Skip to main content
A API REST agora é versionada. Para obter mais informações, confira "Sobre o controle de versão da API".

REST API endpoints for secret scanning custom patterns

Use the REST API to manage custom patterns for secret scanning.

List enterprise custom patterns

Lists secret scanning custom patterns for an enterprise.

Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Tokens de acesso granulares para "List enterprise custom patterns"

Esse ponto de extremidade não funciona com tokens de acesso de usuário do GitHub App, tokens de acesso de instalação do GitHub App ou tokens de acesso pessoal com controle refinado.

Parâmetros para "List enterprise custom patterns"

Cabeçalhos
Nome, Tipo, Descrição
accept string

Setting to application/vnd.github+json is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
enterprise string Obrigatório

The slug version of the enterprise name.

Parâmetros de consulta
Nome, Tipo, Descrição
state string

Filter custom patterns by state. When absent, returns patterns in all states.

Pode ser um dos: published, unpublished

push_protection string

Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status.

Pode ser um dos: enabled, disabled

sort string

The property to sort the results by.

Padrão: created

Pode ser um dos: created, updated, name

direction string

The direction to sort the results by.

Padrão: desc

Pode ser um dos: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Padrão: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Padrão: 30

Códigos de status de resposta HTTP para "List enterprise custom patterns"

Código de statusDescrição
200

OK

403

Forbidden

404

Resource not found

Exemplos de código para "List enterprise custom patterns"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

get/enterprises/{enterprise}/secret-scanning/custom-patterns
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns

Response

Status: 200
[ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "published", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-16T14:20:00Z", "updated_at": "2024-01-17T09:15:00Z" } ]

Bulk create enterprise custom patterns

Bulk creates secret scanning custom patterns for an enterprise.

Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Tokens de acesso granulares para "Bulk create enterprise custom patterns"

Esse ponto de extremidade não funciona com tokens de acesso de usuário do GitHub App, tokens de acesso de instalação do GitHub App ou tokens de acesso pessoal com controle refinado.

Parâmetros para "Bulk create enterprise custom patterns"

Cabeçalhos
Nome, Tipo, Descrição
accept string

Setting to application/vnd.github+json is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
enterprise string Obrigatório

The slug version of the enterprise name.

Parâmetros do corpo
Nome, Tipo, Descrição
patterns array of objects Obrigatório

The list of custom patterns to create.

Nome, Tipo, Descrição
name string Obrigatório

The name of the custom pattern.

pattern string Obrigatório

The regular expression of the custom pattern.

start_delimiter string

The start delimiter regex for the custom pattern. Defaults to \A|[^0-9A-Za-z] when not specified.

Padrão: \A|[^0-9A-Za-z]

end_delimiter string

The end delimiter regex for the custom pattern. Defaults to \z|[^0-9A-Za-z] when not specified.

Padrão: \z|[^0-9A-Za-z]

must_match array of strings

List of regexes that the secret must match.

must_not_match array of strings

List of regexes that the secret must not match.

Códigos de status de resposta HTTP para "Bulk create enterprise custom patterns"

Código de statusDescrição
201

All patterns created successfully.

400

Bad Request

403

Forbidden

404

Resource not found

422

Validation failed for one or more patterns.

Exemplos de código para "Bulk create enterprise custom patterns"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

post/enterprises/{enterprise}/secret-scanning/custom-patterns
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns \ -d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'

All patterns created successfully.

Status: 201
{ "created_patterns": [ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" } ] }

Bulk delete enterprise custom patterns

Bulk deletes secret scanning custom patterns for an enterprise.

Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Tokens de acesso granulares para "Bulk delete enterprise custom patterns"

Esse ponto de extremidade não funciona com tokens de acesso de usuário do GitHub App, tokens de acesso de instalação do GitHub App ou tokens de acesso pessoal com controle refinado.

Parâmetros para "Bulk delete enterprise custom patterns"

Cabeçalhos
Nome, Tipo, Descrição
accept string

Setting to application/vnd.github+json is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
enterprise string Obrigatório

The slug version of the enterprise name.

Parâmetros do corpo
Nome, Tipo, Descrição
patterns array of objects Obrigatório

The list of custom patterns to delete.

Nome, Tipo, Descrição
pattern_id integer Obrigatório

The ID of the custom pattern to delete.

custom_pattern_version string or null

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

post_delete_action string

What to do with alerts associated with the deleted patterns. delete_alerts permanently removes the alerts. resolve_alerts resolves the alerts as "pattern deleted". Defaults to delete_alerts when not specified.

