Ahora la API de REST tiene control de versiones. Para obtener más información, consulta "Acerca del control de versiones de la API".

OIDC de Acciones de GitHub

Usa la API REST para interactuar con los JWT de las notificaciones de sujeto de OIDC en GitHub Actions.

Acerca de OIDC en GitHub Actions

Puedes usar la API de REST para consultar y administrar una plantilla de personalización para una notificación de asunto de OpenID Connect (OIDC). Para obtener más información, vea «Acerca del fortalecimiento de seguridad con OpenID Connect».

Set the GitHub Actions OIDC custom issuer policy for an enterprise

Sets the GitHub Actions OpenID Connect (OIDC) custom issuer policy for an enterprise. You must authenticate using an access token with the admin:enterprise scope to use this endpoint.

Parámetros para "Set the GitHub Actions OIDC custom issuer policy for an enterprise"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de la ruta de acceso
enterprise string Requerido

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

Parámetros del cuerpo
include_enterprise_slug boolean

Whether the enterprise customer requested a custom issuer URL.

Códigos de estado de respuesta HTTP para "Set the GitHub Actions OIDC custom issuer policy for an enterprise"

status codeDescripción
204

No Content

Ejemplos de código para "Set the GitHub Actions OIDC custom issuer policy for an enterprise"

put/enterprises/{enterprise}/actions/oidc/customization/issuer
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/actions/oidc/customization/issuer \ -d '{"include_enterprise_slug":true}'

Response

Status: 204

Get the customization template for an OIDC subject claim for an organization

Funciona con GitHub Apps

Gets the customization template for an OpenID Connect (OIDC) subject claim. You must authenticate using an access token with the read:org scope to use this endpoint. GitHub Apps must have the organization_administration:write permission to use this endpoint.

Parámetros para "Get the customization template for an OIDC subject claim for an organization"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de la ruta de acceso
org string Requerido

The organization name. The name is not case sensitive.

Códigos de estado de respuesta HTTP para "Get the customization template for an OIDC subject claim for an organization"

status codeDescripción
200

A JSON serialized template for OIDC subject claim customization

Ejemplos de código para "Get the customization template for an OIDC subject claim for an organization"

get/orgs/{org}/actions/oidc/customization/sub
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/actions/oidc/customization/sub

A JSON serialized template for OIDC subject claim customization

Status: 200
{ "include_claim_keys": [ "repo", "context" ] }

Set the customization template for an OIDC subject claim for an organization

Funciona con GitHub Apps

Creates or updates the customization template for an OpenID Connect (OIDC) subject claim. You must authenticate using an access token with the write:org scope to use this endpoint. GitHub Apps must have the admin:org permission to use this endpoint.

Parámetros para "Set the customization template for an OIDC subject claim for an organization"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de la ruta de acceso
org string Requerido

The organization name. The name is not case sensitive.

Parámetros del cuerpo
include_claim_keys array of strings Requerido

Array of unique strings. Each claim key can only contain alphanumeric characters and underscores.

Códigos de estado de respuesta HTTP para "Set the customization template for an OIDC subject claim for an organization"

status codeDescripción
201

Empty response

403

Forbidden

404

Resource not found

Ejemplos de código para "Set the customization template for an OIDC subject claim for an organization"

put/orgs/{org}/actions/oidc/customization/sub
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/actions/oidc/customization/sub \ -d '{"include_claim_keys":["repo","context"]}'

Empty response

Status: 201

Get the customization template for an OIDC subject claim for a repository

Funciona con GitHub Apps

Gets the customization template for an OpenID Connect (OIDC) subject claim. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the organization_administration:read permission to use this endpoint.

Parámetros para "Get the customization template for an OIDC subject claim for a repository"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de la ruta de acceso
owner string Requerido

The account owner of the repository. The name is not case sensitive.

repo string Requerido

The name of the repository without the .git extension. The name is not case sensitive.

Códigos de estado de respuesta HTTP para "Get the customization template for an OIDC subject claim for a repository"

status codeDescripción
200

Status response

400

Bad Request

404

Resource not found

Ejemplos de código para "Get the customization template for an OIDC subject claim for a repository"

get/repos/{owner}/{repo}/actions/oidc/customization/sub
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/actions/oidc/customization/sub

Status response

Status: 200
{ "use_default": false, "include_claim_keys": [ "repo", "context" ] }

Set the customization template for an OIDC subject claim for a repository

Funciona con GitHub Apps

Sets the customization template and opt-in or opt-out flag for an OpenID Connect (OIDC) subject claim for a repository. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

Parámetros para "Set the customization template for an OIDC subject claim for a repository"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de la ruta de acceso
owner string Requerido

The account owner of the repository. The name is not case sensitive.

repo string Requerido

The name of the repository without the .git extension. The name is not case sensitive.

Parámetros del cuerpo
use_default boolean Requerido

Whether to use the default template or not. If true, the include_claim_keys field is ignored.

include_claim_keys array of strings

Array of unique strings. Each claim key can only contain alphanumeric characters and underscores.

Códigos de estado de respuesta HTTP para "Set the customization template for an OIDC subject claim for a repository"

status codeDescripción
201

Empty response

400

Bad Request

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Ejemplos de código para "Set the customization template for an OIDC subject claim for a repository"

put/repos/{owner}/{repo}/actions/oidc/customization/sub
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/actions/oidc/customization/sub \ -d '{"use_default":false,"include_claim_keys":["repo","context"]}'

Empty response

Status: 201