Skip to main content

Secret scanning patterns

Lists of supported secrets and the partners that GitHub works with to prevent fraudulent use of secrets that were committed accidentally.

パートナーパターンのSecret scanning is automatically run on all public repositories. If you have a license for GitHub Advanced Security, you can enable and configure >- 高度なセキュリティのためのSecret scanning for any repository owned by an organization. For more information, see "GitHub's products."

About secret scanning patterns

GitHub Enterprise Cloud maintains two different sets of secret scanning patterns:

  1. Partner patterns. Used to detect potential secrets in all public repositories. For details, see "Supported secrets for partner patterns."
  2. Advanced security patterns. Used to detect potential secrets in repositories with secret scanning enabled. For details, see "Supported secrets for advanced security."

Supported secrets for partner patterns

GitHub Enterprise Cloud currently scans public repositories for secrets issued by the following service providers. For more information about パートナーパターンのSecret scanning, see "About パートナーパターンのSecret scanning."

Adafruit IOAdafruit IO Key
AdobeAdobe Device Token
AdobeAdobe Service Token
AdobeAdobe Short-Lived Access Token
AdobeAdobe JSON Web Token
Alibaba CloudAlibaba Cloud Access Key ID及びAccess Key Secret pair
Amazon Web Services (AWS)Amazon AWS Access Key ID及びSecret Access Key pair
AtlassianAtlassian API Token
AtlassianAtlassian JSON Web Token
AzureAzure Active Directory Application Secret
AzureAzure DevOps Personal Access Token
AzureAzure SAS Token
AzureAzure Service Management Certificate
AzureAzure SQL Connection String
AzureAzure Storage Account Key Production Secret Key Test Secret Key
ClojarsClojars Deploy Token
CloudBees CodeShipCloudBees CodeShip Credential
Contributed SystemsContributed Systems Credentials
DatabricksDatabricks Access Token
DatadogDatadog API Key
DigitalOceanDigitalOcean Personal Access Token
DigitalOceanDigitalOcean OAuth Token
DigitalOceanDigitalOcean Refresh Token
DigitalOceanDigitalOcean System Token
DiscordDiscord Bot Token
DopplerDoppler Personal Token
DopplerDoppler Service Token
DopplerDoppler CLI Token
DopplerDoppler SCIM Token
DopplerDoppler Audit Token
DropboxDropbox Access Token
DropboxDropbox Short Lived Access Token
DynatraceDynatrace Access Token
DynatraceDynatrace Internal Token
FinicityFinicity App Key JSON Web Token Developer Token
FullStoryFullStory API Key
GitHubGitHub Personal Access Token
GitHubGitHub OAuthアクセストークン
GitHubGitHub Refreshトークン
GitHubGitHub App Installation Access Token
GitHubGitHub SSH Private Key
GoCardlessGoCardless Live Access Token
GoCardlessGoCardless Sandbox Access Token
Google CloudGoogle API Key
Google CloudGoogle Cloud Private Key ID
Hashicorp TerraformTerraform Cloud / Enterprise API Token
HubspotHubspot API Key
IonicIonic Personal Access Token
IonicIonic Refresh Token
JD CloudJD Cloud Access Key
LinearLinear API Key
LinearLinear OAuth Access Token
MailchimpMailchimp API Key
MailchimpMandrill API Key
MailgunMailgun API Key
MessageBirdMessageBird API Key
メタ情報Facebook Access Token
npmnpm Access Token
NuGetNuGet API Key
Octopus DeployOctopus Deploy API Key
OpenAIOpenAI API Key
PalantirPalantir JSON Web Token
PlanetScalePlanetScale Database Password
PlanetScalePlanetScale OAuth Token
PlanetScalePlanetScale Service Token
PlivoPlivo Auth ID and Token
PostmanPostman API Key
ProctorioProctorio Consumer Key
ProctorioProctorio Linkage Key
ProctorioProctorio Registration Key
ProctorioProctorio Secret Key
PulumiPulumi Access Token
PyPIPyPI API Token API Token
RubyGemsRubyGems API Key
SamsaraSamsara API Token
SamsaraSamsara OAuth Access Token
SendGridSendGrid API Key
SendinblueSendinblue API Key
SendinblueSendinblue SMTP Key
ShopifyShopify App Shared Secret
ShopifyShopify Access Token
ShopifyShopify Custom App Access Token
ShopifyShopify Private App Password
SlackSlack API Token
SlackSlack Incoming Webhook URL
SlackSlack Workflow Webhook URL
SSLMateSSLMate Cluster Secret
StripeStripe Live API Secret Key
StripeStripe Test API Secret Key
StripeStripe Live API Restricted Key
StripeStripe Test API Restricted Key
SupabaseSupabase Service Key
Tencent CloudTencent Cloud Secret ID
TwilioTwilio Account String Identifier
TwilioTwilio API Key
TypeformTypeform Personal Access Token
ValourValour Access Token

Supported secrets for advanced security

When >- 高度なセキュリティのためのSecret scanning is enabled, GitHub scans for secrets issued by the following service providers. For more information about >- 高度なセキュリティのためのSecret scanning, see "About >- 高度なセキュリティのためのSecret scanning."