Padrão: delete_alerts

Pode ser um dos: delete_alerts, resolve_alerts

Códigos de status de resposta HTTP para "Bulk delete enterprise custom patterns"

Código de statusDescrição
204

All patterns deleted successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

Exemplos de código para "Bulk delete enterprise custom patterns"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

delete/enterprises/{enterprise}/secret-scanning/custom-patterns
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns \ -d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'

All patterns deleted successfully.

Status: 204

Update an enterprise custom pattern

Updates a secret scanning custom pattern for an enterprise.

Personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Tokens de acesso granulares para "Update an enterprise custom pattern"

Esse ponto de extremidade não funciona com tokens de acesso de usuário do GitHub App, tokens de acesso de instalação do GitHub App ou tokens de acesso pessoal com controle refinado.

Parâmetros para "Update an enterprise custom pattern"

Cabeçalhos
Nome, Tipo, Descrição
accept string

Setting to application/vnd.github+json is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
enterprise string Obrigatório

The slug version of the enterprise name.

pattern_id integer Obrigatório

The ID of the custom pattern.

Parâmetros do corpo
Nome, Tipo, Descrição
pattern string

The updated regular expression of the custom pattern.

start_delimiter string

The updated start delimiter regex for the custom pattern.

end_delimiter string

The updated end delimiter regex for the custom pattern.

must_match array of strings

Updated list of regexes that the secret must match.

must_not_match array of strings

Updated list of regexes that the secret must not match.

custom_pattern_version string or null Obrigatório

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

Códigos de status de resposta HTTP para "Update an enterprise custom pattern"

Código de statusDescrição
200

Pattern updated successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

422

Validation failed, or the endpoint has been spammed.

Exemplos de código para "Update an enterprise custom pattern"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

patch/enterprises/{enterprise}/secret-scanning/custom-patterns/{pattern_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/custom-patterns/PATTERN_ID \ -d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'

Pattern updated successfully.

Status: 200
{ "id": 1, "name": "Example Custom Pattern", "pattern": "updated_secret_[0-9A-Z]{16}", "slug": "example_custom_pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": "[^0-9A-Za-z]", "end_delimiter": "[^0-9A-Za-z]", "must_match": [ "updated_secret_[0-9]{2}*" ], "must_not_match": [ "updated_secret_1234567890ABCDEF" ], "custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K", "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-06-01T12:00:00Z" }

List organization custom patterns

Lists secret scanning custom patterns for an organization.

Personal access tokens (classic) need the read:org scope to use this endpoint.

Tokens de acesso granulares para "List organization custom patterns"

Este endpoint funciona com os seguintes tipos de token granulares:

O token refinado deve ter os seguintes conjuntos de permissões:

  • "Administration" organization permissions (read)

Parâmetros para "List organization custom patterns"

Cabeçalhos
Nome, Tipo, Descrição
accept string

Setting to application/vnd.github+json is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
org string Obrigatório

The organization name. The name is not case sensitive.

Parâmetros de consulta
Nome, Tipo, Descrição
state string

Filter custom patterns by state. When absent, returns patterns in all states.

Pode ser um dos: published, unpublished

push_protection string

Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status.

Pode ser um dos: enabled, disabled

sort string

The property to sort the results by.

Padrão: created

Pode ser um dos: created, updated, name

direction string

The direction to sort the results by.

Padrão: desc

Pode ser um dos: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Padrão: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Padrão: 30

Códigos de status de resposta HTTP para "List organization custom patterns"

Código de statusDescrição
200

OK

403

Forbidden

404

Resource not found

Exemplos de código para "List organization custom patterns"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

get/orgs/{org}/secret-scanning/custom-patterns
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns

Response

Status: 200
[ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "published", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-16T14:20:00Z", "updated_at": "2024-01-17T09:15:00Z" } ]

Bulk create organization custom patterns

Bulk creates secret scanning custom patterns for an organization.

Personal access tokens (classic) need the write:org scope to use this endpoint.

Tokens de acesso granulares para "Bulk create organization custom patterns"

Este endpoint funciona com os seguintes tipos de token granulares:

O token refinado deve ter os seguintes conjuntos de permissões:

  • "Administration" organization permissions (write)

Parâmetros para "Bulk create organization custom patterns"

Cabeçalhos
Nome, Tipo, Descrição
accept string

Setting to application/vnd.github+json is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
org string Obrigatório

The organization name. The name is not case sensitive.

Parâmetros do corpo
Nome, Tipo, Descrição
patterns array of objects Obrigatório

The list of custom patterns to create.

