_secret_[0-9A-Z]{16}",
"slug": "example_custom_pattern",
"state": "published",
"push_protection_enabled": true,
"start_delimiter": "[^0-9A-Za-z]",
"end_delimiter": "[^0-9A-Za-z]",
"must_match": [
"updated_secret_[0-9]{2}*"
],
"must_not_match": [
"updated_secret_1234567890ABCDEF"
],
"custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K",
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-06-01T12:00:00Z"
}List repository custom patterns
Lists secret scanning custom patterns for a repository.
OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.
Tokens de acceso granulares para "List repository custom patterns"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Secret scanning alerts" repository permissions (read)
Parámetros para "List repository custom patterns"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
owner string ObligatorioThe account owner of the repository. The name is not case sensitive. |
repo string ObligatorioThe name of the repository without the |
| Nombre, Tipo, Descripción |
|---|
state string Filter custom patterns by state. When absent, returns patterns in all states. Puede ser uno de los siguientes: |
push_protection string Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status. Puede ser uno de los siguientes: |
sort string The property to sort the results by. Valor predeterminado: Puede ser uno de los siguientes: |
direction string The direction to sort the results by. Valor predeterminado: Puede ser uno de los siguientes: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Valor predeterminado: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Valor predeterminado: |
Códigos de estado de respuesta HTTP para "List repository custom patterns"
| código de estado | Descripción |
|---|---|
200 | OK |
403 | Forbidden |
404 | Resource not found |
Ejemplos de código para "List repository custom patterns"
Si accede a GitHub en GHE.com, reemplace api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patternsResponse
Status: 200[
{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "[a-z]+_token_[0-9]+",
"slug": "example-custom-pattern",
"state": "published",
"push_protection_enabled": true,
"start_delimiter": null,
"end_delimiter": null,
"must_match": null,
"must_not_match": null,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
},
{
"id": 2,
"name": "Another Custom Pattern",
"pattern": "prefix_[a-zA-Z0-9]{32}",
"slug": "another-custom-pattern",
"state": "published",
"push_protection_enabled": false,
"start_delimiter": "\\b",
"end_delimiter": "\\b",
"must_match": [
"^prefix_prod"
],
"must_not_match": [
"test"
],
"created_at": "2024-01-16T14:20:00Z",
"updated_at": "2024-01-17T09:15:00Z"
}
]Bulk create repository custom patterns
Bulk creates secret scanning custom patterns for a repository.
OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.
Tokens de acceso granulares para "Bulk create repository custom patterns"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Secret scanning alerts" repository permissions (write)
Parámetros para "Bulk create repository custom patterns"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
owner string ObligatorioThe account owner of the repository. The name is not case sensitive. |
repo string ObligatorioThe name of the repository without the |
| Nombre, Tipo, Descripción | |||||||
|---|---|---|---|---|---|---|---|
patterns array of objects ObligatorioThe list of custom patterns to create. | |||||||
Properties of |
| Nombre, Tipo, Descripción |
|---|
name string ObligatorioThe name of the custom pattern. |
pattern string ObligatorioThe regular expression of the custom pattern. |
start_delimiter string The start delimiter regex for the custom pattern.
Defaults to Valor predeterminado: |
end_delimiter string The end delimiter regex for the custom pattern.
Defaults to Valor predeterminado: |
must_match array of strings List of regexes that the secret must match. |
must_not_match array of strings List of regexes that the secret must not match. |
Códigos de estado de respuesta HTTP para "Bulk create repository custom patterns"
| código de estado | Descripción |
|---|---|
201 | All patterns created successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
422 | Validation failed for one or more patterns. |
Ejemplos de código para "Bulk create repository custom patterns"
Si accede a GitHub en GHE.com, reemplace api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns \
-d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'All patterns created successfully.
