Use the REST API to create and manage security configurations for your organization.
Get code security configurations for an enterprise Code samples for "Get code security configurations for an enterprise" Request exampleget/enterprises/{enterprise}/code-security/configurations
Copy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations
Response
Status: 200
[ { "id": 17, "target_type": "global", "name": "GitHub recommended", "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_validity_checks": "enabled", "secret_scanning_non_provider_patterns": "enabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/17", "html_url": "https://github.com/organizations/octo-enterprise/settings/security_analysis/configurations/17/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" }, { "id": 1326, "target_type": "enterprise", "name": "High risk settings", "description": "This is a code security configuration for octo-enterprise high risk repositories", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "enabled", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1326", "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1326/edit", "created_at": "2024-05-10T00:00:00Z", "updated_at": "2024-05-10T00:00:00Z" } ]
Creates a code security configuration in an enterprise.
The authenticated user must be an administrator of the enterprise in order to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Create a code security configuration for an enterprise" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
enterprise string Required
The slug version of the enterprise name.
Body parameters Name, Type, Descriptionname string Required
The name of the code security configuration. Must be unique within the enterprise.
description string Required
A description of the code security configuration
advanced_security string
The enablement status of GitHub Advanced Security features. enabled will enable both Code Security and Secret Protection features.
Warning
code_security and secret_protection are deprecated values for this field. Prefer the individual code_security and secret_protection fields to set the status of these features.
Default: disabled
Can be one of: enabled, disabled, code_security, secret_protection
code_security string
The enablement status of GitHub Code Security features.
Can be one of: enabled, disabled, not_set
dependency_graph string
The enablement status of Dependency Graph
Default: enabled
Can be one of: enabled, disabled, not_set
dependency_graph_autosubmit_action string
The enablement status of Automatic dependency submission
Default: disabled
Can be one of: enabled, disabled, not_set
dependency_graph_autosubmit_action_options object
Feature options for Automatic dependency submission
Properties ofdependency_graph_autosubmit_action_options Name, Type, Description
labeled_runners boolean
Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.
Default: false
dependabot_alerts string
The enablement status of Dependabot alerts
Default: disabled
Can be one of: enabled, disabled, not_set
dependabot_security_updates string
The enablement status of Dependabot security updates
Default: disabled
Can be one of: enabled, disabled, not_set
code_scanning_options object or null
Security Configuration feature options for code scanning
Properties ofcode_scanning_options Name, Type, Description
allow_advanced boolean or null
Whether to allow repos which use advanced setup
code_scanning_default_setup string
The enablement status of code scanning default setup
Default: disabled
Can be one of: enabled, disabled, not_set
code_scanning_default_setup_options object or null
Feature options for code scanning default setup
Properties ofcode_scanning_default_setup_options Name, Type, Description
runner_type string
Whether to use labeled runners or standard GitHub runners.
Can be one of: standard, labeled, not_set
runner_label string or null
The label of the runner to use for code scanning default setup when runner_type is 'labeled'.
code_scanning_delegated_alert_dismissal string
The enablement status of code scanning delegated alert dismissal
Default: disabled
Can be one of: enabled, disabled, not_set
secret_protection string
The enablement status of GitHub Secret Protection features.
