Source Controls - Create
Creates a source control.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}?api-version=2025-06-01URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
resource
|
path | True |
string minLength: 1maxLength: 90 |
The name of the resource group. The name is case insensitive. |
|
source
|
path | True |
string |
Source control Id |
|
subscription
|
path | True |
string (uuid) |
The ID of the target subscription. The value must be an UUID. |
|
workspace
|
path | True |
string minLength: 1maxLength: 90 pattern: ^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$ |
The name of the workspace. |
|
api-version
|
query | True |
string minLength: 1 |
The API version to use for this operation. |
Request Body
| Name | Required | Type | Description |
|---|---|---|---|
| properties.contentTypes | True |
Array of source control content types. |
|
| properties.displayName | True |
string |
The display name of the source control |
| properties.repoType | True |
The repository type of the source control |
|
| properties.repository | True |
Repository metadata. |
|
| etag |
string |
Etag of the azure resource |
|
| properties.description |
string |
A description of the source control |
|
| properties.repositoryAccess |
Repository access credentials. This is write-only object and it never returns back to a user. |
||
| properties.repositoryResourceInfo |
Information regarding the resources created in user's repository. |
||
| properties.servicePrincipal |
Service principal metadata. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
Updated |
|
| 201 Created |
Created |
|
| Other Status Codes |
Error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
Creates or updates a source control.
Sample request
PUT https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/sourcecontrols/789e0c1f-4a3d-43ad-809c-e713b677b04a?api-version=2025-06-01
{
"etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
"properties": {
"displayName": "My Source Control",
"description": "This is a source control",
"repoType": "Github",
"contentTypes": [
"AnalyticRules",
"Workbook"
],
"repository": {
"url": "https://github.com/user/repo",
"branch": "master",
"displayUrl": "https://github.com/user/repo"
},
"repositoryAccess": {
"kind": "OAuth",
"code": "939fd7c6caf754f4f41f",
"state": "state",
"clientId": "54b3c2c0-1f48-4a1c-af9f-6399c3240b73"
}
}
}
Sample response
{
"id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/sourcecontrols/789e0c1f-4a3d-43ad-809c-e713b677b04a",
"version": "V2",
"name": "789e0c1f-4a3d-43ad-809c-e713b677b04a",
"type": "Microsoft.SecurityInsights/SourceControls",
"etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
"properties": {
"id": "789e0c1f-4a3d-43ad-809c-e713b677b04a",
"displayName": "My Source Control",
"description": "this is a source control",
"repoType": "Github",
"contentTypes": [
"AnalyticRules",
"Workbook"
],
"repository": {
"url": "https://github.com/user/repo",
"branch": "master",
"displayUrl": "https://github.com/user/repo",
"deploymentLogsUrl": "https://github.com/user/repo/actions"
},
"servicePrincipal": {
"id": "2d297bee-cb45-444a-a9ce-904484f0bcd6",
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"appId": "42a43de2-b712-4408-9680-2514fed984e6"
},
"repositoryResourceInfo": {
"webhook": {
"webhookId": "342768323",
"webhookUrl": "https://cac.sentinel.azure.com/workspaces/b7c525e9-1bfa-4435-88c0-817e13abb088/webhooks/ado/sourceControl/789e0c1f-4a3d-43ad-809c-e713b677b04a",
"webhookSecretUpdateTime": "2021-01-01T17:18:19.1234567Z"
},
"gitHubResourceInfo": {
"appInstallationId": "123"
},
"azureDevOpsResourceInfo": null
},
"lastDeploymentInfo": {
"deploymentFetchStatus": "Success",
"deployment": {
"deploymentId": "4985046420",
"deploymentState": "Completed",
"deploymentResult": "Success",
"deploymentTime": "2021-01-01T17:18:19.1234567Z",
"deploymentLogsUrl": "https://github.com/user/repo/actions"
},
"message": "Successful deployment"
},
"pullRequest": {
"url": "https://github.com/user/repo/pull/123",
"state": "Open"
}
},
"systemData": {
"createdBy": "user1",
"createdByType": "User",
"createdAt": "2021-01-01T17:18:19.1234567Z",
"lastModifiedBy": "user2",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-02T17:18:19.1234567Z"
}
}{
"id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/sourcecontrols/789e0c1f-4a3d-43ad-809c-e713b677b04a",
"version": "V2",
"name": "789e0c1f-4a3d-43ad-809c-e713b677b04a",
"type": "Microsoft.SecurityInsights/SourceControls",
"etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
"properties": {
"id": "789e0c1f-4a3d-43ad-809c-e713b677b04a",
"displayName": "My Source Control",
"description": "this is a source control",
"repoType": "Github",
"contentTypes": [
"AnalyticRules",
"Workbook"
],
"repository": {
"url": "https://github.com/user/repo",
