REST API endpoints for artifact attestations
Use the REST API to interact with artifact attestations.
Delete attestations in bulk
Delete artifact attestations in bulk by either subject digests or unique ID.
Fine-grained access tokens for "Delete attestations in bulk"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Attestations" repository permissions (write)
Parameters for "Delete attestations in bulk"
| Name, Type, Description |
|---|
accept string Setting to |
| Name, Type, Description |
|---|
org string RequiredThe organization name. The name is not case sensitive. |
| Name, Type, Description |
|---|
subject_digests array of strings RequiredList of subject digests associated with the artifact attestations to delete. |
HTTP response status codes for "Delete attestations in bulk"
| Status code | Description |
|---|---|
200 | OK |
404 | Resource not found |
Delete attestations by subject digest
Delete an artifact attestation by subject digest.
Fine-grained access tokens for "Delete attestations by subject digest"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Attestations" repository permissions (write)
Parameters for "Delete attestations by subject digest"
| Name, Type, Description |
|---|
accept string Setting to |
| Name, Type, Description |
|---|
org string RequiredThe organization name. The name is not case sensitive. |
subject_digest string RequiredSubject Digest |
HTTP response status codes for "Delete attestations by subject digest"
| Status code | Description |
|---|---|
200 | OK |
204 | No Content |
404 | Resource not found |
Code samples for "Delete attestations by subject digest"
Request examples
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/attestations/digest/SUBJECT_DIGESTResponse
Status: 200Delete attestations by ID
Delete an artifact attestation by unique ID that is associated with a repository owned by an org.
Fine-grained access tokens for "Delete attestations by ID"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Attestations" repository permissions (write)
Parameters for "Delete attestations by ID"
| Name, Type, Description |
|---|
accept string Setting to |
| Name, Type, Description |
|---|
org string RequiredThe organization name. The name is not case sensitive. |
attestation_id integer RequiredAttestation ID |
HTTP response status codes for "Delete attestations by ID"
| Status code | Description |
|---|---|
200 | OK |
204 | No Content |
403 | Forbidden |
404 | Resource not found |
Code samples for "Delete attestations by ID"
Request examples
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/attestations/ATTESTATION_IDResponse
Status: 200