About secret scanning patterns
GitHub Enterprise Cloud maintains two different sets of secret scanning patterns:
- Partner patterns. Used to detect potential secrets in all public repositories. For details, see "Supported secrets for partner patterns."
- Advanced security patterns. Used to detect potential secrets in repositories with secret scanning enabled. For details, see "Supported secrets for advanced security."
Supported secrets for partner patterns
GitHub Enterprise Cloud currently scans public repositories for secrets issued by the following service providers. For more information about secret scanning for partner patterns, see "About secret scanning for partner patterns."
| パートナー | サポートされているシークレット |
|---|---|
| Adafruit IO | Adafruit IO Key |
| Adobe | Adobe Device Token |
| Adobe | Adobe Service Token |
| Adobe | Adobe Short-Lived Access Token |
| Adobe | Adobe JSON Web Token |
| Alibaba Cloud | Alibaba Cloud Access Key ID及びAccess Key Secret pair |
| Amazon Web Services (AWS) | Amazon AWS Access Key ID及びSecret Access Key pair |
| Atlassian | Atlassian API Token |
| Atlassian | Atlassian JSON Web Token |
| Azure | Azure Active Directory Application Secret |
| Azure | Azure DevOps Personal Access Token |
| Azure | Azure SAS Token |
| Azure | Azure Service Management Certificate |
| Azure | Azure SQL Connection String |
| Azure | Azure Storage Account Key |
| Checkout.com | Checkout.com Production Secret Key |
| Checkout.com | Checkout.com Test Secret Key |
| Clojars | Clojars Deploy Token |
| CloudBees CodeShip | CloudBees CodeShip Credential |
| Contributed Systems | Contributed Systems Credentials |
| Databricks | Databricks Access Token |
| Datadog | Datadog API Key |
| DigitalOcean | DigitalOcean Personal Access Token |
| DigitalOcean | DigitalOcean OAuth Token |
| DigitalOcean | DigitalOcean Refresh Token |
| DigitalOcean | DigitalOcean System Token |
| Discord | Discord Bot Token |
| Doppler | Doppler Personal Token |
| Doppler | Doppler Service Token |
| Doppler | Doppler CLI Token |
| Doppler | Doppler SCIM Token |
| Doppler | Doppler Audit Token |
| Dropbox | Dropbox Access Token |
| Dropbox | Dropbox Short Lived Access Token |
| Dynatrace | Dynatrace Access Token |
| Dynatrace | Dynatrace Internal Token |
| Finicity | Finicity App Key |
| Frame.io | Frame.io JSON Web Token |
| Frame.io | Frame.io Developer Token |
| FullStory | FullStory API Key |
| GitHub | GitHub Personal Access Token |
| GitHub | GitHub OAuthアクセストークン |
| GitHub | GitHub Refreshトークン |
| GitHub | GitHub App Installation Access Token |
| GitHub | GitHub SSH Private Key |
| GoCardless | GoCardless Live Access Token |
| GoCardless | GoCardless Sandbox Access Token |
| Google Cloud | Google API Key |
| Google Cloud | Google Cloud Private Key ID |
| Hashicorp Terraform | Terraform Cloud / Enterprise API Token |
| Hubspot | Hubspot API Key |
| Ionic | Ionic Personal Access Token |
| Ionic | Ionic Refresh Token |
| JD Cloud | JD Cloud Access Key |
| Linear | Linear API Key |
| Linear | Linear OAuth Access Token |
| Mailchimp | Mailchimp API Key |
| Mailchimp | Mandrill API Key |
| Mailgun | Mailgun API Key |
| MessageBird | MessageBird API Key |
| メタ情報 | Facebook Access Token |
| npm | npm Access Token |
| NuGet | NuGet API Key |
| Octopus Deploy | Octopus Deploy API Key |
| OpenAI | OpenAI API Key |
| Palantir | Palantir JSON Web Token |
| PlanetScale | PlanetScale Database Password |
| PlanetScale | PlanetScale OAuth Token |
| PlanetScale | PlanetScale Service Token |
| Plivo | Plivo Auth ID and Token |
| Postman | Postman API Key |
| Proctorio | Proctorio Consumer Key |
| Proctorio | Proctorio Linkage Key |
| Proctorio | Proctorio Registration Key |
| Proctorio | Proctorio Secret Key |
| Pulumi | Pulumi Access Token |
| PyPI | PyPI API Token |
| RubyGems | RubyGems API Key |
| Samsara | Samsara API Token |
| Samsara | Samsara OAuth Access Token |
| SendGrid | SendGrid API Key |
| Sendinblue | Sendinblue API Key |
| Sendinblue | Sendinblue SMTP Key |
| Shopify | Shopify App Shared Secret |
| Shopify | Shopify Access Token |
| Shopify | Shopify Custom App Access Token |
| Shopify | Shopify Private App Password |
| Slack | Slack API Token |
| Slack | Slack Incoming Webhook URL |
| Slack | Slack Workflow Webhook URL |
| SSLMate | SSLMate API Key |
| SSLMate | SSLMate Cluster Secret |
| Stripe | Stripe Live API Secret Key |
| Stripe | Stripe Test API Secret Key |
| Stripe | Stripe Live API Restricted Key |
| Stripe | Stripe Test API Restricted Key |
| Supabase | Supabase Service Key |
| Tencent Cloud | Tencent Cloud Secret ID |
| Twilio | Twilio Account String Identifier |
| Twilio | Twilio API Key |
| Typeform | Typeform Personal Access Token |
| Valour | Valour Access Token |
Supported secrets for advanced security
When >- secret scanning for advanced security is enabled, GitHub scans for secrets issued by the following service providers. For more information about >- secret scanning for advanced security, see "About >- secret scanning for advanced security."
