Ahora la API REST está versionada. Para obtener más información, consulta "Acerca del control de versiones de la API".

Puntos de conexión de api REST para GitHub Actions OIDC

Usa la API REST para interactuar con los JWT de las notificaciones de sujeto de OIDC en GitHub Actions.

Acerca de OIDC en GitHub Actions

Puedes usar la API de REST para consultar y administrar una plantilla de personalización para una notificación de asunto de OpenID Connect (OIDC). Para más información, consulta OpenID Connect.

List OIDC custom property inclusions for an enterprise

Lists the repository custom properties that are included in the OIDC token for repository actions in an enterprise.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Tokens de acceso granulares para "List OIDC custom property inclusions for an enterprise"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

  • "Enterprise administration" enterprise permissions (read)

Parámetros para "List OIDC custom property inclusions for an enterprise"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de ruta
enterprise string Obligatorio

The slug version of the enterprise name.

Códigos de estado de respuesta HTTP para "List OIDC custom property inclusions for an enterprise"

código de estadoDescripción
200

A JSON array of OIDC custom property inclusions

403

Forbidden

404

Resource not found

Ejemplos de código para "List OIDC custom property inclusions for an enterprise"

Ejemplo de solicitud

get/enterprises/{enterprise}/actions/oidc/customization/properties/repo
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/actions/oidc/customization/properties/repo

A JSON array of OIDC custom property inclusions

Status: 200
[ { "custom_property_name": "environment", "inclusion_source": "enterprise" }, { "custom_property_name": "team", "inclusion_source": "enterprise" } ]

Create an OIDC custom property inclusion for an enterprise

Adds a repository custom property to be included in the OIDC token for repository actions in an enterprise.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Tokens de acceso granulares para "Create an OIDC custom property inclusion for an enterprise"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

  • "Enterprise administration" enterprise permissions (write)

Parámetros para "Create an OIDC custom property inclusion for an enterprise"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de ruta
enterprise string Obligatorio

The slug version of the enterprise name.

Parámetros del cuerpo
custom_property_name string Obligatorio

The name of the custom property to include in the OIDC token

Códigos de estado de respuesta HTTP para "Create an OIDC custom property inclusion for an enterprise"

código de estadoDescripción
201

OIDC custom property inclusion created

400

Invalid input

403

Forbidden

422

Property inclusion already exists

Ejemplos de código para "Create an OIDC custom property inclusion for an enterprise"

Ejemplo de solicitud

post/enterprises/{enterprise}/actions/oidc/customization/properties/repo
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/actions/oidc/customization/properties/repo \ -d '{"custom_property_name":"environment"}'

OIDC custom property inclusion created

Status: 201
{ "custom_property_name": "environment" }

Delete an OIDC custom property inclusion for an enterprise

Removes a repository custom property from being included in the OIDC token for repository actions in an enterprise.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Tokens de acceso granulares para "Delete an OIDC custom property inclusion for an enterprise"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

  • "Enterprise administration" enterprise permissions (write)

Parámetros para "Delete an OIDC custom property inclusion for an enterprise"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de ruta
enterprise string Obligatorio

The slug version of the enterprise name.

custom_property_name string Obligatorio

The name of the custom property to remove from OIDC token inclusion

Códigos de estado de respuesta HTTP para "Delete an OIDC custom property inclusion for an enterprise"

código de estadoDescripción
204

OIDC custom property inclusion deleted

400

Invalid input

403

Forbidden

404

Property inclusion not found

Ejemplos de código para "Delete an OIDC custom property inclusion for an enterprise"

Ejemplo de solicitud

delete/enterprises/{enterprise}/actions/oidc/customization/properties/repo/{custom_property_name}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/enterprises/ENTERPRISE/actions/oidc/customization/properties/repo/CUSTOM_PROPERTY_NAME

OIDC custom property inclusion deleted

Status: 204

List OIDC custom property inclusions for an organization

Lists the repository custom properties that are included in the OIDC token for repository actions in an organization.

