Diese Version von GitHub Enterprise Server wird eingestellt am 2026-08-25. Nicht mehr unterstützte Versionen werden nicht unterstützt. Es wird keine Patch-Freigabe vorgenommen, auch nicht für kritische Sicherheitsprobleme. Eine bessere Leistung, verbesserte Sicherheit und neue Features in GitHub Enterprise Server finden Sie unter Overview des Upgradeprozesses. Wenden Sie sich bei Fragen zum Upgrade an den GitHub Enterprise Support.

Die REST-API ist jetzt versioniert. Weitere Informationen findest du unter Informationen zur API-Versionsverwaltung.

Organisationskonfigurationen

Verwende die REST-API, um private Registrierungskonfigurationen für Organisationen zu verwalten.

List private registries for an organization

Lists all private registry configurations available at the organization-level without revealing their encrypted values.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

Feinkörnige Zugriffstoken für "List private registries for an organization"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Organization private registries" organization permissions (read)

Parameter für "List private registries for an organization"

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
org string Erforderlich

The organization name. The name is not case sensitive.

Abfrageparameter
per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Standard: 30

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Standard: 1

HTTP-Antwortstatuscodes für "List private registries for an organization"

StatuscodeBESCHREIBUNG
200

OK

400

Bad Request

404

Resource not found

Codebeispiele für "List private registries for an organization"

Anforderungsbeispiel

get/orgs/{org}/private-registries
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/private-registries

Response

Status: 200
{ "total_count": 1, "configurations": [ { "name": "MAVEN_REPOSITORY_SECRET", "registry_type": "maven_repository", "username": "monalisa", "created_at": "2019-08-10T14:59:22Z", "updated_at": "2020-01-10T14:59:22Z", "visibility": "selected" } ] }

Get private registries public key for an organization

Gets the org public key, which is needed to encrypt private registry secrets. You need to encrypt a secret before you can create or update secrets.

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

Feinkörnige Zugriffstoken für "Get private registries public key for an organization"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Organization private registries" organization permissions (read)

Parameter für "Get private registries public key for an organization"

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
org string Erforderlich

The organization name. The name is not case sensitive.

HTTP-Antwortstatuscodes für "Get private registries public key for an organization"

StatuscodeBESCHREIBUNG
200

OK

404

Resource not found

Codebeispiele für "Get private registries public key for an organization"

Anforderungsbeispiel

get/orgs/{org}/private-registries/public-key
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/private-registries/public-key

Response

Status: 200
{ "key_id": "012345678912345678", "key": "2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234" }

Get a private registry for an organization

Get the configuration of a single private registry defined for an organization, omitting its encrypted value.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

Feinkörnige Zugriffstoken für "Get a private registry for an organization"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Organization private registries" organization permissions (read)

Parameter für "Get a private registry for an organization"

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
org string Erforderlich

The organization name. The name is not case sensitive.

secret_name string Erforderlich

The name of the secret.

HTTP-Antwortstatuscodes für "Get a private registry for an organization"

StatuscodeBESCHREIBUNG
200

The specified private registry configuration for the organization

404

Resource not found

Codebeispiele für "Get a private registry for an organization"

Anforderungsbeispiel

get/orgs/{org}/private-registries/{secret_name}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/private-registries/SECRET_NAME

The specified private registry configuration for the organization

Status: 200
{ "name": "MAVEN_REPOSITORY_SECRET", "registry_type": "maven_repository", "username": "monalisa", "visibility": "private", "created_at": "2019-08-10T14:59:22Z", "updated_at": "2020-01-10T14:59:22Z" }

Update a private registry for an organization

Updates a private registry configuration with an encrypted value for an organization. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API." For OIDC-based registries (oidc_azure, oidc_aws, oidc_jfrog, oidc_cloudsmith, or oidc_gcp), the encrypted_value and key_id fields should be omitted.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

Feinkörnige Zugriffstoken für "Update a private registry for an organization"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Organization private registries" organization permissions (write)

Parameter für "Update a private registry for an organization"

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
org string Erforderlich

The organization name. The name is not case sensitive.

secret_name string Erforderlich

The name of the secret.