If you use the REST API for secret scanning, you can use the Secret type to report on secrets from specific issuers. For more information, see "Secret scanning."
Note: You can also define custom secret scanning patterns for your repository, organization, or enterprise. For more information, see "Defining custom patterns for secret scanning."
| Provider | サポートされているシークレット | Secret type |
|---|---|---|
| Adafruit IO | Adafruit IO Key | adafruit_io_key |
| Adobe | Adobe Device Token | adobe_device_token |
| Adobe | Adobe Service Token | adobe_service_token |
| Adobe | Adobe Short-Lived Access Token | adobe_short_lived_access_token |
| Adobe | Adobe JSON Web Token | adobe_jwt Alibaba Cloud |
| Amazon | Amazon OAuth Client ID | amazon_oauth_client_id |
| Amazon | Amazon OAuth Client Secret | amazon_oauth_client_secret Amazon Web Services (AWS) |
| Amazon Web Services (AWS) | Amazon AWS Session Token | aws_session_token |
| Amazon Web Services (AWS) | Amazon AWS Temporary Access Key ID | aws_temporary_access_key_id |
| Asana | Asana Personal Access Token | asana_personal_access_token Atlassian |
| Atlassian | Bitbucket Server Personal Access Token | bitbucket_server_personal_access_token |
| Azure | Azure Active Directory Application Secret | azure_active_directory_application_secret |
| Azure | Azure Cache for Redis Access Key | azure_cache_for_redis_access_key Azure |
| Beamer | Beamer API Key | beamer_api_key |
| Checkout.com | Checkout.com Production Secret Key | checkout_production_secret_key |
| Checkout.com | Checkout.com Test Secret Key | checkout_test_secret_key Clojars |
| CloudBees CodeShip | CloudBees CodeShip Credential | codeship_credential |
| Contentful | Contentful Personal Access Token | contentful_personal_access_token Databricks |
| DigitalOcean | DigitalOcean Personal Access Token | digitalocean_personal_access_token DigitalOcean |
| Doppler | Doppler Audit Token | doppler_audit_token Dropbox |
| Duffel | Duffel Live Access Token | duffel_live_access_token |
| Duffel | Duffel Test Access Token | duffel_test_access_token Dynatrace |
| EasyPost | EasyPost Production API Key | easypost_production_api_key |
| EasyPost | EasyPost Test API Key | easypost_test_api_key |
| Fastly | Fastly API Token | fastly_api_token Finicity |
| Flutterwave | Flutterwave Live API Secret Key | flutterwave_live_api_secret_key |
| Flutterwave | Flutterwave Test API Secret Key | flutterwave_test_api_secret_key Frame.io |
| FullStory | FullStory API Key | fullstory_api_key |
| GitHub | GitHub個人アクセストークン | github_personal_access_token |
| GitHub | GitHub OAuthアクセストークン | github_oauth_access_token |
| GitHub | GitHubリフレッシュトークン | github_refresh_token |
| GitHub | GitHub App Installation Access Token | github_app_installation_access_token GitHub |
| GitLab | GitLab Access Token | gitlab_access_token GoCardless |
| Firebase Cloud Messaging Server Key | firebase_cloud_messaging_server_key Google | |
| Google Cloud Storage Access Key Secret | google_cloud_storage_access_key_secret | |
| Google Cloud Storage Service Account Access Key ID | google_cloud_storage_service_account_access_key_id | |
| Google Cloud Storage User Access Key ID | google_cloud_storage_user_access_key_id | |
| Google OAuth Access Token | google_oauth_access_token | |
| Google OAuth Client ID | google_oauth_client_id | |
| Google OAuth Client Secret | google_oauth_client_secret | |
| Google OAuth Refresh Token | google_oauth_refresh_token | |
| Grafana | Grafana API Key | grafana_api_key HashiCorp |
| Intercom | Intercom Access Token | intercom_access_token |