"branch": "master",
"displayUrl": "https://github.com/user/repo",
"deploymentLogsUrl": "https://github.com/user/repo/actions"
},
"servicePrincipal": {
"id": "2d297bee-cb45-444a-a9ce-904484f0bcd6",
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"appId": "42a43de2-b712-4408-9680-2514fed984e6"
},
"repositoryResourceInfo": {
"webhook": {
"webhookId": "342768323",
"webhookUrl": "https://cac.sentinel.azure.com/workspaces/b7c525e9-1bfa-4435-88c0-817e13abb088/webhooks/ado/sourceControl/789e0c1f-4a3d-43ad-809c-e713b677b04a",
"webhookSecretUpdateTime": "2021-01-01T17:18:19.1234567Z"
},
"gitHubResourceInfo": {
"appInstallationId": "123"
},
"azureDevOpsResourceInfo": null
},
"lastDeploymentInfo": {
"deploymentFetchStatus": "Success",
"deployment": {
"deploymentId": "4985046420",
"deploymentState": "Completed",
"deploymentResult": "Success",
"deploymentTime": "2021-01-01T17:18:19.1234567Z",
"deploymentLogsUrl": "https://github.com/user/repo/actions"
},
"message": "Successful deployment"
},
"pullRequest": {
"url": "https://github.com/user/repo/pull/123",
"state": "Open"
}
},
"systemData": {
"createdBy": "user1",
"createdByType": "User",
"createdAt": "2021-01-01T17:18:19.1234567Z",
"lastModifiedBy": "user2",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-01-02T17:18:19.1234567Z"
}
}Definitions
| Name | Description |
|---|---|
|
Azure |
Resources created in Azure DevOps repository. |
|
Cloud |
Error response structure. |
|
Cloud |
Error details. |
|
Content |
The content type of a source control path. |
|
created |
The type of identity that created the resource. |
| Deployment |
Description about a deployment. |
|
Deployment |
Status while trying to fetch the deployment information. |
|
Deployment |
Information regarding a deployment. |
|
Deployment |
Status while trying to fetch the deployment information. |
|
Deployment |
The current state of the deployment. |
|
Git |
Resources created in GitHub repository. |
|
Pull |
Information regarding pull request for protected branches. |
| Repository |
metadata of a repository. |
|
Repository |
Credentials to access repository. |
|
Repository |
The kind of repository access credentials |
|
Repository |
Resources created in user's repository for the source-control. |
|
Repo |
The type of repository. |
|
Service |
Service principal metadata. |
|
Source |
Represents a SourceControl in Azure Security Insights. |
| state |
State of the pull request |
|
system |
Metadata pertaining to creation and last modification of the resource. |
| Version |
The version of the source control. |
| Webhook |
Detail about the webhook object. |
|
Workload |
Workload Identity Federation metadata. |
AzureDevOpsResourceInfo
Resources created in Azure DevOps repository.
| Name | Type | Description |
|---|---|---|
| pipelineId |
string |
Id of the pipeline created for the source-control. |
| serviceConnectionId |
string |
Id of the service-connection created for the source-control. |
CloudError
Error response structure.
| Name | Type | Description |
|---|---|---|
| error |
Error data |
CloudErrorBody
Error details.
| Name | Type | Description |
|---|---|---|
| code |
string |
An identifier for the error. Codes are invariant and are intended to be consumed programmatically. |
| message |
string |
A message describing the error, intended to be suitable for display in a user interface. |
ContentType
The content type of a source control path.
| Value | Description |
|---|---|
| AnalyticsRule | |
| AutomationRule | |
| HuntingQuery | |
| Parser | |
| Playbook | |
| Workbook |
createdByType
The type of identity that created the resource.
| Value | Description |
|---|---|
| Application | |
| Key | |
| ManagedIdentity | |
| User |
Deployment
Description about a deployment.
| Name | Type | Description |
|---|---|---|
| deploymentId |
string |
Deployment identifier. |
| deploymentLogsUrl |
string |
Url to access repository action logs. |
| deploymentResult |
The outcome of the deployment. |
|
| deploymentState |
Current status of the deployment. |
|
| deploymentTime |
string (date-time) |
The time when the deployment finished. |
DeploymentFetchStatus
Status while trying to fetch the deployment information.
| Value | Description |
|---|---|
| NotFound | |
| Success | |
| Unauthorized |
DeploymentInfo
Information regarding a deployment.
| Name | Type | Description |
|---|---|---|
| deployment |
Deployment information. |
|
| deploymentFetchStatus |
Status while fetching the last deployment. |
|
| message |
string |
Additional details about the deployment that can be shown to the user. |
DeploymentResult
Status while trying to fetch the deployment information.
| Value | Description |
|---|---|
| Canceled | |
| Failed | |
| Success |
DeploymentState
The current state of the deployment.
