Note: Your site administrator must enable 秘密扫描 for 您的 GitHub Enterprise Server 实例 before you can use this feature. For more information, see "Configuring 秘密扫描 for your appliance."
Supported secrets
When > - 秘密扫描 is enabled, GitHub scans for secrets issued by the following service providers.
If you use the REST API for secret scanning, you can use the Secret type
to report on secrets from specific issuers. For more information, see "Secret scanning."
Note: You can also define custom 秘密扫描 patterns for your repository, organization, or enterprise. For more information, see "Defining custom patterns for 秘密扫描."
提供者 | 支持的密钥 | 密钥类型 |
---|---|---|
Adafruit IO | Adafruit IO 密钥 | adafruit_io_key |
Adobe | Adobe Device Token | adobe_device_token |
Adobe | Adobe Service Token | adobe_service_token |
Adobe | Adobe Short-Lived Access Token | adobe_short_lived_access_token |
Adobe | Adobe JSON Web Token | adobe_jwt Alibaba Cloud |
Amazon | Amazon OAuth 客户端 ID | amazon_oauth_client_id |
Amazon | Amazon OAuth 客户端机密 | amazon_oauth_client_secret Amazon Web Services (AWS) |
Amazon Web Services (AWS) | Amazon AWS Session Token | aws_session_token |
Amazon Web Services (AWS) | Amazon AWS Temporary Access Key ID | aws_temporary_access_key_id |
Asana | Asana 个人访问令牌 | asana_personal_access_token Atlassian |
Atlassian | Bitbucket Server Personal Access Token | bitbucket_server_personal_access_token |
Azure | Azure Active Directory 应用程序密钥 | azure_active_directory_application_secret |
Azure | Azure Cache for Redis 访问密钥 | azure_cache_for_redis_access_key Azure |
Beamer | Beamer API Key | beamer_api_key |
Checkout.com | Checkout.com Production Secret Key | checkout_production_secret_key |
Checkout.com | Checkout.com 测试密钥 | checkout_test_secret_key Clojars |
CloudBees CodeShip | CloudBees CodeShip Credential | codeship_credential |
Contentful | Contentful 个人访问令牌 | contentful_personal_access_token Databricks |
Doppler | Doppler 审核令牌 | doppler_audit_token Dropbox |
Duffel | Duffel Live Access Token | duffel_live_access_token |
Duffel | Duffel 测试访问令牌 | duffel_test_access_token Dynatrace |
EasyPost | EasyPost Production API Key | easypost_production_api_key |
EasyPost | EasyPost Test API Key | easypost_test_api_key |
Fastly | Fastly API 令牌 | fastly_api_token Finicity |
Flutterwave | Flutterwave Live API Secret Key | flutterwave_live_api_secret_key |
Flutterwave | Flutterwave 测试 API 密钥 | flutterwave_test_api_secret_key Frame.io |
FullStory | FullStory API Key | fullstory_api_key |
GitHub | GitHub Personal Access Token | github_personal_access_token |
GitHub | GitHub OAuth Access Token | github_oauth_access_token |
GitHub | GitHub Refresh Token | github_refresh_token |
GitHub | GitHub App 安装访问令牌 | github_app_installation_access_token GitHub |
GitLab | GitLab 访问令牌 | gitlab_access_token GoCardless |
Firebase Cloud Messaging Server 密钥 | firebase_cloud_messaging_server_key Google | |
Google Cloud Storage Access Key Secret | google_cloud_storage_access_key_secret | |
Google Cloud Storage Service Account Access Key ID | google_cloud_storage_service_account_access_key_id | |
Google Cloud Storage User Access Key ID | google_cloud_storage_user_access_key_id | |
Google OAuth 访问令牌 | google_oauth_access_token | |
Google OAuth 客户端 ID | google_oauth_client_id | |