Status: 201{
"created_patterns": [
{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "[a-z]+_token_[0-9]+",
"slug": "example-custom-pattern",
"state": "unpublished",
"push_protection_enabled": false,
"start_delimiter": null,
"end_delimiter": null,
"must_match": null,
"must_not_match": null,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
},
{
"id": 2,
"name": "Another Custom Pattern",
"pattern": "prefix_[a-zA-Z0-9]{32}",
"slug": "another-custom-pattern",
"state": "unpublished",
"push_protection_enabled": false,
"start_delimiter": "\\b",
"end_delimiter": "\\b",
"must_match": [
"^prefix_prod"
],
"must_not_match": [
"test"
],
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
}
]
}Bulk delete repository custom patterns
Bulk deletes secret scanning custom patterns for a repository.
OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.
Tokens de acceso granulares para "Bulk delete repository custom patterns"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Secret scanning alerts" repository permissions (write)
Parámetros para "Bulk delete repository custom patterns"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
owner string ObligatorioThe account owner of the repository. The name is not case sensitive. |
repo string ObligatorioThe name of the repository without the |
| Nombre, Tipo, Descripción | |||
|---|---|---|---|
patterns array of objects ObligatorioThe list of custom patterns to delete. | |||
Properties of |
| Nombre, Tipo, Descripción |
|---|
pattern_id integer ObligatorioThe ID of the custom pattern to delete. |
custom_pattern_version string or null The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. |
post_delete_action string What to do with alerts associated with the deleted patterns.
delete_alerts permanently removes the alerts.
resolve_alerts resolves the alerts as "pattern deleted".
Defaults to delete_alerts when not specified.
Valor predeterminado: delete_alerts
Puede ser uno de los siguientes: delete_alerts, resolve_alerts
Códigos de estado de respuesta HTTP para "Bulk delete repository custom patterns"
| código de estado | Descripción |
|---|---|
204 | All patterns deleted successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
412 | Precondition Failed |
Ejemplos de código para "Bulk delete repository custom patterns"
Si accede a GitHub en GHE.com, reemplace api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns \
-d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'All patterns deleted successfully.
Status: 204Update a repository custom pattern
Updates a secret scanning custom pattern for a repository.
OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.
Tokens de acceso granulares para "Update a repository custom pattern"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Secret scanning alerts" repository permissions (write)
Parámetros para "Update a repository custom pattern"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
owner string ObligatorioThe account owner of the repository. The name is not case sensitive. |
repo string ObligatorioThe name of the repository without the |
pattern_id integer ObligatorioThe ID of the custom pattern. |
| Nombre, Tipo, Descripción |
|---|
pattern string The updated regular expression of the custom pattern. |
start_delimiter string The updated start delimiter regex for the custom pattern. |
end_delimiter string The updated end delimiter regex for the custom pattern. |
must_match array of strings Updated list of regexes that the secret must match. |
must_not_match array of strings Updated list of regexes that the secret must not match. |
custom_pattern_version string or null ObligatorioThe version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. |
Códigos de estado de respuesta HTTP para "Update a repository custom pattern"
| código de estado | Descripción |
|---|---|
200 | Pattern updated successfully. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
412 | Precondition Failed |
422 | Validation failed, or the endpoint has been spammed. |
Ejemplos de código para "Update a repository custom pattern"
Si accede a GitHub en GHE.com, reemplace api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns/PATTERN_ID \
-d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'Pattern updated successfully.
Status: 200{
"id": 1,
"name": "Example Custom Pattern",
"pattern": "updated_secret_[0-9A-Z]{16}",
"slug": "example_custom_pattern",
"state": "published",
"push_protection_enabled": true,
"start_delimiter": "[^0-9A-Za-z]",
"end_delimiter": "[^0-9A-Za-z]",
"must_match": [
"updated_secret_[0-9]{2}*"
],
"must_not_match": [
"updated_secret_1234567890ABCDEF"
],
"custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K",
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-06-01T12:00:00Z"
}