REST API endpoints for push protection bypass requests
Use the REST API to manage push protection bypass requests for secret scanning.
List bypass requests for secret scanning for an org
List requests to bypass secret scanning push protection in an org.
Delegated bypass must be enabled on repositories in the org and the user must be a bypass reviewer to access this endpoint.
Personal access tokens (classic) need the security_events
scope to use this endpoint.
Jetons dâaccĂšs affinĂ©s pour « List bypass requests for secret scanning for an org »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
Le jeton prĂ©cis doit avoir lâensemble dâautorisations suivant:
- "Secret scanning alerts" repository permissions (read)
ParamÚtres pour « List bypass requests for secret scanning for an org »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
org string ObligatoireThe organization name. The name is not case sensitive. |
Nom, Type, Description |
---|
repository_name string The name of the repository to filter on. |
reviewer string Filter bypass requests by the handle of the GitHub user who reviewed the bypass request. |
requester string Filter bypass requests by the handle of the GitHub user who requested the bypass. |
time_period string The time period to filter by. For example, Default: Peut ĂȘtre: |
request_status string The status of the bypass request to filter on. When specified, only requests with this status will be returned. Default: Peut ĂȘtre: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Default: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Default: |
Codes dâĂ©tat de la rĂ©ponse HTTP pour « List bypass requests for secret scanning for an org »
Code dâĂ©tat | Description |
---|---|
200 | OK |
404 | Resource not found |
500 | Internal Error |
Exemples de code pour « List bypass requests for secret scanning for an org »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requĂȘte
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/bypass-requests/secret-scanning
Response
Status: 200
[
{
"id": 21,
"number": 42,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "secret_scanning",
"data": [
{
"secret_type": "adafruit_io_key",
"bypass_reason": "used_in_tests",
"path": "/tests/README.md:16:0",
"branch": "refs/heads/main"
}
],
"resource_identifier": "827efc6d56897b048c772eb4087f854f46256132",
"status": "denied",
"requester_comment": "Test token used in the readme as an example",
"expires_at": "2024-07-08T08:43:03Z",
"created_at": "2024-07-01T08:43:03Z",
"responses": [
{
"id": 42,
"reviewer": {
"actor_id": 4,
"actor_name": "octocat"
},
"status": "denied",
"created_at": "2024-07-02T08:43:04Z"
}
],
"url": "https://api.github.com/repos/octo-org/smile/bypass-requests/secret-scanning/1",
"html_url": "https://github.com/octo-org/smile/exemptions/1"
},
{
"id": 12,
"number": 24,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "secret_scanning",
"data": [
{
"secret_type": "adafruit_io_key",
"bypass_reason": "fix_later",
"path": "README.md:17:0",
"branch": "refs/heads/my-branch"
}
],
"resource_identifier": "827efc6d56897b048c772eb4087f854f46255555",
"status": "denied",
"requester_comment": "Token is already revoked, I'll remove it later",
"expires_at": "2024-07-08T07:43:03Z",
"created_at": "2024-07-01T07:43:03Z",
"responses": [
{
"id": 42,
"reviewer": {
"actor_id": 4,
"actor_name": "octocat"
},
"status": "denied",
"created_at": "2024-07-02T08:43:04Z"
}
],
"url": "https://api.github.com/repos/octo-org/smile/bypass-requests/secret-scanning/2",
"html_url": "https://github.com/octo-org/smile/exemptions/2"
}
]
List bypass requests for secret scanning for a repository
Lists requests to bypass secret scanning push protection in a repository.
Delegated bypass must be enabled on the repository and the user must be a bypass reviewer to access this endpoint.
Personal access tokens (classic) need the security_events
scope to use this endpoint.
