Note: Your site administrator must enable 秘密扫描 for 您的 GitHub Enterprise Server 实例 before you can use this feature. For more information, see "Configuring 秘密扫描 for your appliance."
Supported secrets
When > - 秘密扫描 is enabled, GitHub scans for secrets issued by the following service providers.
If you use the REST API for secret scanning, you can use the Secret type
to report on secrets from specific issuers. For more information, see "Secret scanning."
Note: You can also define custom 秘密扫描 patterns for your repository, organization, or enterprise. For more information, see "Defining custom patterns for 秘密扫描."
提供者 | 支持的密钥 | 密钥类型 |
---|---|---|
Adafruit IO | Adafruit IO 密钥 | adafruit_io_key |
Adobe | Adobe Device Token | adobe_device_token |
Adobe | Adobe Service Token | adobe_service_token |
Adobe | Adobe Short-Lived Access Token | adobe_short_lived_access_token |
Adobe | Adobe JSON Web Token | adobe_jwt Alibaba Cloud |
Asana | Asana 个人访问令牌 | asana_personal_access_token Atlassian |
Atlassian | Bitbucket Server Personal Access Token | bitbucket_server_personal_access_token Azure |
Azure | Azure SQL 连接字符串 | azure_sql_connection_string Azure |
Checkout.com | Checkout.com Production Secret Key | checkout_production_secret_key |
Checkout.com | Checkout.com 测试密钥 | checkout_test_secret_key Clojars |
CloudBees CodeShip | CloudBees CodeShip Credential | codeship_credential Databricks |
Doppler | Doppler 审核令牌 | doppler_audit_token Dropbox |
Duffel | Duffel Live Access Token | duffel_live_access_token |
Duffel | Duffel 测试访问令牌 | duffel_test_access_token Dynatrace |
EasyPost | EasyPost Production API Key | easypost_production_api_key |
EasyPost | EasyPost Test API Key | easypost_test_api_key |
Fastly | Fastly API 令牌 | fastly_api_token Finicity |
Flutterwave | Flutterwave Live API Secret Key | flutterwave_live_api_secret_key |
Flutterwave | Flutterwave 测试 API 密钥 | flutterwave_test_api_secret_key Frame.io |
GitHub | GitHub Personal Access Token | github_personal_access_token |
GitHub | GitHub OAuth Access Token | github_oauth_access_token |
GitHub | GitHub Refresh Token | github_refresh_token |
GitHub | GitHub App 安装访问令牌 | github_app_installation_access_token GitHub |
Grafana | Grafana API 密钥 | grafana_api_key HashiCorp |
Intercom | Intercom Access Token | intercom_access_token |
Ionic | Ionic Personal Access Token | ionic_personal_access_token |
Ionic | Ionic Refresh Token | ionic_refresh_token |
Linear | Linear API Key | linear_api_key |
Linear | Linear OAuth Access Token | linear_oauth_access_token |
Lob | Lob Live API Key | lob_live_api_key |
Lob | Lob Test API 密钥 | lob_test_api_key Mailchimp |
MessageBird | MessageBird API Key | messagebird_api_key |
Meta | Facebook 访问令牌 | facebook_access_token npm |
Onfido | Onfido Live API Token | onfido_live_api_token |
Onfido | Onfido Sandbox API Token | onfido_sandbox_api_token |
OpenAI | OpenAI API 密钥 | openai_api_key Palantir |
PyPI | PyPI API Token | pypi_api_token |
RubyGems | RubyGems API 密钥 | rubygems_api_key Samsara |
SendGrid | SendGrid API Key | sendgrid_api_key |
Shippo | Shippo Live API Token | shippo_live_api_token |
Shippo | Shippo Test API Token | shippo_test_api_token Shopify |
Stripe | Stripe Webhook Signing Secret | stripe_webhook_signing_secret Tableau |
Telegram | Telegram Bot 令牌 | telegram_bot_token Tencent Cloud |
Further reading
- "Securing your repository"
- "Keeping your account and data secure"
- "秘密扫描 partner program" in the GitHub Enterprise Cloud documentation