Free, Pro, & Team
English
 
REST API
  • Get started
  • Account and profile
  • Authentication
  • Repositories
  • GitHub
  • Enterprise administrators
  • Billing and payments
  • Organizations
  • Code security
  • Pull requests
  • GitHub Issues
  • GitHub Actions
  • GitHub Codespaces
  • GitHub Packages
  • Search on GitHub
  • Developers
  • REST API
  • GraphQL API
  • GitHub CLI
  • GitHub Discussions
  • GitHub Sponsors
  • Building communities
  • GitHub Pages
  • Education
  • GitHub Desktop
  • Atom
  • Electron
  • CodeQL
  • npm
    • Free, Pro, & Team
  • Free, Pro, & Team
  • Enterprise Cloud
  • Enterprise Server 3.3
  • Enterprise Server 3.2
  • Enterprise Server 3.1
  • GitHub AE
    • English
  • English
  • 简体中文 (Simplified Chinese)
  • 日本語 (Japanese)
  • Español (Spanish)
  • Português do Brasil (Portuguese)

    •  

    Secret scanning

    In this article

    To retrieve and update the secret alerts from a private repository, you can use Secret Scanning API.

    The secret scanning API lets you:

    • Enable or disable secret scanning for a repository. For more information, see "Repositories" in the REST API documentation.
    • Retrieve and update secret scanning alerts from a private repository. For futher details, see the sections below.

    For more information about secret scanning, see "About secret scanning."

    List secret scanning alerts for an organization

    Lists secret scanning alerts for eligible repositories in an organization, from newest to oldest. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo scope or security_events scope.

    GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

    get /orgs/{org}/secret-scanning/alerts

    Parameters

    Name Type In Description
    accept string header

    Setting to application/vnd.github.v3+json is recommended.
    org string path
    state string query

    Set to open or resolved to only list secret scanning alerts in a specific state.
    secret_type string query

    A comma-separated list of secret types to return. By default all secret types are returned. See "About secret scanning for private repositories" for a complete list of secret types (API slug).
    resolution string query

    A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are false_positive, wont_fix, revoked, pattern_edited, pattern_deleted or used_in_tests.
    page integer query

    Page number of the results to fetch.

    Default: 1
    per_page integer query

    Results per page (max 100)

    Default: 30

    Code samples

    Shell
    curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/orgs/ORG/secret-scanning/alerts
    JavaScript (@octokit/core.js)
    await octokit.request('GET /orgs/{org}/secret-scanning/alerts', {
  org: 'org'
})

