Security Managers
Use the REST API to manage security managers in an organization.
About security managers
Note: The security manager role is in public beta and subject to change.
Security manager is an organization-level role that organization owners can assign to any team in an organization. When applied, it gives every member of the team permissions to manage security alerts and settings across your organization, as well as read permissions for all repositories in the organization.
List security manager teams
Lists teams that are security managers for an organization. For more information, see "Managing security managers in your organization."
To use this endpoint, you must be an administrator or security manager for the organization, and you must use an access token with the read:org scope.
GitHub Apps must have the administration organization read permission to use this endpoint.
Parameters
| Headers |
|---|
| Name, Type, Description |
acceptstringSetting to |
| Path parameters |
| Name, Type, Description |
orgstringRequiredThe organization name. The name is not case sensitive. |
HTTP response status codes
| Status code | Description |
|---|---|
200 | OK |
Code samples
curl \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/orgs/ORG/security-managersResponse
Status: 200[
{
"id": 1,
"node_id": "MDQ6VGVhbTE=",
"url": "https://api.github.com/teams/1",
"html_url": "https://github.com/orgs/github/teams/justice-league",
"name": "Justice League",
"slug": "justice-league",
"description": "A great team.",
"privacy": "closed",
"permission": "admin",
"members_url": "https://api.github.com/teams/1/members{/member}",
"repositories_url": "https://api.github.com/teams/1/repos",
"parent": null
}
]Add a security manager team
Adds a team as a security manager for an organization. For more information, see "Managing security for an organization for an organization."
To use this endpoint, you must be an administrator for the organization, and you must use an access token with the write:org scope.
GitHub Apps must have the administration organization read-write permission to use this endpoint.
Parameters
| Headers |
|---|
| Name, Type, Description |
acceptstringSetting to |
| Path parameters |
| Name, Type, Description |
orgstringRequiredThe organization name. The name is not case sensitive. |
team_slugstringRequiredThe slug of the team name. |
HTTP response status codes
| Status code | Description |
|---|---|
204 | No Content |
409 | The organization has reached the maximum number of security manager teams. |
Code samples
curl \
-X PUT \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/orgs/ORG/security-managers/teams/TEAM_SLUGResponse
Status: 204Remove a security manager team
Removes the security manager role from a team for an organization. For more information, see "Managing security managers in your organization team from an organization."
To use this endpoint, you must be an administrator for the organization, and you must use an access token with the admin:org scope.
GitHub Apps must have the administration organization read-write permission to use this endpoint.
Parameters
| Headers |
|---|
| Name, Type, Description |
acceptstringSetting to |
| Path parameters |
| Name, Type, Description |
orgstringRequiredThe organization name. The name is not case sensitive. |
team_slugstringRequiredThe slug of the team name. |
HTTP response status codes
| Status code | Description |
|---|---|
204 | No Content |
Code samples
curl \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/orgs/ORG/security-managers/teams/TEAM_SLUGResponse
Status: 204