Skip to main content
Die REST-API ist jetzt versioniert. Weitere Informationen findest du unter Informationen zur API-Versionsverwaltung.

REST API endpoints for secret scanning custom patterns

Use the REST API to manage custom patterns for secret scanning.

List enterprise custom patterns

Lists secret scanning custom patterns for an enterprise.

Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Feinkörnige Zugriffstoken für "List enterprise custom patterns"

Dieser Endpunkt funktioniert nicht mit GitHub App-Benutzerzugriffstoken, GitHub App-Installationszugriffstoken oder fein abgestimmten persönlichen Zugriffstoken.

Parameter für "List enterprise custom patterns"

Header
Name, Typ, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, Typ, BESCHREIBUNG
enterprise string Erforderlich

The slug version of the enterprise name.

Abfrageparameter
Name, Typ, BESCHREIBUNG
state string

Filter custom patterns by state. When absent, returns patterns in all states.

Kann eine der folgenden sein: published, unpublished

push_protection string

Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status.

Kann eine der folgenden sein: enabled, disabled

sort string

The property to sort the results by.

Standard: created

Kann eine der folgenden sein: created, updated, name

direction string

The direction to sort the results by.

Standard: desc

Kann eine der folgenden sein: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Standard: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Standard: 30

HTTP-Antwortstatuscodes für "List enterprise custom patterns"

StatuscodeBESCHREIBUNG
200

OK

403

Forbidden

404

Resource not found

Codebeispiele für "List enterprise custom patterns"

Wenn Sie bei GHE.com auf GitHub zugreifen, ersetzen Sie api.github.com durch die dedizierte Unterdomäne Ihres Unternehmens unter api.SUBDOMAIN.ghe.com.

Anforderungsbeispiel

get/enterprises/{enterprise}/secret-scanning/custom-patterns
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns

Response

Status: 200
[ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "published", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-16T14:20:00Z", "updated_at": "2024-01-17T09:15:00Z" } ]

Bulk create enterprise custom patterns

Bulk creates secret scanning custom patterns for an enterprise.

Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Feinkörnige Zugriffstoken für "Bulk create enterprise custom patterns"

Dieser Endpunkt funktioniert nicht mit GitHub App-Benutzerzugriffstoken, GitHub App-Installationszugriffstoken oder fein abgestimmten persönlichen Zugriffstoken.

Parameter für "Bulk create enterprise custom patterns"

Header
Name, Typ, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, Typ, BESCHREIBUNG
enterprise string Erforderlich

The slug version of the enterprise name.

Körperparameter
Name, Typ, BESCHREIBUNG
patterns array of objects Erforderlich

The list of custom patterns to create.

Name, Typ, BESCHREIBUNG
name string Erforderlich

The name of the custom pattern.

pattern string Erforderlich

The regular expression of the custom pattern.

start_delimiter string

The start delimiter regex for the custom pattern. Defaults to \A|[^0-9A-Za-z] when not specified.

Standard: \A|[^0-9A-Za-z]

end_delimiter string

The end delimiter regex for the custom pattern. Defaults to \z|[^0-9A-Za-z] when not specified.

Standard: \z|[^0-9A-Za-z]

must_match array of strings

List of regexes that the secret must match.

must_not_match array of strings

List of regexes that the secret must not match.

HTTP-Antwortstatuscodes für "Bulk create enterprise custom patterns"

StatuscodeBESCHREIBUNG
201

All patterns created successfully.

400

Bad Request

403

Forbidden

404

Resource not found

422

Validation failed for one or more patterns.

Codebeispiele für "Bulk create enterprise custom patterns"

Wenn Sie bei GHE.com auf GitHub zugreifen, ersetzen Sie api.github.com durch die dedizierte Unterdomäne Ihres Unternehmens unter api.SUBDOMAIN.ghe.com.

Anforderungsbeispiel

post/enterprises/{enterprise}/secret-scanning/custom-patterns
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns \ -d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'

All patterns created successfully.

Status: 201
{ "created_patterns": [ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" } ] }

Bulk delete enterprise custom patterns

Bulk deletes secret scanning custom patterns for an enterprise.

Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Feinkörnige Zugriffstoken für "Bulk delete enterprise custom patterns"

Dieser Endpunkt funktioniert nicht mit GitHub App-Benutzerzugriffstoken, GitHub App-Installationszugriffstoken oder fein abgestimmten persönlichen Zugriffstoken.

