PATCH /orgs/{org}/code-security/configurations/{configuration_id}

Updates a code security configuration in an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Servers

https://api.github.com

Path parameters

Name	Type	Required	Description
`configuration_id`	Integer	Yes	The unique identifier of the code security configuration.
`org`	String	Yes	The organization name. The name is not case sensitive.

Request headers

Name	Type	Required	Description
`Content-Type`	String	Yes	The media type of the request body. Default value: "application/json"

Request body fields

Name	Type	Required	Description
`dependency_graph_autosubmit_action_options`	Object	No	Feature options for Automatic dependency submission
`dependency_graph_autosubmit_action_options.labeled_runners`	Boolean	No	Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.
`secret_scanning_delegated_bypass_options`	Object	No	Feature options for secret scanning delegated bypass
`secret_scanning_delegated_bypass_options.reviewers[]`	Array	No	The bypass reviewers for secret scanning delegated bypass
`secret_scanning_delegated_bypass_options.reviewers[].reviewer_id`	Integer	Yes	The ID of the team or role selected as a bypass reviewer
`secret_scanning_delegated_bypass_options.reviewers[].reviewer_type`	String	Yes	The type of the bypass reviewer Possible values: `"TEAM"` `"ROLE"`
`secret_scanning`	String	No	The enablement status of secret scanning Possible values: `"not_set"` `"disabled"` `"enabled"`
`secret_scanning_non_provider_patterns`	String	No	The enablement status of secret scanning non-provider patterns Possible values: `"not_set"` `"disabled"` `"enabled"`
`description`	String	No	A description of the code security configuration
`secret_scanning_validity_checks`	String	No	The enablement status of secret scanning validity checks Possible values: `"not_set"` `"disabled"` `"enabled"`
`secret_scanning_delegated_alert_dismissal`	String	No	The enablement status of secret scanning delegated alert dismissal Possible values: `"not_set"` `"disabled"` `"enabled"`
`secret_scanning_push_protection`	String	No	The enablement status of secret scanning push protection Possible values: `"not_set"` `"disabled"` `"enabled"`
`dependency_graph_autosubmit_action`	String	No	The enablement status of Automatic dependency submission Possible values: `"not_set"` `"disabled"` `"enabled"`
`code_scanning_default_setup`	String	No	The enablement status of code scanning default setup Possible values: `"not_set"` `"disabled"` `"enabled"`
`secret_scanning_generic_secrets`	String	No	The enablement status of Copilot secret scanning Possible values: `"not_set"` `"disabled"` `"enabled"`
`dependabot_alerts`	String	No	The enablement status of Dependabot alerts Possible values: `"not_set"` `"disabled"` `"enabled"`
`dependabot_security_updates`	String	No	The enablement status of Dependabot security updates Possible values: `"not_set"` `"disabled"` `"enabled"`
`name`	String	No	The name of the code security configuration. Must be unique within the organization.
`advanced_security`	String	No	The enablement status of GitHub Advanced Security Possible values: `"disabled"` `"enabled"`
`private_vulnerability_reporting`	String	No	The enablement status of private vulnerability reporting Possible values: `"not_set"` `"disabled"` `"enabled"`
`secret_scanning_delegated_bypass`	String	No	The enablement status of secret scanning delegated bypass Possible values: `"not_set"` `"disabled"` `"enabled"`
`dependency_graph`	String	No	The enablement status of Dependency Graph Possible values: `"not_set"` `"disabled"` `"enabled"`
`code_scanning_default_setup_options`	Object	No	Feature options for code scanning default setup
`code_scanning_default_setup_options.runner_label`	String	No	The label of the runner to use for code scanning default setup when runner_type is 'labeled'.
`code_scanning_default_setup_options.runner_type`	String	No	Whether to use labeled runners or standard GitHub runners. Possible values: `"not_set"` `"standard"` `"labeled"`
`code_scanning_delegated_alert_dismissal`	String	No	The enablement status of code scanning delegated alert dismissal Possible values: `"not_set"` `"disabled"` `"enabled"` Default value: "disabled"
`enforcement`	String	No	The enforcement status for a security configuration Possible values: `"enforced"` `"unenforced"`

How to start integrating

Add HTTP Task to your workflow definition.
Search for the API you want to integrate with and click on the name.
- This loads the API reference documentation and prepares the Http request settings.
Click Test request to test run your request to the API and see the API's response.