Get a secret scanning alert

Gets a single secret scanning alert detected in a private repository. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo scope or security_events scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.


string The token will be passed in the authorization header.



integer The security alert number, found at the end of the security alert's URL.


GET https://api.github.com/repos///secret-scanning/alerts/
authorization: bearer undefined
accept: application/vnd.github.v3+json
user-agent: octokit.rest

Example Response

Status: 200
  "number": 42,
  "created_at": "2020-11-06T18:18:30Z",
  "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42",
  "html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
  "state": "open",
  "resolution": null,
  "resolved_at": null,
  "resolved_by": null,
  "secret_type": "mailchimp_api_key",

See documentation on GitHub developer guides