About additional settings for secret scanning
There are some additional secret scanning settings that cannot be applied to repositories using security configurations, so you must configure these settings separately:
These additional settings only apply to repositories with both GitHub Advanced Security and secret scanning enabled.
Accessing the additional settings for secret scanning
- In the top-right corner of GitHub, click your profile photo.
- Depending on your environment, click Your enterprise, or click Your enterprises then click the enterprise you want to view.
- On the left side of the page, in the enterprise account sidebar, click Settings.
- In the left sidebar, click Code security.
- Scroll down the page to the "Additional settings" section.
Configuring a resource link for push protection
To provide context for developers when secret scanning blocks a commit, you can display a link with more information on why the commit was blocked.
- Under "Additional settings", to the right of "Resource link for push protection", click .
- In the text box, type the link to the desired resource, then click .
Configuring AI detection to find additional secrets
Copilot secret scanning's generic secret detection is an AI-powered expansion of secret scanning that scans and creates alerts for unstructured secrets, such as passwords.
- Under "Additional settings", to the right of "Use AI detection to find additional secrets", ensure the setting is toggled to "On".
Note
You do not need a subscription to GitHub Copilot to use Copilot secret scanning's generic secret detection. Copilot secret scanning features are available to private repositories in GitHub Enterprise Cloud enterprises that have GitHub Advanced Security enabled.
To learn more about generic secrets, see Responsible detection of generic secrets with Copilot secret scanning.