Project security settings API
- Tier: Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
Every API call to project security settings must be authenticated.
If a project is private, and a user isn’t a member of the project to which the security setting
belongs, requests to that project returns a 404 Not Found status code.
List project security settings
List all of a project’s security settings.
Prerequisites:
- You must have at least the Developer role for the project.
GET /projects/:id/security_settings| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of the project. |
curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/7/security_settings"Example response:
{
"project_id": 7,
"created_at": "2024-08-27T15:30:33.075Z",
"updated_at": "2024-10-16T05:09:22.233Z",
"auto_fix_container_scanning": true,
"auto_fix_dast": true,
"auto_fix_dependency_scanning": true,
"auto_fix_sast": true,
"continuous_vulnerability_scans_enabled": true,
"container_scanning_for_registry_enabled": false,
"secret_push_protection_enabled": true
}Update secret_push_protection_enabled setting
Update the secret_push_protection_enabled setting for the project to the provided value.
Set to true to enable secret push protection for the project.
Prerequisites:
- You must have at least the Maintainer role for the project.
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of the project which the authenticated user is a member of |
secret_push_protection_enabled |
boolean | yes | The value to update secret_push_protection_enabled to |
curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/7/security_settings?secret_push_protection_enabled=false"Example response:
{
"project_id": 7,
"created_at": "2024-08-27T15:30:33.075Z",
"updated_at": "2024-10-16T05:09:22.233Z",
"auto_fix_container_scanning": true,
"auto_fix_dast": true,
"auto_fix_dependency_scanning": true,
"auto_fix_sast": true,
"continuous_vulnerability_scans_enabled": true,
"container_scanning_for_registry_enabled": false,
"secret_push_protection_enabled": false
}Docs
Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.
Product
Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Feature availability and product trials
View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.
Get help
If you didn't find what you were looking for, search the docs.
If you want help with something specific and could use community support, post on the GitLab forum.
For problems setting up or using this feature (depending on your GitLab subscription).
Request support