github GitHub Changelog ·

GitHub REST API now supports managing secret scanning custom patterns

securitygaengineer
feature patch

GitHub has introduced REST API endpoints for managing secret scanning custom patterns, allowing security teams to create, edit, and delete these rules programmatically. This feature is now generally available at the repository, organization, and enterprise levels for secret scanning customers. While core CRUD operations are available via API, dry runs and publishing still require the UI.

  • Manage secret scanning custom patterns via REST API
  • UI required for pattern publishing
  • Documentation available
Features (1)
  • Manage secret scanning custom patterns via REST API

    New REST API endpoints for GET, POST, PATCH, and DELETE operations on secret scanning custom patterns are now generally available. These endpoints allow for programmatic management of custom patterns at repository, organization, and enterprise levels.

Notes (2)
  • UI required for pattern publishing

    Creation, editing, and deletion of custom secret scanning patterns can be managed via the REST API. However, completing dry runs and the final publishing step still require using the GitHub UI.

  • Documentation available

    Further details on the new capabilities can be found in the GitHub changelog and the REST API documentation for secret scanning and custom patterns.

Read the original announcement →

https://github.blog/changelog/2026-07-13-create-and-manage-secret-scanning-custom-patterns-via-rest-api

Related releases