Project security settings API

  • Tier: Ultimate
  • Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated

Every API call to project security settings must be authenticated.

If a project is private, and a user isn’t a member of the project to which the security setting belongs, requests to that project returns a 404 Not Found status code.

List project security settings

List all of a project’s security settings.

Prerequisites:

  • You must have at least the Developer role for the project.
GET /projects/:id/security_settings
AttributeTypeRequiredDescription
idinteger or stringyesThe ID or URL-encoded path of the project.
curl --request GET \
--header "PRIVATE-TOKEN: <your_access_token>" \
--url "https://gitlab.example.com/api/v4/projects/7/security_settings"

Example response:

{
    "project_id": 7,
    "created_at": "2024-08-27T15:30:33.075Z",
    "updated_at": "2024-10-16T05:09:22.233Z",
    "auto_fix_container_scanning": true,
    "auto_fix_dast": true,
    "auto_fix_dependency_scanning": true,
    "auto_fix_sast": true,
    "continuous_vulnerability_scans_enabled": true,
    "container_scanning_for_registry_enabled": false,
    "secret_push_protection_enabled": true
}

Update secret_push_protection_enabled setting

History

Update the secret_push_protection_enabled setting for the project to the provided value.

Set to true to enable secret push protection for the project.

Prerequisites:

  • You must have at least the Maintainer role for the project.
AttributeTypeRequiredDescription
idinteger or stringyesThe ID or URL-encoded path of the project which the authenticated user is a member of
secret_push_protection_enabledbooleanyesThe value to update secret_push_protection_enabled to
curl --request PUT \
--header "PRIVATE-TOKEN: <your_access_token>" \
--url "https://gitlab.example.com/api/v4/projects/7/security_settings?secret_push_protection_enabled=false"

Example response:

{
    "project_id": 7,
    "created_at": "2024-08-27T15:30:33.075Z",
    "updated_at": "2024-10-16T05:09:22.233Z",
    "auto_fix_container_scanning": true,
    "auto_fix_dast": true,
    "auto_fix_dependency_scanning": true,
    "auto_fix_sast": true,
    "continuous_vulnerability_scans_enabled": true,
    "container_scanning_for_registry_enabled": false,
    "secret_push_protection_enabled": false
}