Nome, Tipo, Descrição
name string Obrigatório

The name of the custom pattern.

pattern string Obrigatório

The regular expression of the custom pattern.

start_delimiter string

The start delimiter regex for the custom pattern. Defaults to \A|[^0-9A-Za-z] when not specified.

Padrão: \A|[^0-9A-Za-z]

end_delimiter string

The end delimiter regex for the custom pattern. Defaults to \z|[^0-9A-Za-z] when not specified.

Padrão: \z|[^0-9A-Za-z]

must_match array of strings

List of regexes that the secret must match.

must_not_match array of strings

List of regexes that the secret must not match.

Códigos de status de resposta HTTP para "Bulk create organization custom patterns"

Código de statusDescrição
201

All patterns created successfully.

400

Bad Request

403

Forbidden

404

Resource not found

422

Validation failed for one or more patterns.

Exemplos de código para "Bulk create organization custom patterns"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

post/orgs/{org}/secret-scanning/custom-patterns
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns \ -d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'

All patterns created successfully.

Status: 201
{ "created_patterns": [ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" } ] }

Bulk delete organization custom patterns

Bulk deletes secret scanning custom patterns for an organization.

Personal access tokens (classic) need the write:org scope to use this endpoint.

Tokens de acesso granulares para "Bulk delete organization custom patterns"

Este endpoint funciona com os seguintes tipos de token granulares:

O token refinado deve ter os seguintes conjuntos de permissões:

  • "Administration" organization permissions (write)

Parâmetros para "Bulk delete organization custom patterns"

Cabeçalhos
Nome, Tipo, Descrição
accept string

Setting to application/vnd.github+json is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
org string Obrigatório

The organization name. The name is not case sensitive.

Parâmetros do corpo
Nome, Tipo, Descrição
patterns array of objects Obrigatório

The list of custom patterns to delete.

Nome, Tipo, Descrição
pattern_id integer Obrigatório

The ID of the custom pattern to delete.

custom_pattern_version string or null

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

post_delete_action string

What to do with alerts associated with the deleted patterns. delete_alerts permanently removes the alerts. resolve_alerts resolves the alerts as "pattern deleted". Defaults to delete_alerts when not specified.

Padrão: delete_alerts

Pode ser um dos: delete_alerts, resolve_alerts

Códigos de status de resposta HTTP para "Bulk delete organization custom patterns"

Código de statusDescrição
204

All patterns deleted successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

Exemplos de código para "Bulk delete organization custom patterns"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

delete/orgs/{org}/secret-scanning/custom-patterns
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns \ -d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'

All patterns deleted successfully.

Status: 204

Update an organization custom pattern

Updates a secret scanning custom pattern for an organization.

Personal access tokens (classic) need the write:org scope to use this endpoint.

Tokens de acesso granulares para "Update an organization custom pattern"

Este endpoint funciona com os seguintes tipos de token granulares:

O token refinado deve ter os seguintes conjuntos de permissões:

  • "Administration" organization permissions (write)

Parâmetros para "Update an organization custom pattern"

Cabeçalhos
Nome, Tipo, Descrição
accept string

Setting to application/vnd.github+json is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
org string Obrigatório

The organization name. The name is not case sensitive.

pattern_id integer Obrigatório

The ID of the custom pattern.

Parâmetros do corpo
Nome, Tipo, Descrição
pattern string

The updated regular expression of the custom pattern.

start_delimiter string

The updated start delimiter regex for the custom pattern.

end_delimiter string

The updated end delimiter regex for the custom pattern.

must_match array of strings

Updated list of regexes that the secret must match.

must_not_match array of strings

Updated list of regexes that the secret must not match.

custom_pattern_version string or null Obrigatório

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

Códigos de status de resposta HTTP para "Update an organization custom pattern"

Código de statusDescrição
200

Pattern updated successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

422

Validation failed, or the endpoint has been spammed.

Exemplos de código para "Update an organization custom pattern"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

patch/orgs/{org}/secret-scanning/custom-patterns/{pattern_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/secret-scanning/custom-patterns/PATTERN_ID \ -d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'

Pattern updated successfully.