Can be one of: enabled, disabled, not_set
secret_scanning string
The enablement status of secret scanning
Default: disabled
Can be one of: enabled, disabled, not_set
secret_scanning_push_protection string
The enablement status of secret scanning push protection
Default: disabled
Can be one of: enabled, disabled, not_set
secret_scanning_validity_checks string
The enablement status of secret scanning validity checks
Default: disabled
Can be one of: enabled, disabled, not_set
secret_scanning_non_provider_patterns string
The enablement status of secret scanning non provider patterns
Default: disabled
Can be one of: enabled, disabled, not_set
secret_scanning_generic_secrets string
The enablement status of Copilot secret scanning
Default: disabled
Can be one of: enabled, disabled, not_set
secret_scanning_delegated_alert_dismissal string
The enablement status of secret scanning delegated alert dismissal
Default: disabled
Can be one of: enabled, disabled, not_set
private_vulnerability_reporting string
The enablement status of private vulnerability reporting
Default: disabled
Can be one of: enabled, disabled, not_set
enforcement string
The enforcement status for a security configuration
Default: enforced
Can be one of: enforced, unenforced
201
Successfully created code security configuration
400
Bad Request
403
Forbidden
404
Resource not found
Code samples for "Create a code security configuration for an enterprise" Request examplepost/enterprises/{enterprise}/code-security/configurations
Copy to clipboard curl request example
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations \ -d '{"name":"High rish settings","description":"This is a code security configuration for octo-enterprise","advanced_security":"enabled","dependabot_alerts":"enabled","dependabot_security_updates":"not_set","secret_scanning":"enabled"}'
Successfully created code security configuration
Status: 201
{ "id": 1325, "target_type": "enterprise", "name": "High risk settings", "description": "This is a code security configuration for octo-enterprise", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "code_scanning_delegated_alert_dismissal": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "secret_scanning_generic_secrets": "disabled", "secret_scanning_delegated_alert_dismissal": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1325", "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1325/edit", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }
get/enterprises/{enterprise}/code-security/configurations/defaults
Copy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/defaults
Response
Status: 200
[ { "default_for_new_repos": "public", "configuration": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "code_scanning_options": { "allow_advanced": false }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "enabled", "secret_scanning_delegated_bypass_options": { "reviewers": [ { "security_configuration_id": 1325, "reviewer_id": 5678, "reviewer_type": "TEAM" } ] }, "secret_scanning_validity_checks": "enabled", "secret_scanning_non_provider_patterns": "enabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" } }, { "default_for_new_repos": "private_and_internal", "configuration": { "id": 17, "target_type": "global", "name": "GitHub recommended", "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "code_scanning_options": { "allow_advanced": false }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/17", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" } } ]
get/enterprises/{enterprise}/code-security/configurations/{configuration_id}
Copy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/CONFIGURATION_ID
Response
Status: 200
{ "id": 1325, "target_type": "enterprise", "name": "High risk settings", "description": "This is a code security configuration for octo-enterprise", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "code_scanning_delegated_alert_dismissal": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "secret_scanning_generic_secrets": "disabled", "secret_scanning_delegated_alert_dismissal": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1325", "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1325/edit", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }
Updates a code security configuration in an enterprise.
The authenticated user must be an administrator of the enterprise in order to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Update a custom code security configuration for an enterprise" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
enterprise string Required
The slug version of the enterprise name.
configuration_id integer Required
The unique identifier of the code security configuration.
Body parameters Name, Type, Descriptionname string
The name of the code security configuration. Must be unique across the enterprise.
description string
A description of the code security configuration
advanced_security string
The enablement status of GitHub Advanced Security features. enabled will enable both Code Security and Secret Protection features.
Warning
code_security and secret_protection are deprecated values for this field. Prefer the individual code_security and secret_protection fields to set the status of these features.
Can be one of: enabled, disabled, code_security, secret_protection
code_security string
The enablement status of GitHub Code Security features.
Can be one of: enabled, disabled, not_set
dependency_graph string
The enablement status of Dependency Graph
Can be one of: enabled, disabled, not_set
dependency_graph_autosubmit_action string
The enablement status of Automatic dependency submission
Can be one of: enabled, disabled, not_set
dependency_graph_autosubmit_action_options object
Feature options for Automatic dependency submission
Properties ofdependency_graph_autosubmit_action_options Name, Type, Description
labeled_runners boolean
Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.
dependabot_alerts string
The enablement status of Dependabot alerts
Can be one of: enabled, disabled, not_set
dependabot_security_updates string
The enablement status of Dependabot security updates
Can be one of: enabled, disabled, not_set
code_scanning_default_setup string
The enablement status of code scanning default setup
Can be one of: enabled, disabled, not_set
code_scanning_default_setup_options object or null
Feature options for code scanning default setup
Properties ofcode_scanning_default_setup_options Name, Type, Description
runner_type string
Whether to use labeled runners or standard GitHub runners.
Can be one of: standard, labeled, not_set
runner_label string or null
The label of the runner to use for code scanning default setup when runner_type is 'labeled'.
code_scanning_delegated_alert_dismissal string
The enablement status of code scanning delegated alert dismissal
Default: disabled
Can be one of: enabled, disabled, not_set
secret_protection string
The enablement status of GitHub Secret Protection features.