    Response

    Status: 200 OK
    [
  {
    "number": 2,
    "created_at": "2020-11-06T18:48:51Z",
    "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2",
    "html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
    "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2/locations",
    "state": "resolved",
    "resolution": "false_positive",
    "resolved_at": "2020-11-07T02:47:13Z",
    "resolved_by": {
      "login": "monalisa",
      "id": 2,
      "node_id": "MDQ6VXNlcjI=",
      "avatar_url": "https://alambic.github.com/avatars/u/2?",
      "gravatar_id": "",
      "url": "https://api.github.com/users/monalisa",
      "html_url": "https://github.com/monalisa",
      "followers_url": "https://api.github.com/users/monalisa/followers",
      "following_url": "https://api.github.com/users/monalisa/following{/other_user}",
      "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
      "organizations_url": "https://api.github.com/users/monalisa/orgs",
      "repos_url": "https://api.github.com/users/monalisa/repos",
      "events_url": "https://api.github.com/users/monalisa/events{/privacy}",
      "received_events_url": "https://api.github.com/users/monalisa/received_events",
      "type": "User",
      "site_admin": true
    },
    "secret_type": "adafruit_io_key",
    "secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    "repository": {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://api.github.com/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://api.github.com/users/octocat/followers",
        "following_url": "https://api.github.com/users/octocat/following{/other_user}",
        "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
        "organizations_url": "https://api.github.com/users/octocat/orgs",
        "repos_url": "https://api.github.com/users/octocat/repos",
        "events_url": "https://api.github.com/users/octocat/events{/privacy}",
        "received_events_url": "https://api.github.com/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://api.github.com/repos/octocat/Hello-World",
      "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
      "events_url": "https://api.github.com/repos/octocat/Hello-World/events",
      "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
      "git_url": "git:github.com/octocat/Hello-World.git",
      "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
      "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
      "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
      "ssh_url": "git@github.com:octocat/Hello-World.git",
      "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
      "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
      "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
      "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
      "clone_url": "https://github.com/octocat/Hello-World.git",
      "mirror_url": "git:git.example.com/octocat/Hello-World",
      "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks",
      "svn_url": "https://svn.github.com/octocat/Hello-World",
      "homepage": "https://github.com",
      "language": null,
      "forks_count": 9,
      "stargazers_count": 80,
      "watchers_count": 80,
      "size": 108,
      "default_branch": "master",
      "open_issues_count": 0,
      "is_template": false,
      "topics": [
        "octocat",
        "atom",
        "electron",
        "api"
      ],
      "has_issues": true,
      "has_projects": true,
      "has_wiki": true,
      "has_pages": false,
      "has_downloads": true,
      "archived": false,
      "disabled": false,
      "visibility": "public",
      "pushed_at": "2011-01-26T19:06:43Z",
      "created_at": "2011-01-26T19:01:12Z",
      "updated_at": "2011-01-26T19:14:43Z",
      "permissions": {
        "admin": false,
        "push": false,
        "pull": true
      },
      "template_repository": {
        "id": 1296269,
        "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
        "name": "Hello-World-Template",
        "full_name": "octocat/Hello-World-Template",
        "owner": {
          "login": "octocat",
          "id": 1,
          "node_id": "MDQ6VXNlcjE=",
          "avatar_url": "https://github.com/images/error/octocat_happy.gif",
          "gravatar_id": "",
          "url": "https://api.github.com/users/octocat",
          "html_url": "https://github.com/octocat",
          "followers_url": "https://api.github.com/users/octocat/followers",
          "following_url": "https://api.github.com/users/octocat/following{/other_user}",
          "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
          "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
          "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
          "organizations_url": "https://api.github.com/users/octocat/orgs",
          "repos_url": "https://api.github.com/users/octocat/repos",
          "events_url": "https://api.github.com/users/octocat/events{/privacy}",
          "received_events_url": "https://api.github.com/users/octocat/received_events",
          "type": "User",
          "site_admin": false
        },
        "private": false,
        "html_url": "https://github.com/octocat/Hello-World-Template",
