Note: Your site administrator must enable secret scanning for your GitHub Enterprise Server instance before you can use this feature. For more information, see "Configuring secret scanning for your appliance."
Supported secrets
When secret scanning is enabled, GitHub scans for secrets issued by the following service providers.
If you use the REST API for secret scanning, you can use the Secret type to report on secrets from specific issuers. For more information, see "Secret scanning."
| Provider | Supported secret | Secret type |
|---|---|---|
| Adafruit IO | Adafruit IO Key | adafruit_io_key |
| Alibaba Cloud | Alibaba Cloud Access Key ID | alibaba_cloud_access_key_id |
| Alibaba Cloud | Alibaba Cloud Access Key Secret | alibaba_cloud_access_key_secret |
| Amazon Web Services (AWS) | Amazon AWS Access Key ID | aws_access_key_id |
| Amazon Web Services (AWS) | Amazon AWS Secret Access Key | aws_secret_access_key |
| Atlassian | Atlassian API Token | atlassian_api_token |
| Atlassian | Atlassian JSON Web Token | atlassian_jwt |
| Azure | Azure DevOps Personal Access Token | azure_devops_personal_access_token |
| Azure | Azure SAS Token | azure_sas_token |
| Azure | Azure Service Management Certificate | azure_management_certificate |
| Azure | Azure SQL Connection String | azure_sql_connection_string |
| Azure | Azure Storage Account Key | azure_storage_account_key |
| Clojars | Clojars Deploy Token | clojars_deploy_token |
| Databricks | Databricks Access Token | databricks_access_token |
| Discord | Discord Bot Token | discord_bot_token |
| Doppler | Doppler Personal Token | doppler_personal_token |
| Doppler | Doppler Service Token | doppler_service_token |
| Doppler | Doppler CLI Token | doppler_cli_token |
| Doppler | Doppler SCIM Token | doppler_scim_token |
| Dropbox | Dropbox Access Token | dropbox_access_token |
| Dropbox | Dropbox Short Lived Access Token | dropbox_short_lived_access_token |
| Dynatrace | Dynatrace Access Token | dynatrace_access_token |
| Dynatrace | Dynatrace Internal Token | dynatrace_internal_token |
| Finicity | Finicity App Key | finicity_app_key |
| Frame.io | Frame.io JSON Web Token | frameio_jwt |
| Frame.io | Frame.io Developer Token | frameio_developer_token |
| GitHub | GitHub SSH Private Key | github_ssh_private_key |
| GoCardless | GoCardless Live Access Token | gocardless_live_access_token |
| GoCardless | GoCardless Sandbox Access Token | gocardless_sandbox_access_token |
| Google API Key | google_api_key | |
| Google Cloud Private Key ID | google_cloud_private_key_id | |
| HashiCorp | Terraform Cloud / Enterprise API Token | terraform_api_token |
| HashiCorp | HashiCorp Vault Batch Token | hashicorp_vault_batch_token |
| HashiCorp | HashiCorp Vault Service Token | hashicorp_vault_service_token |
| Hubspot | Hubspot API Key | hubspot_api_key |
| Mailchimp | Mailchimp API Key | mailchimp_api_key |
| Mailgun | Mailgun API Key | mailgun_api_key |
| npm | npm Access Token | npm_access_token |
| NuGet | NuGet API Key | nuget_api_key |
| Palantir | Palantir JSON Web Token | palantir_jwt |
| Postman | Postman API Key | postman_api_key |
| Proctorio | Proctorio Consumer Key | proctorio_consumer_key |
| Proctorio | Proctorio Linkage Key | proctorio_linkage_key |
| Proctorio | Proctorio Registration Key | proctorio_registration_key |
| Proctorio | Proctorio Secret Key | proctorio_secret_key |
| Pulumi | Pulumi Access Token | pulumi_access_token |
| Samsara | Samsara API Token | samsara_api_token |
| Samsara | Samsara OAuth Access Token | samsara_oauth_access_token |
| Shopify | Shopify App Shared Secret | shopify_app_shared_secret |
| Shopify | Shopify Access Token | shopify_access_token |
| Shopify | Shopify Custom App Access Token | shopify_custom_app_access_token |
| Shopify | Shopify Private App Password | shopify_private_app_password |
| Slack | Slack API Token | slack_api_token |
| Slack | Slack Incoming Webhook URL | slack_incoming_webhook_url |
| Slack | Slack Workflow Webhook URL | slack_workflow_webhook_url |
| SSLMate | SSLMate API Key | sslmate_api_key |
| SSLMate | SSLMate Cluster Secret | sslmate_cluster_secret |
| Stripe | Stripe API Key | stripe_api_key |
| Stripe | Stripe Live API Secret Key | stripe_live_secret_key |
| Stripe | Stripe Test API Secret Key | stripe_test_secret_key |
| Stripe | Stripe Live API Restricted Key | stripe_live_restricted_key |
| Stripe | Stripe Test API Restricted Key | stripe_test_restricted_key |
| Tencent Cloud | Tencent Cloud Secret ID | tencent_cloud_secret_id |
| Twilio | Twilio Account String Identifier | twilio_account_sid |
| Twilio | Twilio API Key | twilio_api_key |
Further reading
- "Securing your repository"
- "Keeping your account and data secure"
- "Secret scanning partner program" in the GitHub Enterprise Cloud documentation