Can be one of: enabled, disabled, not_set
secret_scanning string
The enablement status of secret scanning
Can be one of: enabled, disabled, not_set
secret_scanning_push_protection string
The enablement status of secret scanning push protection
Can be one of: enabled, disabled, not_set
secret_scanning_validity_checks string
The enablement status of secret scanning validity checks
Can be one of: enabled, disabled, not_set
secret_scanning_non_provider_patterns string
The enablement status of secret scanning non-provider patterns
Can be one of: enabled, disabled, not_set
secret_scanning_generic_secrets string
The enablement status of Copilot secret scanning
Default: disabled
Can be one of: enabled, disabled, not_set
secret_scanning_delegated_alert_dismissal string
The enablement status of secret scanning delegated alert dismissal
Default: disabled
Can be one of: enabled, disabled, not_set
private_vulnerability_reporting string
The enablement status of private vulnerability reporting
Can be one of: enabled, disabled, not_set
enforcement string
The enforcement status for a security configuration
Can be one of: enforced, unenforced
200
OK
304
Not modified
403
Forbidden
404
Resource not found
409
Conflict
Code samples for "Update a custom code security configuration for an enterprise" Request examplepatch/enterprises/{enterprise}/code-security/configurations/{configuration_id}
Copy to clipboard curl request example
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/CONFIGURATION_ID \ -d '{"name":"octo-enterprise recommended settings v2","secret_scanning":"disabled","code_scanning_default_setup":"enabled"}'
Response
Status: 200
{ "id": 1325, "target_type": "enterprise", "name": "High risk settings", "description": "This is a code security configuration for octo-enterprise", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "code_scanning_delegated_alert_dismissal": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "secret_scanning_generic_secrets": "disabled", "secret_scanning_delegated_alert_dismissal": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1325", "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1325/edit", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }
Attaches an enterprise code security configuration to repositories. If the repositories specified are already attached to a configuration, they will be re-attached to the provided configuration.
If insufficient GHAS licenses are available to attach the configuration to a repository, only free features will be enabled.
The authenticated user must be an administrator for the enterprise to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Attach an enterprise configuration to repositories" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
enterprise string Required
The slug version of the enterprise name.
configuration_id integer Required
The unique identifier of the code security configuration.
Body parameters Name, Type, Descriptionscope string Required
The type of repositories to attach the configuration to.
Can be one of: all, all_without_configurations
202
Accepted
403
Forbidden
404
Resource not found
409
Conflict
Code samples for "Attach an enterprise configuration to repositories" Request examplepost/enterprises/{enterprise}/code-security/configurations/{configuration_id}/attach
Copy to clipboard curl request example
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/CONFIGURATION_ID/attach \ -d '{"scope":"all"}'
Accepted
Set a code security configuration as a default for an enterpriseSets a code security configuration as a default to be applied to new repositories in your enterprise.
This configuration will be applied by default to the matching repository type when created, but only for organizations within the enterprise that do not already have a default code security configuration set.
The authenticated user must be an administrator for the enterprise to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Set a code security configuration as a default for an enterprise" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
enterprise string Required
The slug version of the enterprise name.
configuration_id integer Required
The unique identifier of the code security configuration.
Body parameters Name, Type, Descriptiondefault_for_new_repos string
Specify which types of repository this security configuration should be applied to by default.
Can be one of: all, none, private_and_internal, public
200
Default successfully changed.
403
Forbidden
404
Resource not found
Code samples for "Set a code security configuration as a default for an enterprise" Request exampleput/enterprises/{enterprise}/code-security/configurations/{configuration_id}/defaults
Copy to clipboard curl request example
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/CONFIGURATION_ID/defaults \ -d '{"default_for_new_repos":"all"}'
Default successfully changed.
Status: 200
{ "default_for_new_repos": "all", "configuration": { "value": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "code_scanning_options": { "allow_advanced": false }, "code_scanning_delegated_alert_dismissal": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "secret_scanning_generic_secrets": "disabled", "secret_scanning_delegated_alert_dismissal": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" } } }
Lists the repositories associated with an enterprise code security configuration in an organization.
The authenticated user must be an administrator of the enterprise in order to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Get repositories associated with an enterprise code security configuration" Headers Name, Type, Descriptionaccept string
Setting to application/vnd.github+json is recommended.
enterprise string Required
The slug version of the enterprise name.
configuration_id integer Required
The unique identifier of the code security configuration.