        "description": "This your first repo!",
        "fork": false,
        "url": "https://api.github.com/repos/octocat/Hello-World-Template",
        "archive_url": "https://api.github.com/repos/octocat/Hello-World-Template/{archive_format}{/ref}",
        "assignees_url": "https://api.github.com/repos/octocat/Hello-World-Template/assignees{/user}",
        "blobs_url": "https://api.github.com/repos/octocat/Hello-World-Template/git/blobs{/sha}",
        "branches_url": "https://api.github.com/repos/octocat/Hello-World-Template/branches{/branch}",
        "collaborators_url": "https://api.github.com/repos/octocat/Hello-World-Template/collaborators{/collaborator}",
        "comments_url": "https://api.github.com/repos/octocat/Hello-World-Template/comments{/number}",
        "commits_url": "https://api.github.com/repos/octocat/Hello-World-Template/commits{/sha}",
        "compare_url": "https://api.github.com/repos/octocat/Hello-World-Template/compare/{base}...{head}",
        "contents_url": "https://api.github.com/repos/octocat/Hello-World-Template/contents/{+path}",
        "contributors_url": "https://api.github.com/repos/octocat/Hello-World-Template/contributors",
        "deployments_url": "https://api.github.com/repos/octocat/Hello-World-Template/deployments",
        "downloads_url": "https://api.github.com/repos/octocat/Hello-World-Template/downloads",
        "events_url": "https://api.github.com/repos/octocat/Hello-World-Template/events",
        "forks_url": "https://api.github.com/repos/octocat/Hello-World-Template/forks",
        "git_commits_url": "https://api.github.com/repos/octocat/Hello-World-Template/git/commits{/sha}",
        "git_refs_url": "https://api.github.com/repos/octocat/Hello-World-Template/git/refs{/sha}",
        "git_tags_url": "https://api.github.com/repos/octocat/Hello-World-Template/git/tags{/sha}",
        "git_url": "git:github.com/octocat/Hello-World-Template.git",
        "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World-Template/issues/comments{/number}",
        "issue_events_url": "https://api.github.com/repos/octocat/Hello-World-Template/issues/events{/number}",
        "issues_url": "https://api.github.com/repos/octocat/Hello-World-Template/issues{/number}",
        "keys_url": "https://api.github.com/repos/octocat/Hello-World-Template/keys{/key_id}",
        "labels_url": "https://api.github.com/repos/octocat/Hello-World-Template/labels{/name}",
        "languages_url": "https://api.github.com/repos/octocat/Hello-World-Template/languages",
        "merges_url": "https://api.github.com/repos/octocat/Hello-World-Template/merges",
        "milestones_url": "https://api.github.com/repos/octocat/Hello-World-Template/milestones{/number}",
        "notifications_url": "https://api.github.com/repos/octocat/Hello-World-Template/notifications{?since,all,participating}",
        "pulls_url": "https://api.github.com/repos/octocat/Hello-World-Template/pulls{/number}",
        "releases_url": "https://api.github.com/repos/octocat/Hello-World-Template/releases{/id}",
        "ssh_url": "git@github.com:octocat/Hello-World-Template.git",
        "stargazers_url": "https://api.github.com/repos/octocat/Hello-World-Template/stargazers",
        "statuses_url": "https://api.github.com/repos/octocat/Hello-World-Template/statuses/{sha}",
        "subscribers_url": "https://api.github.com/repos/octocat/Hello-World-Template/subscribers",
        "subscription_url": "https://api.github.com/repos/octocat/Hello-World-Template/subscription",
        "tags_url": "https://api.github.com/repos/octocat/Hello-World-Template/tags",
        "teams_url": "https://api.github.com/repos/octocat/Hello-World-Template/teams",
        "trees_url": "https://api.github.com/repos/octocat/Hello-World-Template/git/trees{/sha}",
        "clone_url": "https://github.com/octocat/Hello-World-Template.git",
        "mirror_url": "git:git.example.com/octocat/Hello-World-Template",
        "hooks_url": "https://api.github.com/repos/octocat/Hello-World-Template/hooks",
        "svn_url": "https://svn.github.com/octocat/Hello-World-Template",
        "homepage": "https://github.com",
        "language": null,
        "forks": 9,
        "forks_count": 9,
        "stargazers_count": 80,
        "watchers_count": 80,
        "watchers": 80,
        "size": 108,
        "default_branch": "master",
        "open_issues": 0,
        "open_issues_count": 0,
        "is_template": true,
        "license": {
          "key": "mit",
          "name": "MIT License",
          "url": "https://api.github.com/licenses/mit",
          "spdx_id": "MIT",
          "node_id": "MDc6TGljZW5zZW1pdA==",
          "html_url": "https://api.github.com/licenses/mit"
        },
        "topics": [
          "octocat",
          "atom",
          "electron",
          "api"
        ],
        "has_issues": true,
        "has_projects": true,
        "has_wiki": true,
        "has_pages": false,
        "has_downloads": true,
        "archived": false,
        "disabled": false,
        "visibility": "public",
        "pushed_at": "2011-01-26T19:06:43Z",
        "created_at": "2011-01-26T19:01:12Z",
        "updated_at": "2011-01-26T19:14:43Z",
