jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-22 03:16:52 -05:00
Code Issues Projects Releases Wiki Activity
Files
2ae3d74757b51a6a2fb639d0f8cf9e88ecd44de0
docs/content/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-rest-api.md
Felicity Chapman 3c98b66164 GHAS unbundling changes to main part 1 (#54527) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
Co-authored-by: mchammer01 <42146119+mchammer01@users.noreply.github.com>
2025-03-05 11:35:19 +00:00

33 lines
1.8 KiB
Markdown
Raw Blame History

---
title: Working with push protection from the REST API
shortTitle: Push protection from the REST API
intro: 'Learn your options for unblocking your push to {% data variables.product.prodname_dotcom %} using the REST API if {% data variables.product.prodname_secret_scanning %} detects a secret in the content of your API request.'
permissions: '{% data reusables.permissions.push-protection-resolve-block %}'
versions:
feature: secret-scanning-push-protection-content-endpoints
type: how_to
topics:
- Secret scanning
- Secret Protection
- Alerts
- Repositories
---
## About push protection from the REST API
Push protection prevents you from accidentally committing secrets to a repository by blocking pushes containing supported secrets.
The "Create a blob" and "Create or update file contents" endpoints in the REST API include push protection. See [AUTOTITLE](/rest/git/blobs?apiVersion=2022-11-28#create-a-blob) and [AUTOTITLE](/rest/repos/contents?apiVersion=2022-11-28#create-or-update-file-contents).
If you make a request with these endpoints whose content includes a supported secret, the REST API will return a 409 error, indicating that a secret has been detected.
To resolve the error, you can either:
* **Remove** the secret from the content of your API request before trying again.
* **Create a push protection bypass:** You can bypass push protection using the "Create a push protection bypass" endpoint. For more information, see [AUTOTITLE](/rest/secret-scanning/secret-scanning?apiVersion=2022-11-28#create-a-push-protection-bypass).
## Further reading
* [AUTOTITLE](/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-command-line)
* [AUTOTITLE](/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-in-the-github-ui)
Reference in New Issue View Git Blame Copy Permalink