Organization configurations
Use the REST API to manage private registry configurations for organizations.
Note
The ability to use the REST API to manage private registries is currently in public preview and subject to change.
List private registries for an organization
Note
This endpoint is in public preview and is subject to change.
Lists all private registry configurations available at the organization-level without revealing their encrypted values.
OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.
Fine-grained access tokens for "List private registries for an organization"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Organization private registries" organization permissions (read)
Parameters for "List private registries for an organization"
| Name, Type, Description |
|---|
accept string Setting to |
| Name, Type, Description |
|---|
org string RequiredThe organization name. The name is not case sensitive. |
| Name, Type, Description |
|---|
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Default: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Default: |
HTTP response status codes for "List private registries for an organization"
| Status code | Description |
|---|---|
200 | OK |
400 | Bad Request |
404 | Resource not found |
Code samples for "List private registries for an organization"
Request example
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/private-registriesResponse
Status: 200{
"total_count": 1,
"configurations": [
{
"name": "MAVEN_REPOSITORY_SECRET",
"registry_type": "maven_repository",
"username": "monalisa",
"created_at": "2019-08-10T14:59:22Z",
"updated_at": "2020-01-10T14:59:22Z",
"visibility": "selected"
}
]
}Create a private registry for an organization
Note
This endpoint is in public preview and is subject to change.
Creates a private registry configuration with an encrypted value for an organization. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API."
OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.
Fine-grained access tokens for "Create a private registry for an organization"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Organization private registries" organization permissions (write)
Parameters for "Create a private registry for an organization"
| Name, Type, Description |
|---|
accept string Setting to |
| Name, Type, Description |
|---|
org string RequiredThe organization name. The name is not case sensitive. |
| Name, Type, Description |
|---|
registry_type string RequiredThe registry type. Value: |
username string or null The username to use when authenticating with the private registry. This field should be omitted if the private registry does not require a username for authentication. |
encrypted_value string RequiredThe value for your secret, encrypted with LibSodium using the public key retrieved from the Get private registries public key for an organization endpoint. |
key_id string RequiredThe ID of the key you used to encrypt the secret. |
visibility string RequiredWhich type of organization repositories have access to the private registry. Can be one of: |
selected_repository_ids array of integers An array of repository IDs that can access the organization private registry. You can only provide a list of repository IDs when |
HTTP response status codes for "Create a private registry for an organization"
| Status code | Description |
|---|---|
201 | The organization private registry configuration |
404 | Resource not found |
422 | Validation failed, or the endpoint has been spammed. |
Code samples for "Create a private registry for an organization"
Request examples
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/private-registries \
-d '{"registry_type":"maven_repository","username":"monalisa","encrypted_value":"c2VjcmV0","key_id":"012345678912345678","visibility":"private"}'The organization private registry configuration
Status: 201{
"name": "MAVEN_REPOSITORY_SECRET",
"registry_type": "maven_repository",
"username": "monalisa",
"visibility": "selected",
"selected_repository_ids": [
1296269,
1296280
],
"created_at": "2019-08-10T14:59:22Z",
"updated_at": "2020-01-10T14:59:22Z"
}Get private registries public key for an organization
Note
This endpoint is in public preview and is subject to change.
Gets the org public key, which is needed to encrypt private registry secrets. You need to encrypt a secret before you can create or update secrets.
OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.
Fine-grained access tokens for "Get private registries public key for an organization"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Organization private registries" organization permissions (read)
Parameters for "Get private registries public key for an organization"
| Name, Type, Description |
|---|
accept string Setting to |
| Name, Type, Description |
|---|
org string RequiredThe organization name. The name is not case sensitive. |
HTTP response status codes for "Get private registries public key for an organization"
| Status code | Description |
|---|---|
200 | OK |
404 | Resource not found |
Code samples for "Get private registries public key for an organization"
Request example
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/private-registries/public-keyResponse
Status: 200{
"key_id": "012345678912345678",
"key": "2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234"
}Get a private registry for an organization
Note
This endpoint is in public preview and is subject to change.
Get the configuration of a single private registry defined for an organization, omitting its encrypted value.
OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.
Fine-grained access tokens for "Get a private registry for an organization"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Organization private registries" organization permissions (read)
Parameters for "Get a private registry for an organization"
| Name, Type, Description |
|---|
accept string Setting to |
| Name, Type, Description |
|---|
org string RequiredThe organization name. The name is not case sensitive. |
secret_name string RequiredThe name of the secret. |
HTTP response status codes for "Get a private registry for an organization"
| Status code | Description |
|---|---|
200 | The specified private registry configuration for the organization |
404 | Resource not found |
Code samples for "Get a private registry for an organization"
Request example
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/private-registries/SECRET_NAMEThe specified private registry configuration for the organization
Status: 200{
"name": "MAVEN_REPOSITORY_SECRET",
"registry_type": "maven_repository",
"username": "monalisa",
"visibility": "private",
"created_at": "2019-08-10T14:59:22Z",
"updated_at": "2020-01-10T14:59:22Z"
}Update a private registry for an organization
Note
This endpoint is in public preview and is subject to change.
Updates a private registry configuration with an encrypted value for an organization. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API."
OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.
Fine-grained access tokens for "Update a private registry for an organization"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Organization private registries" organization permissions (write)
Parameters for "Update a private registry for an organization"
| Name, Type, Description |
|---|
accept string Setting to |
| Name, Type, Description |
|---|
org string RequiredThe organization name. The name is not case sensitive. |
secret_name string RequiredThe name of the secret. |
| Name, Type, Description |
|---|
registry_type string The registry type. Value: |
username string or null The username to use when authenticating with the private registry. This field should be omitted if the private registry does not require a username for authentication. |
encrypted_value string The value for your secret, encrypted with LibSodium using the public key retrieved from the Get private registries public key for an organization endpoint. |
key_id string The ID of the key you used to encrypt the secret. |
visibility string Which type of organization repositories have access to the private registry. Can be one of: |
selected_repository_ids array of integers An array of repository IDs that can access the organization private registry. You can only provide a list of repository IDs when |
HTTP response status codes for "Update a private registry for an organization"
| Status code | Description |
|---|---|
204 | No Content |
404 | Resource not found |
422 | Validation failed, or the endpoint has been spammed. |
Code samples for "Update a private registry for an organization"
Request example
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/private-registries/SECRET_NAME \
-d '{"username":"monalisa","encrypted_value":"c2VjcmV0","key_id":"012345678912345678"}'Response
Status: 204Delete a private registry for an organization
Note
This endpoint is in public preview and is subject to change.
Delete a private registry configuration at the organization-level.
OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.
Fine-grained access tokens for "Delete a private registry for an organization"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Organization private registries" organization permissions (write)
Parameters for "Delete a private registry for an organization"
| Name, Type, Description |
|---|
accept string Setting to |
| Name, Type, Description |
|---|
org string RequiredThe organization name. The name is not case sensitive. |
secret_name string RequiredThe name of the secret. |
HTTP response status codes for "Delete a private registry for an organization"
| Status code | Description |
|---|---|
204 | No Content |
400 | Bad Request |
404 | Resource not found |
Code samples for "Delete a private registry for an organization"
Request example
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/private-registries/SECRET_NAMEResponse
Status: 204