Query parameters Name, Type, Descriptionper_page integer
The number of results per page (max 100). For more information, see "Using pagination in the REST API."
Default: 30
before string
A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."
after string
A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."
status string
A comma-separated list of statuses. If specified, only repositories with these attachment statuses will be returned.
Can be: all, attached, attaching, removed, enforced, failed, updating, removed_by_enterprise
Default: all
200
OK
403
Forbidden
404
Resource not found
Code samples for "Get repositories associated with an enterprise code security configuration" Request exampleget/enterprises/{enterprise}/code-security/configurations/{configuration_id}/repositories
Copy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/CONFIGURATION_ID/repositories
Example of code security configuration repositories
Status: 200
[ { "status": "attached", "repository": { "value": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "This your first repo!", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "git_url": "git:github.com/octocat/Hello-World.git", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "ssh_url": "git@github.com:octocat/Hello-World.git", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" } } } ]
Lists all code security configurations available in an organization.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the read:org scope to use this endpoint.
This endpoint works with the following fine-grained token types:
The fine-grained token must have the following permission set:
accept string
Setting to application/vnd.github+json is recommended.
org string Required
The organization name. The name is not case sensitive.
Query parameters Name, Type, Descriptiontarget_type string
The target type of the code security configuration
Default: all
Can be one of: global, all
per_page integer
The number of results per page (max 100). For more information, see "Using pagination in the REST API."
Default: 30
before string
A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."
after string
A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."
HTTP response status codes for "Get code security configurations for an organization" Status code Description200
OK
403
Forbidden
404
Resource not found
Code samples for "Get code security configurations for an organization" Request exampleget/orgs/{org}/code-security/configurations
Copy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations
Response
Status: 200
[ { "id": 17, "target_type": "global", "name": "GitHub recommended", "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_delagated_alert_dismissal": "enabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "enabled", "secret_scanning_delegated_bypass_options": { "reviewers": [ { "security_configuration_id": 17, "reviewer_id": 5678, "reviewer_type": "TEAM" } ] }, "secret_scanning_validity_checks": "enabled", "secret_scanning_non_provider_patterns": "enabled", "secret_scanning_delegated_alert_dismissal": "not_set", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/17", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" }, { "id": 1326, "target_type": "organization", "name": "High risk settings", "description": "This is a code security configuration for octo-org high risk repositories", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "enabled", "code_scanning_default_setup": "enabled", "code_scanning_delagated_alert_dismissal": "enabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "secret_scanning_delegated_alert_dismissal": "disabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1326", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1326", "created_at": "2024-05-10T00:00:00Z", "updated_at": "2024-05-10T00:00:00Z" } ]
Creates a code security configuration in an organization.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
This endpoint works with the following fine-grained token types:
The fine-grained token must have the following permission set:
accept string
Setting to application/vnd.github+json is recommended.
org string Required
The organization name. The name is not case sensitive.
Body parameters Name, Type, Descriptionname string Required
The name of the code security configuration. Must be unique within the organization.
description string Required
A description of the code security configuration
advanced_security string
The enablement status of GitHub Advanced Security features. enabled will enable both Code Security and Secret Protection features.
Warning
code_security and secret_protection are deprecated values for this field. Prefer the individual code_security and secret_protection fields to set the status of these features.
Default: disabled
Can be one of: enabled, disabled, code_security, secret_protection
code_security string
The enablement status of GitHub Code Security features.
Can be one of: enabled, disabled, not_set
dependency_graph string
The enablement status of Dependency Graph
Default: enabled
Can be one of: enabled, disabled, not_set
dependency_graph_autosubmit_action string
The enablement status of Automatic dependency submission
Default: disabled
Can be one of: enabled, disabled, not_set
dependency_graph_autosubmit_action_options object
Feature options for Automatic dependency submission
Properties ofdependency_graph_autosubmit_action_options Name, Type, Description
labeled_runners boolean
Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.
Default: false
dependabot_alerts string
The enablement status of Dependabot alerts
Default: disabled
Can be one of: enabled, disabled, not_set
dependabot_security_updates string
The enablement status of Dependabot security updates
Default: disabled
Can be one of: enabled, disabled, not_set
code_scanning_options object or null
Security Configuration feature options for code scanning
Properties ofcode_scanning_options Name, Type, Description
allow_advanced boolean or null
Whether to allow repos which use advanced setup
code_scanning_default_setup string
The enablement status of code scanning default setup
Default: disabled
Can be one of: enabled, disabled, not_set
code_scanning_default_setup_options object or null
Feature options for code scanning default setup
Properties ofcode_scanning_default_setup_options Name, Type, Description
runner_type string
Whether to use labeled runners or standard GitHub runners.