        "permissions": {
          "admin": false,
          "push": false,
          "pull": true
        },
        "allow_rebase_merge": true,
        "temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
        "allow_squash_merge": true,
        "allow_auto_merge": false,
        "delete_branch_on_merge": true,
        "allow_merge_commit": true,
        "subscribers_count": 42,
        "network_count": 0
      }
    }
  },
  {
    "number": 1,
    "created_at": "2020-11-06T18:18:30Z",
    "url": "https://api.github.com/repos/owner/repo/secret-scanning/alerts/1",
    "html_url": "https://github.com/owner/repo/security/secret-scanning/1",
    "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/1/locations",
    "state": "open",
    "resolution": null,
    "resolved_at": null,
    "resolved_by": null,
    "secret_type": "mailchimp_api_key",
    "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
    "repository": {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://api.github.com/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://api.github.com/users/octocat/followers",
        "following_url": "https://api.github.com/users/octocat/following{/other_user}",
        "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
        "organizations_url": "https://api.github.com/users/octocat/orgs",
        "repos_url": "https://api.github.com/users/octocat/repos",
        "events_url": "https://api.github.com/users/octocat/events{/privacy}",
        "received_events_url": "https://api.github.com/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://api.github.com/repos/octocat/Hello-World",
      "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
      "events_url": "https://api.github.com/repos/octocat/Hello-World/events",
      "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
      "git_url": "git:github.com/octocat/Hello-World.git",
      "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
      "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
      "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
      "ssh_url": "git@github.com:octocat/Hello-World.git",
      "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
      "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
      "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
      "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
      "clone_url": "https://github.com/octocat/Hello-World.git",
      "mirror_url": "git:git.example.com/octocat/Hello-World",
      "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks",
      "svn_url": "https://svn.github.com/octocat/Hello-World",
      "homepage": "https://github.com",
      "language": null,
      "forks_count": 9,
      "stargazers_count": 80,
      "watchers_count": 80,
      "size": 108,
      "default_branch": "master",
      "open_issues_count": 0,
      "is_template": false,
      "topics": [
        "octocat",
        "atom",
        "electron",
        "api"
      ],
      "has_issues": true,
      "has_projects": true,
      "has_wiki": true,
      "has_pages": false,
      "has_downloads": true,
      "archived": false,
      "disabled": false,
      "visibility": "public",
      "pushed_at": "2011-01-26T19:06:43Z",
      "created_at": "2011-01-26T19:01:12Z",
      "updated_at": "2011-01-26T19:14:43Z",
      "permissions": {
        "admin": false,
        "push": false,
        "pull": true
      },
      "template_repository": {
        "id": 1296269,
        "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
        "name": "Hello-World-Template",
        "full_name": "octocat/Hello-World-Template",
        "owner": {
          "login": "octocat",
          "id": 1,
          "node_id": "MDQ6VXNlcjE=",
          "avatar_url": "https://github.com/images/error/octocat_happy.gif",
          "gravatar_id": "",
          "url": "https://api.github.com/users/octocat",
          "html_url": "https://github.com/octocat",
          "followers_url": "https://api.github.com/users/octocat/followers",
          "following_url": "https://api.github.com/users/octocat/following{/other_user}",
          "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
          "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
          "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
          "organizations_url": "https://api.github.com/users/octocat/orgs",
          "repos_url": "https://api.github.com/users/octocat/repos",
          "events_url": "https://api.github.com/users/octocat/events{/privacy}",
          "received_events_url": "https://api.github.com/users/octocat/received_events",
          "type": "User",
          "site_admin": false
        },
        "private": false,
        "html_url": "https://github.com/octocat/Hello-World-Template",
        "description": "This your first repo!",
        "fork": false,
        "url": "https://api.github.com/repos/octocat/Hello-World-Template",
        "archive_url": "https://api.github.com/repos/octocat/Hello-World-Template/{archive_format}{/ref}",
        "assignees_url": "https://api.github.com/repos/octocat/Hello-World-Template/assignees{/user}",
        "blobs_url": "https://api.github.com/repos/octocat/Hello-World-Template/git/blobs{/sha}",