Parameter für "Bulk delete enterprise custom patterns"

Header
Name, Typ, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, Typ, BESCHREIBUNG
enterprise string Erforderlich

The slug version of the enterprise name.

Körperparameter
Name, Typ, BESCHREIBUNG
patterns array of objects Erforderlich

The list of custom patterns to delete.

Name, Typ, BESCHREIBUNG
pattern_id integer Erforderlich

The ID of the custom pattern to delete.

custom_pattern_version string or null

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

post_delete_action string

What to do with alerts associated with the deleted patterns. delete_alerts permanently removes the alerts. resolve_alerts resolves the alerts as "pattern deleted". Defaults to delete_alerts when not specified.

Standard: delete_alerts

Kann eine der folgenden sein: delete_alerts, resolve_alerts

HTTP-Antwortstatuscodes für "Bulk delete enterprise custom patterns"

StatuscodeBESCHREIBUNG
204

All patterns deleted successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

Codebeispiele für "Bulk delete enterprise custom patterns"

Wenn Sie bei GHE.com auf GitHub zugreifen, ersetzen Sie api.github.com durch die dedizierte Unterdomäne Ihres Unternehmens unter api.SUBDOMAIN.ghe.com.

Anforderungsbeispiel

delete/enterprises/{enterprise}/secret-scanning/custom-patterns
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns \ -d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'

All patterns deleted successfully.

Status: 204

Update an enterprise custom pattern

Updates a secret scanning custom pattern for an enterprise.

Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Feinkörnige Zugriffstoken für "Update an enterprise custom pattern"

Dieser Endpunkt funktioniert nicht mit GitHub App-Benutzerzugriffstoken, GitHub App-Installationszugriffstoken oder fein abgestimmten persönlichen Zugriffstoken.

Parameter für "Update an enterprise custom pattern"

Header
Name, Typ, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, Typ, BESCHREIBUNG
enterprise string Erforderlich

The slug version of the enterprise name.

pattern_id integer Erforderlich

The ID of the custom pattern.

Körperparameter
Name, Typ, BESCHREIBUNG
pattern string

The updated regular expression of the custom pattern.

start_delimiter string

The updated start delimiter regex for the custom pattern.

end_delimiter string

The updated end delimiter regex for the custom pattern.

must_match array of strings

Updated list of regexes that the secret must match.

must_not_match array of strings

Updated list of regexes that the secret must not match.

custom_pattern_version string or null Erforderlich

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

HTTP-Antwortstatuscodes für "Update an enterprise custom pattern"

StatuscodeBESCHREIBUNG
200

Pattern updated successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

422

Validation failed, or the endpoint has been spammed.

Codebeispiele für "Update an enterprise custom pattern"

Wenn Sie bei GHE.com auf GitHub zugreifen, ersetzen Sie api.github.com durch die dedizierte Unterdomäne Ihres Unternehmens unter api.SUBDOMAIN.ghe.com.

Anforderungsbeispiel

patch/enterprises/{enterprise}/secret-scanning/custom-patterns/{pattern_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns/PATTERN_ID \ -d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'

Pattern updated successfully.

Status: 200
{ "id": 1, "name": "Example Custom Pattern", "pattern": "updated_secret_[0-9A-Z]{16}", "slug": "example_custom_pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": "[^0-9A-Za-z]", "end_delimiter": "[^0-9A-Za-z]", "must_match": [ "updated_secret_[0-9]{2}*" ], "must_not_match": [ "updated_secret_1234567890ABCDEF" ], "custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K", "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-06-01T12:00:00Z" }

List organization custom patterns

Lists secret scanning custom patterns for an organization.

Personal access tokens (classic) need the read:org scope to use this endpoint.

Feinkörnige Zugriffstoken für "List organization custom patterns"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Administration" organization permissions (read)

Parameter für "List organization custom patterns"

Header
Name, Typ, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, Typ, BESCHREIBUNG
org string Erforderlich

The organization name. The name is not case sensitive.

Abfrageparameter
Name, Typ, BESCHREIBUNG
state string

Filter custom patterns by state. When absent, returns patterns in all states.

Kann eine der folgenden sein: published, unpublished

push_protection string

Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status.

Kann eine der folgenden sein: enabled, disabled

sort string

The property to sort the results by.

Standard: created

Kann eine der folgenden sein: created, updated, name

direction string

The direction to sort the results by.