Jetons dâaccĂšs affinĂ©s pour « List bypass requests for secret scanning for a repository »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
Le jeton prĂ©cis doit avoir lâensemble dâautorisations suivant:
- "Secret scanning alerts" repository permissions (read)
ParamÚtres pour « List bypass requests for secret scanning for a repository »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
owner string ObligatoireThe account owner of the repository. The name is not case sensitive. |
repo string ObligatoireThe name of the repository without the |
Nom, Type, Description |
---|
reviewer string Filter bypass requests by the handle of the GitHub user who reviewed the bypass request. |
requester string Filter bypass requests by the handle of the GitHub user who requested the bypass. |
time_period string The time period to filter by. For example, Default: Peut ĂȘtre: |
request_status string The status of the bypass request to filter on. When specified, only requests with this status will be returned. Default: Peut ĂȘtre: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Default: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Default: |
Codes dâĂ©tat de la rĂ©ponse HTTP pour « List bypass requests for secret scanning for a repository »
Code dâĂ©tat | Description |
---|---|
200 | A list of the bypass requests. |
403 | Forbidden |
404 | Resource not found |
500 | Internal Error |
Exemples de code pour « List bypass requests for secret scanning for a repository »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requĂȘte
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/bypass-requests/secret-scanning
A list of the bypass requests.
Status: 200
[
{
"id": 21,
"number": 42,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "secret_scanning",
"data": [
{
"secret_type": "adafruit_io_key",
"bypass_reason": "used_in_tests",
"path": "/tests/README.md:16:0",
"branch": "refs/heads/main"
}
],
"resource_identifier": "827efc6d56897b048c772eb4087f854f46256132",
"status": "denied",
"requester_comment": "Test token used in the readme as an example",
"expires_at": "2024-07-08T08:43:03Z",
"created_at": "2024-07-01T08:43:03Z",
"responses": [
{
"id": 42,
"reviewer": {
"actor_id": 4,
"actor_name": "octocat"
},
"status": "denied",
"created_at": "2024-07-02T08:43:04Z"
}
],
"url": "https://api.github.com/repos/octo-org/smile/bypass-requests/secret-scanning/1",
"html_url": "https://github.com/octo-org/smile/exemptions/1"
},
{
"id": 12,
"number": 24,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "secret_scanning",
"data": [
{
"secret_type": "adafruit_io_key",
"bypass_reason": "fix_later",
"path": "README.md:17:0",
"branch": "refs/heads/my-branch"
}
],
"resource_identifier": "827efc6d56897b048c772eb4087f854f46255555",
"status": "denied",
"requester_comment": "Token is already revoked, I'll remove it later",
"expires_at": "2024-07-08T07:43:03Z",
"created_at": "2024-07-01T07:43:03Z",
"responses": [
{
"id": 42,
"reviewer": {
"actor_id": 4,
"actor_name": "octocat"
},
"status": "denied",
"created_at": "2024-07-02T08:43:04Z"
}
],
"url": "https://api.github.com/repos/octo-org/smile/bypass-requests/secret-scanning/2",
"html_url": "https://github.com/octo-org/smile/exemptions/2"
}
]
Get a bypass request for secret scanning
Gets a specific request to bypass secret scanning push protection in a repository.
Delegated bypass must be enabled on the repository and the user must be a bypass reviewer to access this endpoint.
Personal access tokens (classic) need the security_events
scope to use this endpoint.
Jetons dâaccĂšs affinĂ©s pour « Get a bypass request for secret scanning »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
Le jeton prĂ©cis doit avoir lâensemble dâautorisations suivant:
- "Secret scanning alerts" repository permissions (read)
ParamÚtres pour « Get a bypass request for secret scanning »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
owner string ObligatoireThe account owner of the repository. The name is not case sensitive. |
repo string ObligatoireThe name of the repository without the |
bypass_request_number integer ObligatoireThe number that identifies the bypass request in a repository. |
Codes dâĂ©tat de la rĂ©ponse HTTP pour « Get a bypass request for secret scanning »
Code dâĂ©tat | Description |
---|---|
200 | A single bypass request. |
403 | Forbidden |
404 | Resource not found |
500 | Internal Error |
Exemples de code pour « Get a bypass request for secret scanning »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requĂȘte
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/bypass-requests/secret-scanning/BYPASS_REQUEST_NUMBER
A single bypass request.