Can be one of: standard, labeled, not_set
runner_label string or null
The label of the runner to use for code scanning default setup when runner_type is 'labeled'.
code_scanning_delegated_alert_dismissal string
The enablement status of code scanning delegated alert dismissal
Default: not_set
Can be one of: enabled, disabled, not_set
secret_protection string
The enablement status of GitHub Secret Protection features.
Can be one of: enabled, disabled, not_set
secret_scanning string
The enablement status of secret scanning
Default: disabled
Can be one of: enabled, disabled, not_set
secret_scanning_push_protection string
The enablement status of secret scanning push protection
Default: disabled
Can be one of: enabled, disabled, not_set
secret_scanning_delegated_bypass string
The enablement status of secret scanning delegated bypass
Default: disabled
Can be one of: enabled, disabled, not_set
secret_scanning_delegated_bypass_options object
Feature options for secret scanning delegated bypass
Properties ofsecret_scanning_delegated_bypass_options Name, Type, Description
reviewers array of objects
The bypass reviewers for secret scanning delegated bypass
Properties ofreviewers Name, Type, Description
reviewer_id integer Required
The ID of the team or role selected as a bypass reviewer
reviewer_type string Required
The type of the bypass reviewer
Can be one of: TEAM, ROLE
secret_scanning_validity_checks string
The enablement status of secret scanning validity checks
Default: disabled
Can be one of: enabled, disabled, not_set
secret_scanning_non_provider_patterns string
The enablement status of secret scanning non provider patterns
Default: disabled
Can be one of: enabled, disabled, not_set
secret_scanning_generic_secrets string
The enablement status of Copilot secret scanning
Default: disabled
Can be one of: enabled, disabled, not_set
secret_scanning_delegated_alert_dismissal string
The enablement status of secret scanning delegated alert dismissal
Can be one of: enabled, disabled, not_set
private_vulnerability_reporting string
The enablement status of private vulnerability reporting
Default: disabled
Can be one of: enabled, disabled, not_set
enforcement string
The enforcement status for a security configuration
Default: enforced
Can be one of: enforced, unenforced
201
Successfully created code security configuration
Code samples for "Create a code security configuration" Request examplepost/orgs/{org}/code-security/configurations
Copy to clipboard curl request example
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations \ -d '{"name":"octo-org recommended settings","description":"This is a code security configuration for octo-org","advanced_security":"enabled","dependabot_alerts":"enabled","dependabot_security_updates":"not_set","secret_scanning":"enabled"}'
Successfully created code security configuration
Status: 201
{ "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "code_scanning_options": { "allow_advanced": false }, "code_scanning_delegated_alert_dismissal": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "secret_scanning_generic_secrets": "disabled", "secret_scanning_delegated_alert_dismissal": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }
get/orgs/{org}/code-security/configurations/defaults
Copy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/defaults
Response
Status: 200
[ { "default_for_new_repos": "public", "configuration": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "code_scanning_options": { "allow_advanced": false }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "enabled", "secret_scanning_delegated_bypass_options": { "reviewers": [ { "security_configuration_id": 1325, "reviewer_id": 5678, "reviewer_type": "TEAM" } ] }, "secret_scanning_validity_checks": "enabled", "secret_scanning_non_provider_patterns": "enabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" } }, { "default_for_new_repos": "private_and_internal", "configuration": { "id": 17, "target_type": "global", "name": "GitHub recommended", "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "code_scanning_options": { "allow_advanced": false }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/17", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" } } ]
delete/orgs/{org}/code-security/configurations/detach
Copy to clipboard curl request example
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/detach \ -d '{"selected_repository_ids":[32,91]}'
A header with no content is returned.
Get a code security configuration Code samples for "Get a code security configuration" Request exampleget/orgs/{org}/code-security/configurations/{configuration_id}
Copy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID
Response
Status: 200
{ "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "code_scanning_options": { "allow_advanced": false }, "code_scanning_delegated_alert_dismissal": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "secret_scanning_generic_secrets": "disabled", "secret_scanning_delegated_alert_dismissal": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }
Updates a code security configuration in an organization.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
This endpoint works with the following fine-grained token types:
The fine-grained token must have the following permission set:
accept string
Setting to application/vnd.github+json is recommended.
org string Required
The organization name. The name is not case sensitive.
configuration_id integer Required
The unique identifier of the code security configuration.