Standard: desc

Kann eine der folgenden sein: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Standard: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Standard: 30

HTTP-Antwortstatuscodes für "List organization custom patterns"

StatuscodeBESCHREIBUNG
200

OK

403

Forbidden

404

Resource not found

Codebeispiele für "List organization custom patterns"

Wenn Sie bei GHE.com auf GitHub zugreifen, ersetzen Sie api.github.com durch die dedizierte Unterdomäne Ihres Unternehmens unter api.SUBDOMAIN.ghe.com.

Anforderungsbeispiel

get/orgs/{org}/secret-scanning/custom-patterns
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns

Response

Status: 200
[ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "published", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-16T14:20:00Z", "updated_at": "2024-01-17T09:15:00Z" } ]

Bulk create organization custom patterns

Bulk creates secret scanning custom patterns for an organization.

Personal access tokens (classic) need the write:org scope to use this endpoint.

Feinkörnige Zugriffstoken für "Bulk create organization custom patterns"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Administration" organization permissions (write)

Parameter für "Bulk create organization custom patterns"

Header
Name, Typ, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, Typ, BESCHREIBUNG
org string Erforderlich

The organization name. The name is not case sensitive.

Körperparameter
Name, Typ, BESCHREIBUNG
patterns array of objects Erforderlich

The list of custom patterns to create.

Name, Typ, BESCHREIBUNG
name string Erforderlich

The name of the custom pattern.

pattern string Erforderlich

The regular expression of the custom pattern.

start_delimiter string

The start delimiter regex for the custom pattern. Defaults to \A|[^0-9A-Za-z] when not specified.

Standard: \A|[^0-9A-Za-z]

end_delimiter string

The end delimiter regex for the custom pattern. Defaults to \z|[^0-9A-Za-z] when not specified.

Standard: \z|[^0-9A-Za-z]

must_match array of strings

List of regexes that the secret must match.

must_not_match array of strings

List of regexes that the secret must not match.

HTTP-Antwortstatuscodes für "Bulk create organization custom patterns"

StatuscodeBESCHREIBUNG
201

All patterns created successfully.

400

Bad Request

403

Forbidden

404

Resource not found

422

Validation failed for one or more patterns.

Codebeispiele für "Bulk create organization custom patterns"

Wenn Sie bei GHE.com auf GitHub zugreifen, ersetzen Sie api.github.com durch die dedizierte Unterdomäne Ihres Unternehmens unter api.SUBDOMAIN.ghe.com.

Anforderungsbeispiel

post/orgs/{org}/secret-scanning/custom-patterns
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns \ -d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'

All patterns created successfully.

Status: 201
{ "created_patterns": [ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" } ] }

Bulk delete organization custom patterns

Bulk deletes secret scanning custom patterns for an organization.

Personal access tokens (classic) need the write:org scope to use this endpoint.

Feinkörnige Zugriffstoken für "Bulk delete organization custom patterns"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Administration" organization permissions (write)

Parameter für "Bulk delete organization custom patterns"

Header
Name, Typ, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, Typ, BESCHREIBUNG
org string Erforderlich

The organization name. The name is not case sensitive.

Körperparameter
Name, Typ, BESCHREIBUNG
patterns array of objects Erforderlich

The list of custom patterns to delete.

Name, Typ, BESCHREIBUNG
pattern_id integer Erforderlich

The ID of the custom pattern to delete.

custom_pattern_version string or null

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

post_delete_action string

What to do with alerts associated with the deleted patterns. delete_alerts permanently removes the alerts. resolve_alerts resolves the alerts as "pattern deleted". Defaults to delete_alerts when not specified.

Standard: delete_alerts

Kann eine der folgenden sein: delete_alerts, resolve_alerts

HTTP-Antwortstatuscodes für "Bulk delete organization custom patterns"

StatuscodeBESCHREIBUNG
204

All patterns deleted successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

Codebeispiele für "Bulk delete organization custom patterns"

Wenn Sie bei GHE.com auf GitHub zugreifen, ersetzen Sie api.github.com durch die dedizierte Unterdomäne Ihres Unternehmens unter api.SUBDOMAIN.ghe.com.

Anforderungsbeispiel

delete/orgs/{org}/secret-scanning/custom-patterns
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns \ -d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'

All patterns deleted successfully.