        "branches_url": "https://api.github.com/repos/octocat/Hello-World-Template/branches{/branch}",
        "collaborators_url": "https://api.github.com/repos/octocat/Hello-World-Template/collaborators{/collaborator}",
        "comments_url": "https://api.github.com/repos/octocat/Hello-World-Template/comments{/number}",
        "commits_url": "https://api.github.com/repos/octocat/Hello-World-Template/commits{/sha}",
        "compare_url": "https://api.github.com/repos/octocat/Hello-World-Template/compare/{base}...{head}",
        "contents_url": "https://api.github.com/repos/octocat/Hello-World-Template/contents/{+path}",
        "contributors_url": "https://api.github.com/repos/octocat/Hello-World-Template/contributors",
        "deployments_url": "https://api.github.com/repos/octocat/Hello-World-Template/deployments",
        "downloads_url": "https://api.github.com/repos/octocat/Hello-World-Template/downloads",
        "events_url": "https://api.github.com/repos/octocat/Hello-World-Template/events",
        "forks_url": "https://api.github.com/repos/octocat/Hello-World-Template/forks",
        "git_commits_url": "https://api.github.com/repos/octocat/Hello-World-Template/git/commits{/sha}",
        "git_refs_url": "https://api.github.com/repos/octocat/Hello-World-Template/git/refs{/sha}",
        "git_tags_url": "https://api.github.com/repos/octocat/Hello-World-Template/git/tags{/sha}",
        "git_url": "git:github.com/octocat/Hello-World-Template.git",
        "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World-Template/issues/comments{/number}",
        "issue_events_url": "https://api.github.com/repos/octocat/Hello-World-Template/issues/events{/number}",
        "issues_url": "https://api.github.com/repos/octocat/Hello-World-Template/issues{/number}",
        "keys_url": "https://api.github.com/repos/octocat/Hello-World-Template/keys{/key_id}",
        "labels_url": "https://api.github.com/repos/octocat/Hello-World-Template/labels{/name}",
        "languages_url": "https://api.github.com/repos/octocat/Hello-World-Template/languages",
        "merges_url": "https://api.github.com/repos/octocat/Hello-World-Template/merges",
        "milestones_url": "https://api.github.com/repos/octocat/Hello-World-Template/milestones{/number}",
        "notifications_url": "https://api.github.com/repos/octocat/Hello-World-Template/notifications{?since,all,participating}",
        "pulls_url": "https://api.github.com/repos/octocat/Hello-World-Template/pulls{/number}",
        "releases_url": "https://api.github.com/repos/octocat/Hello-World-Template/releases{/id}",
        "ssh_url": "git@github.com:octocat/Hello-World-Template.git",
        "stargazers_url": "https://api.github.com/repos/octocat/Hello-World-Template/stargazers",
        "statuses_url": "https://api.github.com/repos/octocat/Hello-World-Template/statuses/{sha}",
        "subscribers_url": "https://api.github.com/repos/octocat/Hello-World-Template/subscribers",
        "subscription_url": "https://api.github.com/repos/octocat/Hello-World-Template/subscription",
        "tags_url": "https://api.github.com/repos/octocat/Hello-World-Template/tags",
        "teams_url": "https://api.github.com/repos/octocat/Hello-World-Template/teams",
        "trees_url": "https://api.github.com/repos/octocat/Hello-World-Template/git/trees{/sha}",
        "clone_url": "https://github.com/octocat/Hello-World-Template.git",
        "mirror_url": "git:git.example.com/octocat/Hello-World-Template",
        "hooks_url": "https://api.github.com/repos/octocat/Hello-World-Template/hooks",
        "svn_url": "https://svn.github.com/octocat/Hello-World-Template",
        "homepage": "https://github.com",
        "language": null,
        "forks": 9,
        "forks_count": 9,
        "stargazers_count": 80,
        "watchers_count": 80,
        "watchers": 80,
        "size": 108,
        "default_branch": "master",
        "open_issues": 0,
        "open_issues_count": 0,
        "is_template": true,
        "license": {
          "key": "mit",
          "name": "MIT License",
          "url": "https://api.github.com/licenses/mit",
          "spdx_id": "MIT",
          "node_id": "MDc6TGljZW5zZW1pdA==",
          "html_url": "https://api.github.com/licenses/mit"
        },
        "topics": [
          "octocat",
          "atom",
          "electron",
          "api"
        ],
        "has_issues": true,
        "has_projects": true,
        "has_wiki": true,
        "has_pages": false,
        "has_downloads": true,
        "archived": false,
        "disabled": false,
        "visibility": "public",
        "pushed_at": "2011-01-26T19:06:43Z",
        "created_at": "2011-01-26T19:01:12Z",
        "updated_at": "2011-01-26T19:14:43Z",
        "permissions": {
          "admin": false,
          "push": false,
          "pull": true
        },
        "allow_rebase_merge": true,
        "temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
        "allow_squash_merge": true,
        "allow_auto_merge": false,
        "delete_branch_on_merge": true,
        "allow_merge_commit": true,
        "subscribers_count": 42,
        "network_count": 0
      }
    }
  }
]