Body parameters Name, Type, Descriptionname string
The name of the code security configuration. Must be unique within the organization.
description string
A description of the code security configuration
advanced_security string
The enablement status of GitHub Advanced Security features. enabled will enable both Code Security and Secret Protection features.
Warning
code_security and secret_protection are deprecated values for this field. Prefer the individual code_security and secret_protection fields to set the status of these features.
Can be one of: enabled, disabled, code_security, secret_protection
code_security string
The enablement status of GitHub Code Security features.
Can be one of: enabled, disabled, not_set
dependency_graph string
The enablement status of Dependency Graph
Can be one of: enabled, disabled, not_set
dependency_graph_autosubmit_action string
The enablement status of Automatic dependency submission
Can be one of: enabled, disabled, not_set
dependency_graph_autosubmit_action_options object
Feature options for Automatic dependency submission
Properties ofdependency_graph_autosubmit_action_options Name, Type, Description
labeled_runners boolean
Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.
dependabot_alerts string
The enablement status of Dependabot alerts
Can be one of: enabled, disabled, not_set
dependabot_security_updates string
The enablement status of Dependabot security updates
Can be one of: enabled, disabled, not_set
code_scanning_default_setup string
The enablement status of code scanning default setup
Can be one of: enabled, disabled, not_set
code_scanning_default_setup_options object or null
Feature options for code scanning default setup
Properties ofcode_scanning_default_setup_options Name, Type, Description
runner_type string
Whether to use labeled runners or standard GitHub runners.
Can be one of: standard, labeled, not_set
runner_label string or null
The label of the runner to use for code scanning default setup when runner_type is 'labeled'.
code_scanning_delegated_alert_dismissal string
The enablement status of code scanning delegated alert dismissal
Default: disabled
Can be one of: enabled, disabled, not_set
secret_protection string
The enablement status of GitHub Secret Protection features.
Can be one of: enabled, disabled, not_set
secret_scanning string
The enablement status of secret scanning
Can be one of: enabled, disabled, not_set
secret_scanning_push_protection string
The enablement status of secret scanning push protection
Can be one of: enabled, disabled, not_set
secret_scanning_delegated_bypass string
The enablement status of secret scanning delegated bypass
Can be one of: enabled, disabled, not_set
secret_scanning_delegated_bypass_options object
Feature options for secret scanning delegated bypass
Properties ofsecret_scanning_delegated_bypass_options Name, Type, Description
reviewers array of objects
The bypass reviewers for secret scanning delegated bypass
Properties ofreviewers Name, Type, Description
reviewer_id integer Required
The ID of the team or role selected as a bypass reviewer
reviewer_type string Required
The type of the bypass reviewer
Can be one of: TEAM, ROLE
secret_scanning_validity_checks string
The enablement status of secret scanning validity checks
Can be one of: enabled, disabled, not_set
secret_scanning_non_provider_patterns string
The enablement status of secret scanning non-provider patterns
Can be one of: enabled, disabled, not_set
secret_scanning_generic_secrets string
The enablement status of Copilot secret scanning
Can be one of: enabled, disabled, not_set
secret_scanning_delegated_alert_dismissal string
The enablement status of secret scanning delegated alert dismissal
Can be one of: enabled, disabled, not_set
private_vulnerability_reporting string
The enablement status of private vulnerability reporting
Can be one of: enabled, disabled, not_set
enforcement string
The enforcement status for a security configuration
Can be one of: enforced, unenforced
200
Response when a configuration is updated
204
Response when no new updates are made
Code samples for "Update a code security configuration" Request examplepatch/orgs/{org}/code-security/configurations/{configuration_id}
Copy to clipboard curl request example
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID \ -d '{"name":"octo-org recommended settings v2","secret_scanning":"disabled","code_scanning_default_setup":"enabled"}'
Response when a configuration is updated
Status: 200
{ "id": 1325, "target_type": "organization", "name": "octo-org recommended settings v2", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "code_scanning_options": { "allow_advanced": false }, "code_scanning_delegated_alert_dismissal": "disabled", "secret_scanning": "disabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "secret_scanning_generic_secrets": "disabled", "secret_scanning_delegated_alert_dismissal": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }
delete/orgs/{org}/code-security/configurations/{configuration_id}
Copy to clipboard curl request example
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID
A header with no content is returned.