Status: 204

Update an organization custom pattern

Updates a secret scanning custom pattern for an organization.

Personal access tokens (classic) need the write:org scope to use this endpoint.

Feinkörnige Zugriffstoken für "Update an organization custom pattern"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Administration" organization permissions (write)

Parameter für "Update an organization custom pattern"

Header
Name, Typ, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, Typ, BESCHREIBUNG
org string Erforderlich

The organization name. The name is not case sensitive.

pattern_id integer Erforderlich

The ID of the custom pattern.

Körperparameter
Name, Typ, BESCHREIBUNG
pattern string

The updated regular expression of the custom pattern.

start_delimiter string

The updated start delimiter regex for the custom pattern.

end_delimiter string

The updated end delimiter regex for the custom pattern.

must_match array of strings

Updated list of regexes that the secret must match.

must_not_match array of strings

Updated list of regexes that the secret must not match.

custom_pattern_version string or null Erforderlich

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

HTTP-Antwortstatuscodes für "Update an organization custom pattern"

StatuscodeBESCHREIBUNG
200

Pattern updated successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

422

Validation failed, or the endpoint has been spammed.

Codebeispiele für "Update an organization custom pattern"

Wenn Sie bei GHE.com auf GitHub zugreifen, ersetzen Sie api.github.com durch die dedizierte Unterdomäne Ihres Unternehmens unter api.SUBDOMAIN.ghe.com.

Anforderungsbeispiel

patch/orgs/{org}/secret-scanning/custom-patterns/{pattern_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns/PATTERN_ID \ -d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'

Pattern updated successfully.

Status: 200
{ "id": 1, "name": "Example Custom Pattern", "pattern": "updated_secret_[0-9A-Z]{16}", "slug": "example_custom_pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": "[^0-9A-Za-z]", "end_delimiter": "[^0-9A-Za-z]", "must_match": [ "updated_secret_[0-9]{2}*" ], "must_not_match": [ "updated_secret_1234567890ABCDEF" ], "custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K", "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-06-01T12:00:00Z" }

List repository custom patterns

Lists secret scanning custom patterns for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Feinkörnige Zugriffstoken für "List repository custom patterns"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Secret scanning alerts" repository permissions (read)

Parameter für "List repository custom patterns"

Header
Name, Typ, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, Typ, BESCHREIBUNG
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

Abfrageparameter
Name, Typ, BESCHREIBUNG
state string

Filter custom patterns by state. When absent, returns patterns in all states.

Kann eine der folgenden sein: published, unpublished

push_protection string

Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status.

Kann eine der folgenden sein: enabled, disabled

sort string

The property to sort the results by.

Standard: created

Kann eine der folgenden sein: created, updated, name

direction string

The direction to sort the results by.

Standard: desc

Kann eine der folgenden sein: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Standard: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Standard: 30

HTTP-Antwortstatuscodes für "List repository custom patterns"

StatuscodeBESCHREIBUNG
200

OK

403

Forbidden

404

Resource not found

Codebeispiele für "List repository custom patterns"

Wenn Sie bei GHE.com auf GitHub zugreifen, ersetzen Sie api.github.com durch die dedizierte Unterdomäne Ihres Unternehmens unter api.SUBDOMAIN.ghe.com.

Anforderungsbeispiel

get/repos/{owner}/{repo}/secret-scanning/custom-patterns
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns

Response

Status: 200
[ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "published", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-16T14:20:00Z", "updated_at": "2024-01-17T09:15:00Z" } ]

Bulk create repository custom patterns

Bulk creates secret scanning custom patterns for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Feinkörnige Zugriffstoken für "Bulk create repository custom patterns"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Secret scanning alerts" repository permissions (write)

Parameter für "Bulk create repository custom patterns"

Header
Name, Typ, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, Typ, BESCHREIBUNG
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

Körperparameter
Name, Typ, BESCHREIBUNG
patterns array of objects Erforderlich

The list of custom patterns to create.

Name, Typ, BESCHREIBUNG
name string Erforderlich

The name of the custom pattern.

pattern string Erforderlich

The regular expression of the custom pattern.

start_delimiter string

The start delimiter regex for the custom pattern. Defaults to \A|[^0-9A-Za-z] when not specified.

Standard: \A|[^0-9A-Za-z]

end_delimiter string

The end delimiter regex for the custom pattern. Defaults to \z|[^0-9A-Za-z] when not specified.