    Resource not found

    Status: 404 Not Found

    Service unavailable

    Status: 503 Service Unavailable

    Notes

    List secret scanning alerts for a repository

    Lists secret scanning alerts for a private repository, from newest to oldest. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo scope or security_events scope.

    GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

    get /repos/{owner}/{repo}/secret-scanning/alerts

    Parameters

    Name Type In Description
    accept string header

    Setting to application/vnd.github.v3+json is recommended.
    owner string path
    repo string path
    state string query

    Set to open or resolved to only list secret scanning alerts in a specific state.
    secret_type string query

    A comma-separated list of secret types to return. By default all secret types are returned. See "About secret scanning for private repositories" for a complete list of secret types (API slug).
    resolution string query

    A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are false_positive, wont_fix, revoked, pattern_edited, pattern_deleted or used_in_tests.
    page integer query

    Page number of the results to fetch.

    Default: 1
    per_page integer query

    Results per page (max 100)

    Default: 30

    Code samples

    Shell
    curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/repos/octocat/hello-world/secret-scanning/alerts
    JavaScript (@octokit/core.js)
    await octokit.request('GET /repos/{owner}/{repo}/secret-scanning/alerts', {
  owner: 'octocat',
  repo: 'hello-world'
})

    Response

    Status: 200 OK
    [
  {
    "number": 2,
    "created_at": "2020-11-06T18:48:51Z",
    "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2",
    "html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
    "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2/locations",
    "state": "resolved",
    "resolution": "false_positive",
    "resolved_at": "2020-11-07T02:47:13Z",
    "resolved_by": {
      "login": "monalisa",
      "id": 2,
      "node_id": "MDQ6VXNlcjI=",
      "avatar_url": "https://alambic.github.com/avatars/u/2?",
      "gravatar_id": "",
      "url": "https://api.github.com/users/monalisa",
      "html_url": "https://github.com/monalisa",
      "followers_url": "https://api.github.com/users/monalisa/followers",
      "following_url": "https://api.github.com/users/monalisa/following{/other_user}",
      "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
      "organizations_url": "https://api.github.com/users/monalisa/orgs",
      "repos_url": "https://api.github.com/users/monalisa/repos",
      "events_url": "https://api.github.com/users/monalisa/events{/privacy}",
      "received_events_url": "https://api.github.com/users/monalisa/received_events",
      "type": "User",
      "site_admin": true
    },
    "secret_type": "adafruit_io_key",
    "secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
  },
  {
    "number": 1,
    "created_at": "2020-11-06T18:18:30Z",
    "url": "https://api.github.com/repos/owner/repo/secret-scanning/alerts/1",
    "html_url": "https://github.com/owner/repo/security/secret-scanning/1",
    "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/1/locations",
    "state": "open",
    "resolution": null,
    "resolved_at": null,
    "resolved_by": null,
    "secret_type": "mailchimp_api_key",
    "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
  }
]

    Repository is public or secret scanning is disabled for the repository

    Status: 404 Not Found

    Service unavailable

    Status: 503 Service Unavailable

    Notes

    Get a secret scanning alert

    Gets a single secret scanning alert detected in a private repository. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo scope or security_events scope.

    GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

    get /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}

    Parameters

    Name Type In Description
    accept string header

    Setting to application/vnd.github.v3+json is recommended.
    owner string path
    repo string path
    alert_number integer path

    The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

    Code samples

    Shell
    curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/repos/octocat/hello-world/secret-scanning/alerts/42
    JavaScript (@octokit/core.js)
    await octokit.request('GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}', {
  owner: 'octocat',
  repo: 'hello-world',
  alert_number: 42
})

    Response

    Status: 200 OK
    {
  "number": 42,
  "created_at": "2020-11-06T18:18:30Z",
  "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42",
  "html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
  "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations",
  "state": "open",
  "resolution": null,
  "resolved_at": null,
  "resolved_by": null,
  "secret_type": "mailchimp_api_key",
  "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
}

    Not modified

    Status: 304 Not Modified

    Repository is public, or secret scanning is disabled for the repository, or the resource is not found

    Status: 404 Not Found

    Service unavailable

    Status: 503 Service Unavailable

    Notes

    Update a secret scanning alert

    Updates the status of a secret scanning alert in a private repository. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo scope or security_events scope.

    GitHub Apps must have the secret_scanning_alerts write permission to use this endpoint.

    patch /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}

    Parameters

    Name Type In Description
    accept string header

    Setting to application/vnd.github.v3+json is recommended.
    owner string path
    repo string path
    alert_number integer path

    The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.
    state string body

    Required. Sets the state of the secret scanning alert. Can be either open or resolved. You must provide resolution when you set the state to resolved.
    resolution string or nullable body

    Required when the state is resolved. The reason for resolving the alert. Can be one of false_positive, wont_fix, revoked, or used_in_tests.

