provider private-registries POST /orgs/{org}/private-registries
@utdk/github /orgs/{org}/private-registries
Create a private registry for an organization
Creates a private registry configuration with an encrypted value for an organization. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)." For OIDC-based registries (`oidc_azure`, `oidc_aws`, or `oidc_jfrog`), the `encrypted_value` and `key_id` fields should be omitted. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
org path required
The organization name. The name is not case sensitive.
string

Try it

Authentication
Configure credentials for GitHub v3 REST API
Gateway
The gateway proxies requests and injects credentials server-side. Configure credentials above, then enter your gateway URL.

Saved automatically to browser storage.

privateRegistries.createOrgPrivateRegistry
POST/orgs/{org}/private-registries
Creates a private registry configuration with an encrypted value for an organization. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)." For OIDC-based registries (`oidc_azure`, `oidc_aws`, or `oidc_jfrog`), the `encrypted_value` and `key_id` fields should be omitted. OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.

Parameters

required

The organization name. The name is not case sensitive.

Input

required

The registry type.

required

The URL of the private registry.

The username to use when authenticating with the private registry. This field should be omitted if the private registry does not require a username for authentication.

Whether this private registry should replace the base registry (e.g., npmjs.org for npm, rubygems.org for rubygems). When set to `true`, Dependabot will only use this registry and will not fall back to the public registry. When set to `false` (default), Dependabot will use this registry for scoped packages but may fall back to the public registry for other packages.

The value for your secret, encrypted with [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages) using the public key retrieved from the [Get private registries public key for an organization](https://docs.github.com/rest/private-registries/organization-configurations#get-private-registries-public-key-for-an-organization) endpoint. Required when `auth_type` is `token` or `username_password`. Should be omitted for OIDC auth types.

The ID of the key you used to encrypt the secret. Required when `auth_type` is `token` or `username_password`. Should be omitted for OIDC auth types.

required

Which type of organization repositories have access to the private registry. `selected` means only the repositories specified by `selected_repository_ids` can access the private registry.

An array of repository IDs that can access the organization private registry. You can only provide a list of repository IDs when `visibility` is set to `selected`. You can manage the list of selected repositories using the [Update a private registry for an organization](https://docs.github.com/rest/private-registries/organization-configurations#update-a-private-registry-for-an-organization) endpoint. This field should be omitted if `visibility` is set to `all` or `private`.

The authentication type for the private registry. Defaults to `token` if not specified. Use `oidc_azure`, `oidc_aws`, or `oidc_jfrog` for OIDC authentication.

The tenant ID of the Azure AD application. Required when `auth_type` is `oidc_azure`.

The client ID of the Azure AD application. Required when `auth_type` is `oidc_azure`.

The AWS region. Required when `auth_type` is `oidc_aws`.

The AWS account ID. Required when `auth_type` is `oidc_aws`.

The AWS IAM role name. Required when `auth_type` is `oidc_aws`.

The CodeArtifact domain. Required when `auth_type` is `oidc_aws`.

The CodeArtifact domain owner (AWS account ID). Required when `auth_type` is `oidc_aws`.

The JFrog OIDC provider name. Required when `auth_type` is `oidc_jfrog`.

The OIDC audience. Optional for `oidc_aws` and `oidc_jfrog` auth types.

The JFrog identity mapping name. Optional for `oidc_jfrog` auth type.

Enter a gateway URL above to enable sending.

Code snippet
Updates live as you fill in the form above.

TypeScript

import github from '@utdk/github';

await github.privateRegistries.createOrgPrivateRegistry({
  "replaces_base": false
})