Standard: \z|[^0-9A-Za-z]

must_match array of strings

List of regexes that the secret must match.

must_not_match array of strings

List of regexes that the secret must not match.

HTTP-Antwortstatuscodes für "Bulk create repository custom patterns"

StatuscodeBESCHREIBUNG
201

All patterns created successfully.

400

Bad Request

403

Forbidden

404

Resource not found

422

Validation failed for one or more patterns.

Codebeispiele für "Bulk create repository custom patterns"

Wenn Sie bei GHE.com auf GitHub zugreifen, ersetzen Sie api.github.com durch die dedizierte Unterdomäne Ihres Unternehmens unter api.SUBDOMAIN.ghe.com.

Anforderungsbeispiel

post/repos/{owner}/{repo}/secret-scanning/custom-patterns
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns \ -d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'

All patterns created successfully.

Status: 201
{ "created_patterns": [ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" } ] }

Bulk delete repository custom patterns

Bulk deletes secret scanning custom patterns for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Feinkörnige Zugriffstoken für "Bulk delete repository custom patterns"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Secret scanning alerts" repository permissions (write)

Parameter für "Bulk delete repository custom patterns"

Header
Name, Typ, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, Typ, BESCHREIBUNG
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

Körperparameter
Name, Typ, BESCHREIBUNG
patterns array of objects Erforderlich

The list of custom patterns to delete.

Name, Typ, BESCHREIBUNG
pattern_id integer Erforderlich

The ID of the custom pattern to delete.

custom_pattern_version string or null

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

post_delete_action string

What to do with alerts associated with the deleted patterns. delete_alerts permanently removes the alerts. resolve_alerts resolves the alerts as "pattern deleted". Defaults to delete_alerts when not specified.

Standard: delete_alerts

Kann eine der folgenden sein: delete_alerts, resolve_alerts

HTTP-Antwortstatuscodes für "Bulk delete repository custom patterns"

StatuscodeBESCHREIBUNG
204

All patterns deleted successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

Codebeispiele für "Bulk delete repository custom patterns"

Wenn Sie bei GHE.com auf GitHub zugreifen, ersetzen Sie api.github.com durch die dedizierte Unterdomäne Ihres Unternehmens unter api.SUBDOMAIN.ghe.com.

Anforderungsbeispiel

delete/repos/{owner}/{repo}/secret-scanning/custom-patterns
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns \ -d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'

All patterns deleted successfully.

Status: 204

Update a repository custom pattern

Updates a secret scanning custom pattern for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Feinkörnige Zugriffstoken für "Update a repository custom pattern"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:

  • "Secret scanning alerts" repository permissions (write)

Parameter für "Update a repository custom pattern"

Header
Name, Typ, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, Typ, BESCHREIBUNG
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

pattern_id integer Erforderlich

The ID of the custom pattern.

Körperparameter
Name, Typ, BESCHREIBUNG
pattern string

The updated regular expression of the custom pattern.

start_delimiter string

The updated start delimiter regex for the custom pattern.

end_delimiter string

The updated end delimiter regex for the custom pattern.

must_match array of strings

Updated list of regexes that the secret must match.

must_not_match array of strings

Updated list of regexes that the secret must not match.

custom_pattern_version string or null Erforderlich

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

HTTP-Antwortstatuscodes für "Update a repository custom pattern"

StatuscodeBESCHREIBUNG
200

Pattern updated successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

422

Validation failed, or the endpoint has been spammed.

Codebeispiele für "Update a repository custom pattern"

Wenn Sie bei GHE.com auf GitHub zugreifen, ersetzen Sie api.github.com durch die dedizierte Unterdomäne Ihres Unternehmens unter api.SUBDOMAIN.ghe.com.

Anforderungsbeispiel

patch/repos/{owner}/{repo}/secret-scanning/custom-patterns/{pattern_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns/PATTERN_ID \ -d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'

Pattern updated successfully.

Status: 200
{ "id": 1, "name": "Example Custom Pattern", "pattern": "updated_secret_[0-9A-Z]{16}", "slug": "example_custom_pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": "[^0-9A-Za-z]", "end_delimiter": "[^0-9A-Za-z]", "must_match": [ "updated_secret_[0-9]{2}*" ], "must_not_match": [ "updated_secret_1234567890ABCDEF" ], "custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K", "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-06-01T12:00:00Z" }