Attach a configuration to repositoriesAttach a code security configuration to a set of repositories. If the repositories specified are already attached to a configuration, they will be re-attached to the provided configuration.
If insufficient GHAS licenses are available to attach the configuration to a repository, only free features will be enabled.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
This endpoint works with the following fine-grained token types:
The fine-grained token must have the following permission set:
accept string
Setting to application/vnd.github+json is recommended.
org string Required
The organization name. The name is not case sensitive.
configuration_id integer Required
The unique identifier of the code security configuration.
Body parameters Name, Type, Descriptionscope string Required
The type of repositories to attach the configuration to. selected means the configuration will be attached to only the repositories specified by selected_repository_ids
Can be one of: all, all_without_configurations, public, private_or_internal, selected
selected_repository_ids array of integers
An array of repository IDs to attach the configuration to. You can only provide a list of repository ids when the scope is set to selected.
202
Accepted
Code samples for "Attach a configuration to repositories" Request examplepost/orgs/{org}/code-security/configurations/{configuration_id}/attach
Copy to clipboard curl request example
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID/attach \ -d '{"scope":"selected","selected_repository_ids":[32,91]}'
Accepted
Set a code security configuration as a default for an organizationSets a code security configuration as a default to be applied to new repositories in your organization.
This configuration will be applied to the matching repository type (all, none, public, private and internal) by default when they are created.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
This endpoint works with the following fine-grained token types:
The fine-grained token must have the following permission set:
accept string
Setting to application/vnd.github+json is recommended.
org string Required
The organization name. The name is not case sensitive.
configuration_id integer Required
The unique identifier of the code security configuration.
Body parameters Name, Type, Descriptiondefault_for_new_repos string
Specify which types of repository this security configuration should be applied to by default.
Can be one of: all, none, private_and_internal, public
200
Default successfully changed.
403
Forbidden
404
Resource not found
Code samples for "Set a code security configuration as a default for an organization" Request exampleput/orgs/{org}/code-security/configurations/{configuration_id}/defaults
Copy to clipboard curl request example
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID/defaults \ -d '{"default_for_new_repos":"all"}'
Default successfully changed.
Status: 200
{ "default_for_new_repos": "all", "configuration": { "value": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "code_scanning_options": { "allow_advanced": false }, "code_scanning_delegated_alert_dismissal": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "secret_scanning_generic_secrets": "disabled", "secret_scanning_delegated_alert_dismissal": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" } } }
Lists the repositories associated with a code security configuration in an organization.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the read:org scope to use this endpoint.
This endpoint works with the following fine-grained token types:
The fine-grained token must have the following permission set:
accept string
Setting to application/vnd.github+json is recommended.
org string Required
The organization name. The name is not case sensitive.
configuration_id integer Required
The unique identifier of the code security configuration.
Query parameters Name, Type, Descriptionper_page integer
The number of results per page (max 100). For more information, see "Using pagination in the REST API."
Default: 30
before string
A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."
after string
A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."
status string
A comma-separated list of statuses. If specified, only repositories with these attachment statuses will be returned.
Can be: all, attached, attaching, detached, removed, enforced, failed, updating, removed_by_enterprise
Default: all
200
OK
403
Forbidden
404
Resource not found
Code samples for "Get repositories associated with a code security configuration" Request exampleget/orgs/{org}/code-security/configurations/{configuration_id}/repositories
Copy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID/repositories
Example of code security configuration repositories
Status: 200
[ { "status": "attached", "repository": { "value": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "This your first repo!", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "git_url": "git:github.com/octocat/Hello-World.git", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "ssh_url": "git@github.com:octocat/Hello-World.git", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" } } } ]
get/repos/{owner}/{repo}/code-security-configuration
Copy to clipboard curl request example
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-security-configuration
Response
Status: 200
{ "status": "attached", "configuration": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "code_scanning_delegated_alert_dismissal": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "secret_scanning_generic_secrets": "disabled", "secret_scanning_delegated_alert_dismissal": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" } }
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4