Status: 200
{ "id": 1, "name": "Example Custom Pattern", "pattern": "updated_secret_[0-9A-Z]{16}", "slug": "example_custom_pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": "[^0-9A-Za-z]", "end_delimiter": "[^0-9A-Za-z]", "must_match": [ "updated_secret_[0-9]{2}*" ], "must_not_match": [ "updated_secret_1234567890ABCDEF" ], "custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K", "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-06-01T12:00:00Z" }

List repository custom patterns

Lists secret scanning custom patterns for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Tokens de acesso granulares para "List repository custom patterns"

Este endpoint funciona com os seguintes tipos de token granulares:

O token refinado deve ter os seguintes conjuntos de permissões:

  • "Secret scanning alerts" repository permissions (read)

Parâmetros para "List repository custom patterns"

Cabeçalhos
Nome, Tipo, Descrição
accept string

Setting to application/vnd.github+json is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
owner string Obrigatório

The account owner of the repository. The name is not case sensitive.

repo string Obrigatório

The name of the repository without the .git extension. The name is not case sensitive.

Parâmetros de consulta
Nome, Tipo, Descrição
state string

Filter custom patterns by state. When absent, returns patterns in all states.

Pode ser um dos: published, unpublished

push_protection string

Filter custom patterns by whether push protection is enabled. When absent, returns patterns regardless of push protection status.

Pode ser um dos: enabled, disabled

sort string

The property to sort the results by.

Padrão: created

Pode ser um dos: created, updated, name

direction string

The direction to sort the results by.

Padrão: desc

Pode ser um dos: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Padrão: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Padrão: 30

Códigos de status de resposta HTTP para "List repository custom patterns"

Código de statusDescrição
200

OK

403

Forbidden

404

Resource not found

Exemplos de código para "List repository custom patterns"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

get/repos/{owner}/{repo}/secret-scanning/custom-patterns
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns

Response

Status: 200
[ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "published", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-16T14:20:00Z", "updated_at": "2024-01-17T09:15:00Z" } ]

Bulk create repository custom patterns

Bulk creates secret scanning custom patterns for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Tokens de acesso granulares para "Bulk create repository custom patterns"

Este endpoint funciona com os seguintes tipos de token granulares:

O token refinado deve ter os seguintes conjuntos de permissões:

  • "Secret scanning alerts" repository permissions (write)

Parâmetros para "Bulk create repository custom patterns"

Cabeçalhos
Nome, Tipo, Descrição
accept string

Setting to application/vnd.github+json is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
owner string Obrigatório

The account owner of the repository. The name is not case sensitive.

repo string Obrigatório

The name of the repository without the .git extension. The name is not case sensitive.

Parâmetros do corpo
Nome, Tipo, Descrição
patterns array of objects Obrigatório

The list of custom patterns to create.

Nome, Tipo, Descrição
name string Obrigatório

The name of the custom pattern.

pattern string Obrigatório

The regular expression of the custom pattern.

start_delimiter string

The start delimiter regex for the custom pattern. Defaults to \A|[^0-9A-Za-z] when not specified.

Padrão: \A|[^0-9A-Za-z]

end_delimiter string

The end delimiter regex for the custom pattern. Defaults to \z|[^0-9A-Za-z] when not specified.

Padrão: \z|[^0-9A-Za-z]

must_match array of strings

List of regexes that the secret must match.

must_not_match array of strings

List of regexes that the secret must not match.

Códigos de status de resposta HTTP para "Bulk create repository custom patterns"

Código de statusDescrição
201

All patterns created successfully.

400

Bad Request

403

Forbidden

404

Resource not found

422

Validation failed for one or more patterns.

Exemplos de código para "Bulk create repository custom patterns"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

post/repos/{owner}/{repo}/secret-scanning/custom-patterns
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns \ -d '{"patterns":[{"name":"Example Custom Pattern","pattern":"[a-z]+_token_[0-9]+"},{"name":"Another Custom Pattern","pattern":"prefix_[a-zA-Z0-9]{32}","start_delimiter":"\\b","end_delimiter":"\\b","must_match":["^prefix_prod"],"must_not_match":["test"]}]}'

All patterns created successfully.

Status: 201
{ "created_patterns": [ { "id": 1, "name": "Example Custom Pattern", "pattern": "[a-z]+_token_[0-9]+", "slug": "example-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": null, "end_delimiter": null, "must_match": null, "must_not_match": null, "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" }, { "id": 2, "name": "Another Custom Pattern", "pattern": "prefix_[a-zA-Z0-9]{32}", "slug": "another-custom-pattern", "state": "unpublished", "push_protection_enabled": false, "start_delimiter": "\\b", "end_delimiter": "\\b", "must_match": [ "^prefix_prod" ], "must_not_match": [ "test" ], "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-01-15T10:30:00Z" } ] }

Bulk delete repository custom patterns

Bulk deletes secret scanning custom patterns for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Tokens de acesso granulares para "Bulk delete repository custom patterns"

Este endpoint funciona com os seguintes tipos de token granulares:

O token refinado deve ter os seguintes conjuntos de permissões:

  • "Secret scanning alerts" repository permissions (write)

Parâmetros para "Bulk delete repository custom patterns"

Cabeçalhos
Nome, Tipo, Descrição
accept string

Setting to application/vnd.github+json is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
owner string Obrigatório

The account owner of the repository. The name is not case sensitive.

repo string Obrigatório

The name of the repository without the .git extension. The name is not case sensitive.