Körperparameter
registry_type string

The registry type.

Kann eine der folgenden sein: maven_repository, nuget_feed, goproxy_server, npm_registry, rubygems_server, cargo_registry, composer_repository, docker_registry, git_source, helm_registry, hex_organization, hex_repository, pub_repository, python_index, terraform_registry

url string

The URL of the private registry.

username string or null

The username to use when authenticating with the private registry. This field should be omitted if the private registry does not require a username for authentication.

replaces_base boolean

Whether this private registry should replace the base registry (e.g., npmjs.org for npm, rubygems.org for rubygems). When set to true, Dependabot will only use this registry and will not fall back to the public registry. When set to false (default), Dependabot will use this registry for scoped packages but may fall back to the public registry for other packages.

Standard: false

encrypted_value string

The value for your secret, encrypted with LibSodium using the public key retrieved from the Get private registries public key for an organization endpoint.

key_id string

The ID of the key you used to encrypt the secret.

visibility string

Which type of organization repositories have access to the private registry. selected means only the repositories specified by selected_repository_ids can access the private registry.

Kann eine der folgenden sein: all, private, selected

selected_repository_ids array of integers

An array of repository IDs that can access the organization private registry. You can only provide a list of repository IDs when visibility is set to selected. This field should be omitted if visibility is set to all or private.

auth_type string

The authentication type for the private registry. This field cannot be changed after creation. If provided, it must match the existing auth_type of the configuration. To change the authentication type, delete and recreate the configuration.

Kann eine der folgenden sein: token, username_password, oidc_azure, oidc_aws, oidc_jfrog, oidc_cloudsmith, oidc_gcp

tenant_id string

The tenant ID of the Azure AD application. Required when auth_type is oidc_azure.

client_id string

The client ID of the Azure AD application. Required when auth_type is oidc_azure.

aws_region string

The AWS region. Required when auth_type is oidc_aws.

account_id string

The AWS account ID. Required when auth_type is oidc_aws.

role_name string

The AWS IAM role name. Required when auth_type is oidc_aws.

domain string

The CodeArtifact domain. Required when auth_type is oidc_aws.

domain_owner string

The CodeArtifact domain owner (AWS account ID). Required when auth_type is oidc_aws.

jfrog_oidc_provider_name string

The JFrog OIDC provider name. Required when auth_type is oidc_jfrog.

audience string

The OIDC audience. Optional for oidc_aws, oidc_jfrog, and oidc_gcp, and required for oidc_cloudsmith auth types.

identity_mapping_name string

The JFrog identity mapping name. Optional for oidc_jfrog auth type.

namespace string

The Cloudsmith organization namespace. Required when auth_type is oidc_cloudsmith.

service_slug string

The Cloudsmith service account slug. Required when auth_type is oidc_cloudsmith.

api_host string

The Cloudsmith API host. Optional for oidc_cloudsmith auth type. If omitted, api.cloudsmith.io is used by default.

workload_identity_provider string

The full resource name of the GCP Workload Identity Provider (e.g. projects/<NUM>/locations/global/workloadIdentityPools/<POOL>/providers/<PROVIDER>). Required when auth_type is oidc_gcp.

service_account string

The GCP service account email to impersonate. Optional for oidc_gcp auth type. If omitted, the federated token is used directly (direct WIF).

HTTP-Antwortstatuscodes für "Update a private registry for an organization"

StatuscodeBESCHREIBUNG
204

No Content

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Delete a private registry for an organization

Delete a private registry configuration at the organization-level.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

Feinkörnige Zugriffstoken für "Delete a private registry for an organization"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Organization private registries" organization permissions (write)

Parameter für "Delete a private registry for an organization"

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
org string Erforderlich

The organization name. The name is not case sensitive.

secret_name string Erforderlich

The name of the secret.

HTTP-Antwortstatuscodes für "Delete a private registry for an organization"

StatuscodeBESCHREIBUNG
204

No Content

400

Bad Request

404

Resource not found

Codebeispiele für "Delete a private registry for an organization"

Anforderungsbeispiel

delete/orgs/{org}/private-registries/{secret_name}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/private-registries/SECRET_NAME

Response

Status: 204