| Value | Description |
|---|---|
| Canceling | |
| Completed | |
| In_Progress | |
| Queued |
GitHubResourceInfo
Resources created in GitHub repository.
| Name | Type | Description |
|---|---|---|
| appInstallationId |
string |
GitHub application installation id. |
PullRequest
Information regarding pull request for protected branches.
| Name | Type | Description |
|---|---|---|
| state |
State of the pull request |
|
| url |
string |
URL of pull request |
Repository
metadata of a repository.
| Name | Type | Description |
|---|---|---|
| branch |
string |
Branch name of repository. |
| deploymentLogsUrl |
string |
Url to access repository action logs. |
| displayUrl |
string |
Display url of repository. |
| url |
string |
Url of repository. |
RepositoryAccess
Credentials to access repository.
| Name | Type | Description |
|---|---|---|
| clientId |
string |
OAuth ClientId. Required when |
| code |
string |
OAuth Code. Required when |
| installationId |
string |
Application installation ID. Required when |
| kind |
The kind of repository access credentials |
|
| state |
string |
OAuth State. Required when |
| token |
string |
Personal Access Token. Required when |
RepositoryAccessKind
The kind of repository access credentials
| Value | Description |
|---|---|
| App | |
| OAuth | |
| PAT |
RepositoryResourceInfo
Resources created in user's repository for the source-control.
| Name | Type | Description |
|---|---|---|
| azureDevOpsResourceInfo |
Resources created in Azure DevOps for this source-control. |
|
| gitHubResourceInfo |
Resources created in GitHub for this source-control. |
|
| webhook |
The webhook object created for the source-control. |
RepoType
The type of repository.
| Value | Description |
|---|---|
| AzureDevOps | |
| Github |
ServicePrincipal
Service principal metadata.
| Name | Type | Description |
|---|---|---|
| appId |
string |
App id of service principal. |
| credentialsExpireOn |
string (date-time) |
Expiration time of service principal credentials. |
| id |
string |
Id of service principal. |
| tenantId |
string |
Tenant id of service principal. |
SourceControl
Represents a SourceControl in Azure Security Insights.
| Name | Type | Description |
|---|---|---|
| etag |
string |
Etag of the azure resource |
| id |
string (arm-id) |
Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
| name |
string |
The name of the resource |
| properties.contentTypes |
Array of source control content types. |
|
| properties.description |
string |
A description of the source control |
| properties.displayName |
string |
The display name of the source control |
| properties.id |
string |
The id (a Guid) of the source control |
| properties.lastDeploymentInfo |
Information regarding the latest deployment for the source control. |
|
| properties.pullRequest |
Information regarding the pull request of the source control. |
|
| properties.repoType |
The repository type of the source control |
|
| properties.repository |
Repository metadata. |
|
| properties.repositoryAccess |
Repository access credentials. This is write-only object and it never returns back to a user. |
|
| properties.repositoryResourceInfo |
Information regarding the resources created in user's repository. |
|
| properties.servicePrincipal |
Service principal metadata. |
|
| properties.version |
The version number associated with the source control |
|
| properties.workloadIdentityFederation |
Workload Identity metadata. |
|
| systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
|
| type |
string |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
state
State of the pull request
| Value | Description |
|---|---|
| Closed | |
| Open |
systemData
Metadata pertaining to creation and last modification of the resource.
| Name | Type | Description |
|---|---|---|
| createdAt |
string (date-time) |
The timestamp of resource creation (UTC). |
| createdBy |
string |
The identity that created the resource. |
| createdByType |
The type of identity that created the resource. |
|
| lastModifiedAt |
string (date-time) |
The timestamp of resource last modification (UTC) |
| lastModifiedBy |
string |
The identity that last modified the resource. |
| lastModifiedByType |
The type of identity that last modified the resource. |
Version
The version of the source control.
| Value | Description |
|---|---|
| V1 | |
| V2 |
Webhook
Detail about the webhook object.
| Name | Type | Description |
|---|---|---|
| rotateWebhookSecret |
boolean |
A flag to instruct the backend service to rotate webhook secret. |
| webhookId |
string |
Unique identifier for the webhook. |
| webhookSecretUpdateTime |
string (date-time) |
Time when the webhook secret was updated. |
| webhookUrl |
string |
URL that gets invoked by the webhook. |
WorkloadIdentityFederation
Workload Identity Federation metadata.
| Name | Type | Description |
|---|---|---|
| appId |
string |
App id of Workload Identity Federation. |
| id |
string |
Id of Workload Identity Federation. |
| issuer |
string |
Issuer of Workload Identity Federation. |
| subject |
string |
Subject of Workload Identity Federation. |
| tenantId |
string |
Tenant id of Workload Identity Federation. |