Die REST-API verfügt jetzt über eine Versionskontrolle. Weitere Informationen findest du unter Informationen zur API-Versionsverwaltung.

GitHub Actions OIDC

Verwende die REST-API zum Interagieren mit JWTs für OIDC-Antragstelleransprüche in GitHub Actions.

Informationen zu GitHub Actions OIDC

Sie können die REST-API verwenden, um eine Anpassungsvorlage für einen OpenID Connect (OIDC)-Antragstelleranspruch abzufragen und zu verwalten. Weitere Informationen findest du unter Informationen zur Sicherheitshärtung mit OpenID Connect.

Set the GitHub Actions OIDC custom issuer policy for an enterprise

Sets the GitHub Actions OpenID Connect (OIDC) custom issuer policy for an enterprise. You must authenticate using an access token with the admin:enterprise scope to use this endpoint.

Parameter für „Set the GitHub Actions OIDC custom issuer policy for an enterprise“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
enterprise string Erforderlich

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

Textparameter
include_enterprise_slug boolean

Whether the enterprise customer requested a custom issuer URL.

HTTP-Antwortstatuscodes für „Set the GitHub Actions OIDC custom issuer policy for an enterprise“

StatuscodeBESCHREIBUNG
204

No Content

Codebeispiele für „Set the GitHub Actions OIDC custom issuer policy for an enterprise“

put/enterprises/{enterprise}/actions/oidc/customization/issuer
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/actions/oidc/customization/issuer \ -d '{"include_enterprise_slug":true}'

Response

Status: 204

Get the customization template for an OIDC subject claim for an organization

Funktioniert mit GitHub Apps

Gets the customization template for an OpenID Connect (OIDC) subject claim. You must authenticate using an access token with the read:org scope to use this endpoint. GitHub Apps must have the organization_administration:write permission to use this endpoint.

Parameter für „Get the customization template for an OIDC subject claim for an organization“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
org string Erforderlich

The organization name. The name is not case sensitive.

HTTP-Antwortstatuscodes für „Get the customization template for an OIDC subject claim for an organization“

StatuscodeBESCHREIBUNG
200

A JSON serialized template for OIDC subject claim customization

Codebeispiele für „Get the customization template for an OIDC subject claim for an organization“

get/orgs/{org}/actions/oidc/customization/sub
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/actions/oidc/customization/sub

A JSON serialized template for OIDC subject claim customization

Status: 200
{ "include_claim_keys": [ "repo", "context" ] }

Set the customization template for an OIDC subject claim for an organization

Funktioniert mit GitHub Apps

Creates or updates the customization template for an OpenID Connect (OIDC) subject claim. You must authenticate using an access token with the write:org scope to use this endpoint. GitHub Apps must have the admin:org permission to use this endpoint.

Parameter für „Set the customization template for an OIDC subject claim for an organization“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
org string Erforderlich

The organization name. The name is not case sensitive.

Textparameter
include_claim_keys array of strings Erforderlich

Array of unique strings. Each claim key can only contain alphanumeric characters and underscores.

HTTP-Antwortstatuscodes für „Set the customization template for an OIDC subject claim for an organization“

StatuscodeBESCHREIBUNG
201

Empty response

403

Forbidden

404

Resource not found

Codebeispiele für „Set the customization template for an OIDC subject claim for an organization“

put/orgs/{org}/actions/oidc/customization/sub
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/actions/oidc/customization/sub \ -d '{"include_claim_keys":["repo","context"]}'

Empty response

Status: 201

Get the customization template for an OIDC subject claim for a repository

Funktioniert mit GitHub Apps

Gets the customization template for an OpenID Connect (OIDC) subject claim. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the organization_administration:read permission to use this endpoint.

Parameter für „Get the customization template for an OIDC subject claim for a repository“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

HTTP-Antwortstatuscodes für „Get the customization template for an OIDC subject claim for a repository“

StatuscodeBESCHREIBUNG
200

Status response

400

Bad Request

404

Resource not found

Codebeispiele für „Get the customization template for an OIDC subject claim for a repository“

get/repos/{owner}/{repo}/actions/oidc/customization/sub
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/actions/oidc/customization/sub

Status response

Status: 200
{ "use_default": false, "include_claim_keys": [ "repo", "context" ] }

Set the customization template for an OIDC subject claim for a repository

Funktioniert mit GitHub Apps

Sets the customization template and opt-in or opt-out flag for an OpenID Connect (OIDC) subject claim for a repository. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

Parameter für „Set the customization template for an OIDC subject claim for a repository“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

Textparameter
use_default boolean Erforderlich

Whether to use the default template or not. If true, the include_claim_keys field is ignored.

include_claim_keys array of strings

Array of unique strings. Each claim key can only contain alphanumeric characters and underscores.

HTTP-Antwortstatuscodes für „Set the customization template for an OIDC subject claim for a repository“

StatuscodeBESCHREIBUNG
201

Empty response

400

Bad Request

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Codebeispiele für „Set the customization template for an OIDC subject claim for a repository“

put/repos/{owner}/{repo}/actions/oidc/customization/sub
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/actions/oidc/customization/sub \ -d '{"use_default":false,"include_claim_keys":["repo","context"]}'

Empty response

Status: 201