| Ionic | Ionic Personal Access Token | ionic_personal_access_token |
| Ionic | Ionic Refresh Token | ionic_refresh_token |
| JD Cloud | JD Cloud Access Key | jd_cloud_access_key |
| JFrog | JFrog Platform Access Token | jfrog_platform_access_token |
| JFrog | JFrog Platform API Key | jfrog_platform_api_key |
| Linear | Linear API Key | linear_api_key |
| Linear | Linear OAuth Access Token | linear_oauth_access_token |
| Lob | Lob Live API Key | lob_live_api_key |
| Lob | Lob Test API Key | lob_test_api_key Mailchimp |
| Mapbox | Mapbox Secret Access Token | mapbox_secret_access_token |
| MessageBird | MessageBird API Key | messagebird_api_key |
| Meta | Facebook Access Token | facebook_access_token |
| Midtrans | Midtrans Production Server Key | midtrans_production_server_key |
| Midtrans | Midtrans Sandbox Server Key | midtrans_sandbox_server_key |
| New Relic | New Relic Personal API Key | new_relic_personal_api_key |
| New Relic | New Relic REST API Key | new_relic_rest_api_key |
| New Relic | New Relic Insights Query Key | new_relic_insights_query_key |
| New Relic | New Relic License Key | new_relic_license_key |
| Notion | Notion Integration Token | notion_integration_token |
| Notion | Notion OAuth Client Secret | notion_oauth_client_secret npm |
| Octopus Deploy | Octopus Deploy API Key | octopus_deploy_api_key |
| Onfido | Onfido Live API Token | onfido_live_api_token |
| Onfido | Onfido Sandbox API Token | onfido_sandbox_api_token |
| OpenAI | OpenAI API Key | openai_api_key Palantir |
| PlanetScale | PlanetScale Database Password | planetscale_database_password |
| PlanetScale | PlanetScale OAuth Token | planetscale_oauth_token |
| PlanetScale | PlanetScale Service Token | planetscale_service_token |
| Plivo | Plivo Auth ID | plivo_auth_id |
| Plivo | Plivo Auth Token | plivo_auth_token Postman |
| PyPI | PyPI API Token | pypi_api_token |
| RubyGems | RubyGems API Key | rubygems_api_key Samsara |
| Segment | Segment Public API Token | segment_public_api_token |
| SendGrid | SendGrid API Key | sendgrid_api_key |
| Sendinblue | Sendinblue API Key | sendinblue_api_key |
| Sendinblue | Sendinblue SMTP Key | sendinblue_smtp_key |
| Shippo | Shippo Live API Token | shippo_live_api_token |
| Shippo | Shippo Test API Token | shippo_test_api_token |
| Shopify | Shopify App Client Credentials | shopify_app_client_credentials Shopify |
| Shopify | Shopify Merchant Token | shopify_merchant_token Shopify |
| Square | Square Access Token | square_access_token |
| Square | Square Production Application Secret | square_production_application_secret |
| Square | Square Sandbox Application Secret | square_sandbox_application_secret SSLMate |
| Stripe | Stripe Webhook Signing Secret | stripe_webhook_signing_secret |
| Supabase | Supabase Service Key | supabase_service_key Tableau |
| Telegram | Telegram Bot Token | telegram_bot_token Tencent Cloud |
| Twilio | Twilio Access Token | twilio_access_token Twilio |
| Typeform | Typeform Personal Access Token | typeform_personal_access_token |
| WorkOS | WorkOS Production API Key | workos_production_api_key |
| WorkOS | WorkOS Staging API Key | workos_staging_api_key |
| Yandex | Yandex.Cloud API Key | yandex_cloud_api_key |
| Yandex | Yandex.Cloud IAM Cookie | yandex_cloud_iam_cookie |
| Yandex | Yandex.Cloud IAM Token | yandex_cloud_iam_token |
| Yandex | Yandex.Dictionary API Key | yandex_dictionary_api_key |
| Yandex | Yandex.Cloud Access Secret | yandex_iam_access_secret |
| Yandex | Yandex.Predictor API Key | yandex_predictor_api_key |
| Yandex | Yandex.Translate API Key | yandex_translate_api_key |