Puntos de conexión de API REST para la protección contra inserción del análisis de secretos
Usa la API de REST para administrar la protección contra inserción del análisis de secretos.
List enterprise pattern configurations
Lists the secret scanning pattern configurations for an enterprise.
Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Fine-grained access tokens for "List enterprise pattern configurations"
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parámetros para "List enterprise pattern configurations"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
enterprise string ObligatorioThe slug version of the enterprise name. |
HTTP response status codes for "List enterprise pattern configurations"
| Status code | Descripción |
|---|---|
200 | OK |
403 | Forbidden |
404 | Resource not found |
Code samples for "List enterprise pattern configurations"
Request example
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
http(s)://HOSTNAME/api/v3/enterprises/ENTERPRISE/secret-scanning/pattern-configurationsResponse
Status: 200{
"pattern_config_version": "0ujsswThIGTUYm2K8FjOOfXtY1K",
"provider_pattern_overrides": [
{
"token_type": "GITHUB_PERSONAL_ACCESS_TOKEN",
"slug": "github_personal_access_token_legacy_v2",
"display_name": "GitHub Personal Access Token (Legacy v2)",
"alert_total": 15,
"alert_total_percentage": 36,
"false_positives": 2,
"false_positive_rate": 13,
"bypass_rate": 13,
"default_setting": "enabled",
"setting": "enabled",
"enterprise_setting": "enabled"
}
],
"custom_pattern_overrides": [
{
"token_type": "cp_2",
"custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K",
"slug": "custom-api-key",
"display_name": "Custom API Key",
"alert_total": 15,
"alert_total_percentage": 36,
"false_positives": 3,
"false_positive_rate": 20,
"bypass_rate": 20,
"default_setting": "disabled",
"setting": "enabled"
}
]
}Update enterprise pattern configurations
Updates the secret scanning pattern configurations for an enterprise.
Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Fine-grained access tokens for "Update enterprise pattern configurations"
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parámetros para "Update enterprise pattern configurations"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
enterprise string ObligatorioThe slug version of the enterprise name. |
| Nombre, Tipo, Descripción | ||||
|---|---|---|---|---|
pattern_config_version string or null The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. | ||||
provider_pattern_settings array of objects Pattern settings for provider patterns. | ||||
Properties of |
| Nombre, Tipo, Descripción |
|---|
token_type string The ID of the pattern to configure. |
push_protection_setting string Push protection setting to set for the pattern. Puede ser uno de los siguientes: |
custom_pattern_settings array of objects Pattern settings for custom patterns.
Properties of custom_pattern_settings
| Nombre, Tipo, Descripción |
|---|
token_type string The ID of the pattern to configure. |
custom_pattern_version string or null The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. |
push_protection_setting string Push protection setting to set for the pattern. Puede ser uno de los siguientes: |
HTTP response status codes for "Update enterprise pattern configurations"
| Status code | Descripción |
|---|---|
200 | OK |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
409 | Conflict |
422 | Validation failed, or the endpoint has been spammed. |
Code samples for "Update enterprise pattern configurations"
Request example
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
http(s)://HOSTNAME/api/v3/enterprises/ENTERPRISE/secret-scanning/pattern-configurations \
-d '{"pattern_config_version":"0ujsswThIGTUYm2K8FjOOfXtY1K","provider_pattern_settings":[{"token_type":"GITHUB_PERSONAL_ACCESS_TOKEN","push_protection_setting":"enabled"}],"custom_pattern_settings":[{"token_type":"cp_2","custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K","push_protection_setting":"enabled"}]}'Response
Status: 200{
"pattern_config_version": "0ujsswThIGTUYm2K8FjOOfXtY1K"
}List organization pattern configurations
Lists the secret scanning pattern configurations for an organization.
Personal access tokens (classic) need the read:org scope to use this endpoint.
Fine-grained access tokens for "List organization pattern configurations"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Administration" organization permissions (read)
Parámetros para "List organization pattern configurations"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
org string ObligatorioThe organization name. The name is not case sensitive. |
HTTP response status codes for "List organization pattern configurations"
| Status code | Descripción |
|---|---|
200 | OK |
403 | Forbidden |
404 | Resource not found |
Code samples for "List organization pattern configurations"
Request example
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
http(s)://HOSTNAME/api/v3/orgs/ORG/secret-scanning/pattern-configurationsResponse
Status: 200{
"pattern_config_version": "0ujsswThIGTUYm2K8FjOOfXtY1K",
"provider_pattern_overrides": [
{
"token_type": "GITHUB_PERSONAL_ACCESS_TOKEN",
"slug": "github_personal_access_token_legacy_v2",
"display_name": "GitHub Personal Access Token (Legacy v2)",
"alert_total": 15,
"alert_total_percentage": 36,
"false_positives": 2,
"false_positive_rate": 13,
"bypass_rate": 13,
"default_setting": "enabled",
"setting": "enabled",
"enterprise_setting": "enabled"
}
],
"custom_pattern_overrides": [
{
"token_type": "cp_2",
"custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K",
"slug": "custom-api-key",
"display_name": "Custom API Key",
"alert_total": 15,
"alert_total_percentage": 36,
"false_positives": 3,
"false_positive_rate": 20,
"bypass_rate": 20,
"default_setting": "disabled",
"setting": "enabled"
}
]
}Update organization pattern configurations
Updates the secret scanning pattern configurations for an organization.
Personal access tokens (classic) need the write:org scope to use this endpoint.
Fine-grained access tokens for "Update organization pattern configurations"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Administration" organization permissions (write)
Parámetros para "Update organization pattern configurations"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
org string ObligatorioThe organization name. The name is not case sensitive. |
| Nombre, Tipo, Descripción | ||||
|---|---|---|---|---|
pattern_config_version string or null The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. | ||||
provider_pattern_settings array of objects Pattern settings for provider patterns. | ||||
Properties of |
| Nombre, Tipo, Descripción |
|---|
token_type string The ID of the pattern to configure. |
push_protection_setting string Push protection setting to set for the pattern. Puede ser uno de los siguientes: |
custom_pattern_settings array of objects Pattern settings for custom patterns.
Properties of custom_pattern_settings
| Nombre, Tipo, Descripción |
|---|
token_type string The ID of the pattern to configure. |
custom_pattern_version string or null The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update. |
push_protection_setting string Push protection setting to set for the pattern. Puede ser uno de los siguientes: |
HTTP response status codes for "Update organization pattern configurations"
| Status code | Descripción |
|---|---|
200 | OK |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
409 | Conflict |
422 | Validation failed, or the endpoint has been spammed. |
Code samples for "Update organization pattern configurations"
Request example
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
http(s)://HOSTNAME/api/v3/orgs/ORG/secret-scanning/pattern-configurations \
-d '{"pattern_config_version":"0ujsswThIGTUYm2K8FjOOfXtY1K","provider_pattern_settings":[{"token_type":"GITHUB_PERSONAL_ACCESS_TOKEN","push_protection_setting":"enabled"}],"custom_pattern_settings":[{"token_type":"cp_2","custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K","push_protection_setting":"enabled"}]}'Response
Status: 200{
"pattern_config_version": "0ujsswThIGTUYm2K8FjOOfXtY1K"
}