Google OAuth 客户端密钥 | google_oauth_client_secret | |
Google OAuth 更新令牌 | google_oauth_refresh_token | |
Grafana | Grafana API 密钥 | grafana_api_key HashiCorp |
Intercom | Intercom Access Token | intercom_access_token |
Ionic | Ionic Personal Access Token | ionic_personal_access_token |
Ionic | Ionic Refresh Token | ionic_refresh_token |
JFrog | JFrog Platform Access Token | jfrog_platform_access_token |
JFrog | JFrog Platform API Key | jfrog_platform_api_key |
Linear | Linear API Key | linear_api_key |
Linear | Linear OAuth Access Token | linear_oauth_access_token |
Lob | Lob Live API Key | lob_live_api_key |
Lob | Lob Test API 密钥 | lob_test_api_key Mailchimp |
Mapbox | Mapbox 密钥访问令牌 | mapbox_secret_access_token |
MessageBird | MessageBird API Key | messagebird_api_key |
Meta | Facebook 访问令牌 | facebook_access_token |
Midtrans | Midtrans Production Server 密钥 | midtrans_production_server_key |
Midtrans | Midtrans Sandbox Server 密钥 | midtrans_sandbox_server_key |
New Relic | New Relic Personal API Key | new_relic_personal_api_key |
New Relic | New Relic REST API Key | new_relic_rest_api_key |
New Relic | New Relic Insights Query Key | new_relic_insights_query_key |
New Relic | New Relic License Key | new_relic_license_key |
Notion | Notion 集成令牌 | notion_integration_token |
Notion | Notion OAuth 客户端密钥 | notion_oauth_client_secret npm |
Octopus Deploy | Octopus Deploy API 密钥 | octopus_deploy_api_key |
Onfido | Onfido Live API Token | onfido_live_api_token |
Onfido | Onfido Sandbox API Token | onfido_sandbox_api_token |
OpenAI | OpenAI API 密钥 | openai_api_key Palantir |
PlanetScale | PlanetScale Database Password | planetscale_database_password |
PlanetScale | PlanetScale OAuth Token | planetscale_oauth_token |
PlanetScale | PlanetScale Service Token | planetscale_service_token |
Plivo | Plivo Auth ID | plivo_auth_id |
Plivo | Plivo 验证令牌 | plivo_auth_token Postman |
PyPI | PyPI API Token | pypi_api_token |
RubyGems | RubyGems API 密钥 | rubygems_api_key Samsara |
SendGrid | SendGrid API Key | sendgrid_api_key |
Sendinblue | Sendinblue API Key | sendinblue_api_key |
Sendinblue | Sendinblue SMTP Key | sendinblue_smtp_key |
Shippo | Shippo Live API Token | shippo_live_api_token |
Shippo | Shippo Test API Token | shippo_test_api_token Shopify |
Square | Square 访问令牌 | square_access_token |
Square | Square Production Application 密钥 | square_production_application_secret |
Square | Square Sandbox 应用程序密钥 | square_sandbox_application_secret SSLMate |
Stripe | Stripe Webhook Signing Secret | stripe_webhook_signing_secret |
Supabase | Supabase 服务密钥 | supabase_service_key Tableau |
Telegram | Telegram Bot 令牌 | telegram_bot_token Tencent Cloud |
Twilio | Twilio 访问令牌 | twilio_access_token Twilio |
Typeform | Typeform 个人访问令牌 | typeform_personal_access_token |
Yandex | Yandex.Cloud API 密钥 | yandex_cloud_api_key |
Yandex | Yandex.Cloud IAM Cookie | yandex_cloud_iam_cookie |
Yandex | Yandex.Cloud IAM 令牌 | yandex_cloud_iam_token |
Yandex | Yandex.Dictionary API 密钥 | yandex_dictionary_api_key |
Yandex | Yandex.Predictor API 密钥 | yandex_predictor_api_key |
Yandex | Yandex.Translate API 密钥 | yandex_translate_api_key |
Further reading
- "Securing your repository"
- "Keeping your account and data secure"
- "秘密扫描 partner program" in the GitHub Enterprise Cloud documentation