    Code samples

    Shell
    curl \
  -X PATCH \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/repos/octocat/hello-world/secret-scanning/alerts/42 \
  -d '{"state":"state"}'
    JavaScript (@octokit/core.js)
    await octokit.request('PATCH /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}', {
  owner: 'octocat',
  repo: 'hello-world',
  alert_number: 42,
  state: 'state'
})

    Response

    Status: 200 OK
    {
  "number": 42,
  "created_at": "2020-11-06T18:18:30Z",
  "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42",
  "html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
  "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations",
  "state": "resolved",
  "resolution": "used_in_tests",
  "resolved_at": "2020-11-16T22:42:07Z",
  "resolved_by": {
    "login": "monalisa",
    "id": 2,
    "node_id": "MDQ6VXNlcjI=",
    "avatar_url": "https://alambic.github.com/avatars/u/2?",
    "gravatar_id": "",
    "url": "https://api.github.com/users/monalisa",
    "html_url": "https://github.com/monalisa",
    "followers_url": "https://api.github.com/users/monalisa/followers",
    "following_url": "https://api.github.com/users/monalisa/following{/other_user}",
    "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
    "organizations_url": "https://api.github.com/users/monalisa/orgs",
    "repos_url": "https://api.github.com/users/monalisa/repos",
    "events_url": "https://api.github.com/users/monalisa/events{/privacy}",
    "received_events_url": "https://api.github.com/users/monalisa/received_events",
    "type": "User",
    "site_admin": true
  },
  "secret_type": "mailchimp_api_key",
  "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
}

    Repository is public, or secret scanning is disabled for the repository, or the resource is not found

    Status: 404 Not Found

    State does not match the resolution

    Status: 422 Unprocessable Entity

    Service unavailable

    Status: 503 Service Unavailable

    Notes

    List locations for a secret scanning alert

    Lists all locations for a given secret scanning alert for a private repository. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo scope or security_events scope.

    GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

    get /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations

    Parameters

    Name Type In Description
    accept string header

    Setting to application/vnd.github.v3+json is recommended.
    owner string path
    repo string path
    alert_number integer path

    The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.
    page integer query

    Page number of the results to fetch.

    Default: 1
    per_page integer query

    Results per page (max 100)

    Default: 30

    Code samples

    Shell
    curl \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/repos/octocat/hello-world/secret-scanning/alerts/42/locations
    JavaScript (@octokit/core.js)
    await octokit.request('GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations', {
  owner: 'octocat',
  repo: 'hello-world',
  alert_number: 42
})

    Response

    Status: 200 OK
    [
  {
    "type": "commit",
    "details": {
      "path": "/example/secrets.txt",
      "start_line": 1,
      "end_line": 1,
      "start_column": 1,
      "end_column": 64,
      "blob_sha": "af5626b4a114abcb82d63db7c8082c3c4756e51b",
      "blob_url": "https://api.github.com/repos/octocat/hello-world/git/blobs/af5626b4a114abcb82d63db7c8082c3c4756e51b",
      "commit_sha": "f14d7debf9775f957cf4f1e8176da0786431f72b",
      "commit_url": "https://api.github.com/repos/octocat/hello-world/git/commits/f14d7debf9775f957cf4f1e8176da0786431f72b"
    }
  },
  {
    "type": "commit",
    "details": {
      "path": "/example/secrets.txt",
      "start_line": 5,
      "end_line": 5,
      "start_column": 1,
      "end_column": 64,
      "blob_sha": "9def38117ab2d8355b982429aa924e268b4b0065",
      "blob_url": "https://api.github.com/repos/octocat/hello-world/git/blobs/9def38117ab2d8355b982429aa924e268b4b0065",
      "commit_sha": "588483b99a46342501d99e3f10630cfc1219ea32",
      "commit_url": "https://api.github.com/repos/octocat/hello-world/git/commits/588483b99a46342501d99e3f10630cfc1219ea32"
    }
  },
  {
    "type": "commit",
    "details": {
      "path": "/example/secrets.txt",
      "start_line": 12,
      "end_line": 12,
      "start_column": 1,
      "end_column": 64,
      "blob_sha": "0b33e9c66e19f7fb15137a82ff1c04c10cba6caf",
      "blob_url": "https://api.github.com/repos/octocat/hello-world/git/blobs/0b33e9c66e19f7fb15137a82ff1c04c10cba6caf",
      "commit_sha": "9def38117ab2d8355b982429aa924e268b4b0065",
      "commit_url": "https://api.github.com/repos/octocat/hello-world/git/commits/9def38117ab2d8355b982429aa924e268b4b0065"
    }
  }
]

    Repository is public, or secret scanning is disabled for the repository, or the resource is not found

    Status: 404 Not Found

    Service unavailable

    Status: 503 Service Unavailable

    Notes

    Did this doc help you?

    Privacy policy

    Help us make these docs great!

    All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

    Make a contribution

    Or, learn how to contribute.