Status: 200
{
"id": 21,
"number": 42,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "secret_scanning",
"data": [
{
"secret_type": "adafruit_io_key",
"bypass_reason": "used_in_tests",
"path": "/tests/README.md:16:0",
"branch": "refs/heads/main"
}
],
"resource_identifier": "827efc6d56897b048c772eb4087f854f46256132",
"status": "denied",
"requester_comment": "Test token used in the readme as an example",
"expires_at": "2024-07-08T08:43:03Z",
"created_at": "2024-07-01T08:43:03Z",
"responses": [
{
"id": 42,
"reviewer": {
"actor_id": 4,
"actor_name": "octocat"
},
"status": "denied",
"created_at": "2024-07-02T08:43:04Z"
}
],
"url": "https://api.github.com/repos/octo-org/smile/bypass-requests/secret-scanning/1",
"html_url": "https://github.com/octo-org/smile/exemptions/1"
}
Review a bypass request for secret scanning
Approve or deny a request to bypass secret scanning push protection in a repository.
Delegated bypass must be enabled on the repository and the user must be a bypass reviewer to access this endpoint.
Personal access tokens (classic) need the security_events
scope to use this endpoint.
Jetons dâaccĂšs affinĂ©s pour « Review a bypass request for secret scanning »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
Le jeton prĂ©cis doit avoir lâensemble dâautorisations suivant:
- "Secret scanning alerts" repository permissions (read)
ParamÚtres pour « Review a bypass request for secret scanning »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
owner string ObligatoireThe account owner of the repository. The name is not case sensitive. |
repo string ObligatoireThe name of the repository without the |
bypass_request_number integer ObligatoireThe number that identifies the bypass request in a repository. |
Nom, Type, Description |
---|
status string ObligatoireThe review action to perform on the bypass request. Peut ĂȘtre: |
message string ObligatoireA message to include with the review. Has a maximum character length of 2048. |
Codes dâĂ©tat de la rĂ©ponse HTTP pour « Review a bypass request for secret scanning »
Code dâĂ©tat | Description |
---|---|
200 | The review of the bypass request. |
403 | Forbidden |
404 | Resource not found |
422 | Validation failed, or the endpoint has been spammed. |
500 | Internal Error |
Exemples de code pour « Review a bypass request for secret scanning »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requĂȘte
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/bypass-requests/secret-scanning/BYPASS_REQUEST_NUMBER \
-d '{"status":"reject","message":"This secret has not been revoked."}'
The review of the bypass request.
Status: 200
{
"bypass_review_id": 1
}
Dismiss a response on a bypass request for secret scanning
Dissmiss a response given to a bypass request for secret scanning push protection in a repository.
Delegated bypass must be enabled on the repository and the user must be a bypass reviewer to access this endpoint.
Personal access tokens (classic) need the security_events
scope to use this endpoint.
Jetons dâaccĂšs affinĂ©s pour « Dismiss a response on a bypass request for secret scanning »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
Le jeton prĂ©cis doit avoir lâensemble dâautorisations suivant:
- "Secret scanning alerts" repository permissions (read)
ParamÚtres pour « Dismiss a response on a bypass request for secret scanning »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
owner string ObligatoireThe account owner of the repository. The name is not case sensitive. |
repo string ObligatoireThe name of the repository without the |
bypass_response_id integer ObligatoireID of the bypass response. |
Codes dâĂ©tat de la rĂ©ponse HTTP pour « Dismiss a response on a bypass request for secret scanning »
Code dâĂ©tat | Description |
---|---|
204 | Review was successfully dismissed. |
403 | Forbidden |
404 | Resource not found |
422 | Validation failed, or the endpoint has been spammed. |
500 | Internal Error |
Exemples de code pour « Dismiss a response on a bypass request for secret scanning »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requĂȘte
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/bypass-responses/secret-scanning/BYPASS_RESPONSE_ID
Review was successfully dismissed.
Status: 204