Delegated bypass and alert closure requests can be reviewed programmatically (#56865)

mchammer01 · am-stead · web-flow · commit 2a3908a1c6d9 · 2025-08-06T08:19:31.000Z
Co-authored-by: Anne-Marie &lt;102995847+am-stead@users.noreply.github.com&gt;
diff --git a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/managing-requests-to-bypass-push-protection.md b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/managing-requests-to-bypass-push-protection.md
@@ -21,6 +21,10 @@ shortTitle: Manage bypass requests
 
 When enabling delegated bypass for push protection, organization owners or repository administrators decide which {% ifversion push-protection-bypass-fine-grained-permissions %}individuals, {% endif %}roles or teams can review (approve or deny) requests to bypass push protection.
 
+>[!NOTE]
+> You can also use {% data variables.product.prodname_github_apps %} with fine-grained permissions to programmatically review and approve push protection bypass requests. This enables your organization to streamline security request reviews and enforce policies, or integrate with external security tools, ensuring that all reviews meet established standards. _For {% data variables.product.prodname_ghe_server %}, the use of {% data variables.product.prodname_github_apps %} to review bypass requests is available from version 3.19._
+> For more information about permissions, see [Organization permissions for "Organization bypass requests for secret scanning"](/enterprise-cloud@latest/rest/authentication/permissions-required-for-github-apps?apiVersion=2022-11-28#organization-permissions-for-organization-bypass-requests-for-secret-scanning).
+
 When a contributor requests bypass privileges to push a commit containing a secret, this designated group of reviewers:
 
 * Receives an email notification containing a link to the request.
diff --git a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/enabling-delegated-alert-dismissal-for-secret-scanning.md b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/enabling-delegated-alert-dismissal-for-secret-scanning.md
@@ -37,6 +37,10 @@ You must configure delegated dismissal for your organization using a custom secu
 
 To learn more about security configurations, see [AUTOTITLE](/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale).
 
+>[!NOTE]
+> You can use {% data variables.product.prodname_github_apps %} with fine-grained permissions to programmatically review and approve delegated dismissal requests. This enables your organization to streamline security request reviews and enforce policies, or integrate with external security tools, ensuring that all reviews meet established standards. _For {% data variables.product.prodname_ghe_server %}, the use of {% data variables.product.prodname_github_apps %} to review requests for delegated dismissals is available from version 3.19._
+> For more information about permissions, see [Organization permissions for "Organization bypass requests for secret scanning"](/enterprise-cloud@latest/rest/authentication/permissions-required-for-github-apps?apiVersion=2022-11-28#organization-permissions-for-organization-bypass-requests-for-secret-scanning).
+
 {% ifversion secret-scanning-alert-dismiss-custom-role %}
 
 ## Configuring delegated dismissal for an enterprise