Parâmetros do corpo
Nome, Tipo, Descrição
patterns array of objects Obrigatório

The list of custom patterns to delete.

Nome, Tipo, Descrição
pattern_id integer Obrigatório

The ID of the custom pattern to delete.

custom_pattern_version string or null

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

post_delete_action string

What to do with alerts associated with the deleted patterns. delete_alerts permanently removes the alerts. resolve_alerts resolves the alerts as "pattern deleted". Defaults to delete_alerts when not specified.

Padrão: delete_alerts

Pode ser um dos: delete_alerts, resolve_alerts

Códigos de status de resposta HTTP para "Bulk delete repository custom patterns"

Código de statusDescrição
204

All patterns deleted successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

Exemplos de código para "Bulk delete repository custom patterns"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

delete/repos/{owner}/{repo}/secret-scanning/custom-patterns
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns \ -d '{"patterns":[{"pattern_id":2,"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}]}'

All patterns deleted successfully.

Status: 204

Update a repository custom pattern

Updates a secret scanning custom pattern for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Tokens de acesso granulares para "Update a repository custom pattern"

Este endpoint funciona com os seguintes tipos de token granulares:

O token refinado deve ter os seguintes conjuntos de permissões:

  • "Secret scanning alerts" repository permissions (write)

Parâmetros para "Update a repository custom pattern"

Cabeçalhos
Nome, Tipo, Descrição
accept string

Setting to application/vnd.github+json is recommended.

Parâmetros de caminho
Nome, Tipo, Descrição
owner string Obrigatório

The account owner of the repository. The name is not case sensitive.

repo string Obrigatório

The name of the repository without the .git extension. The name is not case sensitive.

pattern_id integer Obrigatório

The ID of the custom pattern.

Parâmetros do corpo
Nome, Tipo, Descrição
pattern string

The updated regular expression of the custom pattern.

start_delimiter string

The updated start delimiter regex for the custom pattern.

end_delimiter string

The updated end delimiter regex for the custom pattern.

must_match array of strings

Updated list of regexes that the secret must match.

must_not_match array of strings

Updated list of regexes that the secret must not match.

custom_pattern_version string or null Obrigatório

The version of the entity. This is used to confirm you're updating the current version of the entity and mitigate unintentionally overriding someone else's update.

Códigos de status de resposta HTTP para "Update a repository custom pattern"

Código de statusDescrição
200

Pattern updated successfully.

400

Bad Request

403

Forbidden

404

Resource not found

412

Precondition Failed

422

Validation failed, or the endpoint has been spammed.

Exemplos de código para "Update a repository custom pattern"

Se você acessar GitHub em GHE.com, substitua api.github.com pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com.

Exemplo de solicitação

patch/repos/{owner}/{repo}/secret-scanning/custom-patterns/{pattern_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/custom-patterns/PATTERN_ID \ -d '{"pattern":"updated_secret_[0-9A-Z]{16}","start_delimiter":"[^0-9A-Za-z]","end_delimiter":"[^0-9A-Za-z]","must_match":["updated_secret_[0-9]{2}*"],"must_not_match":["updated_secret_1234567890ABCDEF"],"custom_pattern_version":"0ujsswThIGTUYm2K8FjOOfXtY1K"}'

Pattern updated successfully.

Status: 200
{ "id": 1, "name": "Example Custom Pattern", "pattern": "updated_secret_[0-9A-Z]{16}", "slug": "example_custom_pattern", "state": "published", "push_protection_enabled": true, "start_delimiter": "[^0-9A-Za-z]", "end_delimiter": "[^0-9A-Za-z]", "must_match": [ "updated_secret_[0-9]{2}*" ], "must_not_match": [ "updated_secret_1234567890ABCDEF" ], "custom_pattern_version": "0ujsswThIGTUYm2K8FjOOfXtY1K", "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-06-01T12:00:00Z" }