Starting today, security teams can create, edit, and manage secret scanning custom patterns with the REST API.

What’s new

The following endpoints are generally available:

  • GET .../secret-scanning/custom-patterns list patterns
  • POST .../secret-scanning/custom-patterns create patterns
  • PATCH .../secret-scanning/custom-patterns/{id} update patterns
  • DELETE .../secret-scanning/custom-patterns delete patterns

These endpoints are available at repository, organization, and enterprise levels for secret scanning customers. They cover basic CRUD operations, including creation, deletion, and modification of custom patterns. Dry runs and the final publishing step are still currently completed in the UI. You can follow the GitHub changelog for future updates.

Learn more

Learn more in the REST API documentation for secret scanning and about custom patterns.