OAuth app tokens and personal access tokens (classic) need the read:org scope to use this endpoint.

Tokens de acceso granulares para "List OIDC custom property inclusions for an organization"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

  • "Administration" organization permissions (read)

Parámetros para "List OIDC custom property inclusions for an organization"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de ruta
org string Obligatorio

The organization name. The name is not case sensitive.

Códigos de estado de respuesta HTTP para "List OIDC custom property inclusions for an organization"

código de estadoDescripción
200

A JSON array of OIDC custom property inclusions

403

Forbidden

404

Resource not found

Ejemplos de código para "List OIDC custom property inclusions for an organization"

Ejemplo de solicitud

get/orgs/{org}/actions/oidc/customization/properties/repo
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/actions/oidc/customization/properties/repo

A JSON array of OIDC custom property inclusions

Status: 200
[ { "property_name": "environment" }, { "property_name": "team" } ]

Create an OIDC custom property inclusion for an organization

Adds a repository custom property to be included in the OIDC token for repository actions in an organization.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

Tokens de acceso granulares para "Create an OIDC custom property inclusion for an organization"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

  • "Administration" organization permissions (write)

Parámetros para "Create an OIDC custom property inclusion for an organization"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de ruta
org string Obligatorio

The organization name. The name is not case sensitive.

Parámetros del cuerpo
custom_property_name string Obligatorio

The name of the custom property to include in the OIDC token

Códigos de estado de respuesta HTTP para "Create an OIDC custom property inclusion for an organization"

código de estadoDescripción
201

OIDC custom property inclusion created

400

Invalid input

403

Forbidden

422

Property inclusion already exists

Ejemplos de código para "Create an OIDC custom property inclusion for an organization"

Ejemplo de solicitud

post/orgs/{org}/actions/oidc/customization/properties/repo
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/actions/oidc/customization/properties/repo \ -d '{"custom_property_name":"environment"}'

OIDC custom property inclusion created

Status: 201
{ "custom_property_name": "environment" }

Delete an OIDC custom property inclusion for an organization

Removes a repository custom property from being included in the OIDC token for repository actions in an organization.

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

Tokens de acceso granulares para "Delete an OIDC custom property inclusion for an organization"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

  • "Administration" organization permissions (write)

Parámetros para "Delete an OIDC custom property inclusion for an organization"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de ruta
org string Obligatorio

The organization name. The name is not case sensitive.

custom_property_name string Obligatorio

The name of the custom property to remove from OIDC token inclusion

Códigos de estado de respuesta HTTP para "Delete an OIDC custom property inclusion for an organization"

código de estadoDescripción
204

OIDC custom property inclusion deleted

400

Invalid input

403

Forbidden

404

Property inclusion not found

Ejemplos de código para "Delete an OIDC custom property inclusion for an organization"

Ejemplo de solicitud

delete/orgs/{org}/actions/oidc/customization/properties/repo/{custom_property_name}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/actions/oidc/customization/properties/repo/CUSTOM_PROPERTY_NAME

OIDC custom property inclusion deleted

Status: 204

Get the customization template for an OIDC subject claim for an organization

Gets the customization template for an OpenID Connect (OIDC) subject claim.

OAuth app tokens and personal access tokens (classic) need the read:org scope to use this endpoint.

Tokens de acceso granulares para "Get the customization template for an OIDC subject claim for an organization"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

  • "Administration" organization permissions (read)

Parámetros para "Get the customization template for an OIDC subject claim for an organization"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de ruta
org string Obligatorio

The organization name. The name is not case sensitive.

