--- title: Returns a list of Secrets rules description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > API Reference > Security Monitoring --- # Returns a list of Secrets rules{% #returns-a-list-of-secrets-rules %} Copy pageCopied {% tab title="v2" %} **Note**: This endpoint may be subject to changes. | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/static-analysis/secrets/rules | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/static-analysis/secrets/rules | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/static-analysis/secrets/rules | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/static-analysis/secrets/rules | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/static-analysis/secrets/rules | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/static-analysis/secrets/rules | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/static-analysis/secrets/rules | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/static-analysis/secrets/rules | ### Overview Returns a list of Secrets rules with ID, Pattern, Description, Priority, and SDS ID. OAuth apps require the `code_analysis_read` authorization [scope](https://docs.datadoghq.com/api/latest/scopes.md#security-monitoring) to access this endpoint. ### Response {% tab title="200" %} OK {% tab title="Model" %} A collection of secret detection rules returned by the list endpoint. | Parent field | Field | Type | Description | | ------------------------ | ------------------------- | -------- | ----------------------------------------------------------------------------------------------------------------------- | | | data [*required*] | [object] | The list of secret detection rules. | | data | attributes | object | The attributes of a secret detection rule, including its pattern, priority, and validation configuration. | | attributes | default_included_keywords | [string] | A list of keywords that are included by default when scanning for secrets matching this rule. | | attributes | description | string | A detailed explanation of what type of secret this rule detects. | | attributes | license | string | The license under which this secret rule is distributed. | | attributes | match_validation | object | Configuration for validating whether a detected secret is active by making an HTTP request and inspecting the response. | | match_validation | endpoint | string | The URL endpoint to call when validating a detected secret. | | match_validation | hosts | [string] | The list of hostnames to include when performing secret match validation. | | match_validation | http_method | string | The HTTP method (e.g., GET, POST) to use when making the validation request. | | match_validation | invalid_http_status_code | [object] | The HTTP status code ranges that indicate the detected secret is invalid or inactive. | | invalid_http_status_code | end | int64 | The inclusive upper bound of the HTTP status code range. | | invalid_http_status_code | start | int64 | The inclusive lower bound of the HTTP status code range. | | match_validation | request_headers | object | A map of HTTP header names to values to include in the validation request. | | additionalProperties | | string | | match_validation | timeout_seconds | int64 | The maximum number of seconds to wait for a response during validation before timing out. | | match_validation | type | string | The type of match validation to perform (e.g., http). | | match_validation | valid_http_status_code | [object] | The HTTP status code ranges that indicate the detected secret is valid and active. | | valid_http_status_code | end | int64 | The inclusive upper bound of the HTTP status code range. | | valid_http_status_code | start | int64 | The inclusive lower bound of the HTTP status code range. | | attributes | name | string | The unique name of the secret detection rule. | | attributes | pattern | string | The regular expression pattern used to identify potential secrets in source code or configuration. | | attributes | priority | string | The priority level of this rule, used to rank findings when multiple rules match. | | attributes | sds_id | string | The identifier of the corresponding Sensitive Data Scanner rule, if one exists. | | attributes | validators | [string] | A list of validator identifiers used to further confirm a detected secret is genuine. | | data | id | string | The unique identifier of the secret rule resource. | | data | type [*required*] | enum | Secret rule resource type. Allowed enum values: `secret_rule` | {% /tab %} {% tab title="Example" %} ```json { "data": [ { "attributes": { "default_included_keywords": [], "description": "string", "license": "string", "match_validation": { "endpoint": "string", "hosts": [], "http_method": "string", "invalid_http_status_code": [ { "end": "integer", "start": "integer" } ], "request_headers": { "": "string" }, "timeout_seconds": "integer", "type": "string", "valid_http_status_code": [ { "end": "integer", "start": "integer" } ] }, "name": "string", "pattern": "string", "priority": "string", "sds_id": "string", "validators": [] }, "id": "string", "type": "secret_rule" } ] } ``` {% /tab %} {% /tab %} {% tab title="429" %} Too many requests {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} ### Code Example ##### \# Curl command curl -X GET "https://api.datadoghq.com/api/v2/static-analysis/secrets/rules" \ -H "Accept: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" ##### ```python """ Returns a list of Secrets rules returns "OK" response """ from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi configuration = Configuration() configuration.unstable_operations["get_secrets_rules"] = True with ApiClient(configuration) as api_client: api_instance = SecurityMonitoringApi(api_client) response = api_instance.get_secrets_rules() print(response) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=python) and then save the example to `example.py` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" python3 "example.py" ##### ```ruby # Returns a list of Secrets rules returns "OK" response require "datadog_api_client" DatadogAPIClient.configure do |config| config.unstable_operations["v2.get_secrets_rules".to_sym] = true end api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new p api_instance.get_secrets_rules() ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=ruby) and then save the example to `example.rb` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" rb "example.rb" ##### ```go // Returns a list of Secrets rules returns "OK" response package main import ( "context" "encoding/json" "fmt" "os" "github.com/DataDog/datadog-api-client-go/v2/api/datadog" "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" ) func main() { ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() configuration.SetUnstableOperationEnabled("v2.GetSecretsRules", true) apiClient := datadog.NewAPIClient(configuration) api := datadogV2.NewSecurityMonitoringApi(apiClient) resp, r, err := api.GetSecretsRules(ctx) if err != nil { fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.GetSecretsRules`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } responseContent, _ := json.MarshalIndent(resp, "", " ") fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.GetSecretsRules`:\n%s\n", responseContent) } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=go) and then save the example to `main.go` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" go run "main.go" ##### ```java // Returns a list of Secrets rules returns "OK" response import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.SecurityMonitoringApi; import com.datadog.api.client.v2.model.SecretRuleArray; public class Example { public static void main(String[] args) { ApiClient defaultClient = ApiClient.getDefaultApiClient(); defaultClient.setUnstableOperationEnabled("v2.getSecretsRules", true); SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient); try { SecretRuleArray result = apiInstance.getSecretsRules(); System.out.println(result); } catch (ApiException e) { System.err.println("Exception when calling SecurityMonitoringApi#getSecretsRules"); System.err.println("Status code: " + e.getCode()); System.err.println("Reason: " + e.getResponseBody()); System.err.println("Response headers: " + e.getResponseHeaders()); e.printStackTrace(); } } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=java) and then save the example to `Example.java` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" java "Example.java" ##### ```rust // Returns a list of Secrets rules returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI; #[tokio::main] async fn main() { let mut configuration = datadog::Configuration::new(); configuration.set_unstable_operation_enabled("v2.GetSecretsRules", true); let api = SecurityMonitoringAPI::with_config(configuration); let resp = api.get_secrets_rules().await; if let Ok(value) = resp { println!("{:#?}", value); } else { println!("{:#?}", resp.unwrap_err()); } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=rust) and then save the example to `src/main.rs` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" cargo run ##### ```typescript /** * Returns a list of Secrets rules returns "OK" response */ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); configuration.unstableOperations["v2.getSecretsRules"] = true; const apiInstance = new v2.SecurityMonitoringApi(configuration); apiInstance .getSecretsRules() .then((data: v2.SecretRuleArray) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) ); }) .catch((error: any) => console.error(error)); ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=typescript) and then save the example to `example.ts` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" tsc "example.ts" {% /tab %}