Códigos de estado de respuesta HTTP para "Get the customization template for an OIDC subject claim for an organization"

código de estadoDescripción
200

A JSON serialized template for OIDC subject claim customization

Ejemplos de código para "Get the customization template for an OIDC subject claim for an organization"

Ejemplo de solicitud

get/orgs/{org}/actions/oidc/customization/sub
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/actions/oidc/customization/sub

A JSON serialized template for OIDC subject claim customization

Status: 200
{ "include_claim_keys": [ "repo", "context" ] }

Set the customization template for an OIDC subject claim for an organization

Creates or updates the customization template for an OpenID Connect (OIDC) subject claim.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Tokens de acceso granulares para "Set the customization template for an OIDC subject claim for an organization"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

  • "Administration" organization permissions (write)

Parámetros para "Set the customization template for an OIDC subject claim for an organization"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de ruta
org string Obligatorio

The organization name. The name is not case sensitive.

Parámetros del cuerpo
include_claim_keys array of strings Obligatorio

Array of unique strings. Each claim key can only contain alphanumeric characters and underscores.

Códigos de estado de respuesta HTTP para "Set the customization template for an OIDC subject claim for an organization"

código de estadoDescripción
201

Empty response

403

Forbidden

404

Resource not found

Ejemplos de código para "Set the customization template for an OIDC subject claim for an organization"

Ejemplo de solicitud

put/orgs/{org}/actions/oidc/customization/sub
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/orgs/ORG/actions/oidc/customization/sub \ -d '{"include_claim_keys":["repo","context"]}'

Empty response

Status: 201

Get the customization template for an OIDC subject claim for a repository

Gets the customization template for an OpenID Connect (OIDC) subject claim.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

Tokens de acceso granulares para "Get the customization template for an OIDC subject claim for a repository"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

  • "Actions" repository permissions (read)

Este punto de conexión se puede usar sin autenticación o los permisos mencionados anteriormente si solo se solicitan recursos públicos.

Parámetros para "Get the customization template for an OIDC subject claim for a repository"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de ruta
owner string Obligatorio

The account owner of the repository. The name is not case sensitive.

repo string Obligatorio

The name of the repository without the .git extension. The name is not case sensitive.

Códigos de estado de respuesta HTTP para "Get the customization template for an OIDC subject claim for a repository"

código de estadoDescripción
200

Status response

400

Bad Request

404

Resource not found

Ejemplos de código para "Get the customization template for an OIDC subject claim for a repository"

Ejemplo de solicitud

get/repos/{owner}/{repo}/actions/oidc/customization/sub
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/actions/oidc/customization/sub

Status response

Status: 200
{ "use_default": false, "include_claim_keys": [ "repo", "context" ] }

Set the customization template for an OIDC subject claim for a repository

Sets the customization template and opt-in or opt-out flag for an OpenID Connect (OIDC) subject claim for a repository.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

Tokens de acceso granulares para "Set the customization template for an OIDC subject claim for a repository"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

  • "Actions" repository permissions (write)

Parámetros para "Set the customization template for an OIDC subject claim for a repository"

Encabezados
accept string

Setting to application/vnd.github+json is recommended.

Parámetros de ruta
owner string Obligatorio

The account owner of the repository. The name is not case sensitive.

repo string Obligatorio

The name of the repository without the .git extension. The name is not case sensitive.

Parámetros del cuerpo
use_default boolean Obligatorio

Whether to use the default template or not. If true, the include_claim_keys field is ignored.

include_claim_keys array of strings

Array of unique strings. Each claim key can only contain alphanumeric characters and underscores.

Códigos de estado de respuesta HTTP para "Set the customization template for an OIDC subject claim for a repository"

código de estadoDescripción
201

Empty response

400

Bad Request

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

Ejemplos de código para "Set the customization template for an OIDC subject claim for a repository"

Ejemplo de solicitud

put/repos/{owner}/{repo}/actions/oidc/customization/sub
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ https://api.github.com/repos/OWNER/REPO/actions/oidc/customization/sub \ -d '{"use_default":false,"include_claim_keys":["repo","context"]}'

Empty response

Status: 201