If you use the REST API for secret scanning, you can use the Secret type to report on secrets from specific issuers. For more information, see "Secret scanning."

Note: You can also define custom secret scanning patterns for your repository, organization, or enterprise. For more information, see "Defining custom patterns for secret scanning."

ProviderサポートされているシークレットSecret type
Adafruit IOAdafruit IO Keyadafruit_io_key
AdobeAdobe Device Tokenadobe_device_token
AdobeAdobe Service Tokenadobe_service_token
AdobeAdobe Short-Lived Access Tokenadobe_short_lived_access_token
AdobeAdobe JSON Web Tokenadobe_jwt Alibaba Cloud
AmazonAmazon OAuth Client IDamazon_oauth_client_id
AmazonAmazon OAuth Client Secretamazon_oauth_client_secret Amazon Web Services (AWS)
Amazon Web Services (AWS)Amazon AWS Session Tokenaws_session_token
Amazon Web Services (AWS)Amazon AWS Temporary Access Key IDaws_temporary_access_key_id
AsanaAsana Personal Access Tokenasana_personal_access_token Atlassian
AtlassianBitbucket Server Personal Access Tokenbitbucket_server_personal_access_token
AzureAzure Active Directory Application Secretazure_active_directory_application_secret
AzureAzure Cache for Redis Access Keyazure_cache_for_redis_access_key Azure
BeamerBeamer API Keybeamer_api_key Production Secret Keycheckout_production_secret_key Test Secret Keycheckout_test_secret_key Clojars
CloudBees CodeShipCloudBees CodeShip Credentialcodeship_credential
ContentfulContentful Personal Access Tokencontentful_personal_access_token Databricks
DigitalOceanDigitalOcean Personal Access Tokendigitalocean_personal_access_token DigitalOcean
DopplerDoppler Audit Tokendoppler_audit_token Dropbox
DuffelDuffel Live Access Tokenduffel_live_access_token
DuffelDuffel Test Access Tokenduffel_test_access_token Dynatrace
EasyPostEasyPost Production API Keyeasypost_production_api_key
EasyPostEasyPost Test API Keyeasypost_test_api_key
FastlyFastly API Tokenfastly_api_token Finicity
FlutterwaveFlutterwave Live API Secret Keyflutterwave_live_api_secret_key
FlutterwaveFlutterwave Test API Secret Keyflutterwave_test_api_secret_key
FullStoryFullStory API Keyfullstory_api_key
GitHubGitHub OAuthアクセストークンgithub_oauth_access_token
GitHubGitHub App Installation Access Tokengithub_app_installation_access_token GitHub
GitLabGitLab Access Tokengitlab_access_token GoCardless
GoogleFirebase Cloud Messaging Server Keyfirebase_cloud_messaging_server_key Google
GoogleGoogle Cloud Storage Access Key Secretgoogle_cloud_storage_access_key_secret
GoogleGoogle Cloud Storage Service Account Access Key IDgoogle_cloud_storage_service_account_access_key_id
GoogleGoogle Cloud Storage User Access Key IDgoogle_cloud_storage_user_access_key_id
GoogleGoogle OAuth Access Tokengoogle_oauth_access_token
GoogleGoogle OAuth Client IDgoogle_oauth_client_id
GoogleGoogle OAuth Client Secretgoogle_oauth_client_secret
GoogleGoogle OAuth Refresh Tokengoogle_oauth_refresh_token
GrafanaGrafana API Keygrafana_api_key HashiCorp
IntercomIntercom Access Tokenintercom_access_token
IonicIonic Personal Access Tokenionic_personal_access_token
IonicIonic Refresh Tokenionic_refresh_token
JD CloudJD Cloud Access Keyjd_cloud_access_key
JFrogJFrog Platform Access Tokenjfrog_platform_access_token
JFrogJFrog Platform API Keyjfrog_platform_api_key
LinearLinear API Keylinear_api_key
LinearLinear OAuth Access Tokenlinear_oauth_access_token
LobLob Live API Keylob_live_api_key
LobLob Test API Keylob_test_api_key Mailchimp
MapboxMapbox Secret Access Tokenmapbox_secret_access_token
MessageBirdMessageBird API Keymessagebird_api_key
MetaFacebook Access Tokenfacebook_access_token
MidtransMidtrans Production Server Keymidtrans_production_server_key
MidtransMidtrans Sandbox Server Keymidtrans_sandbox_server_key
New RelicNew Relic Personal API Keynew_relic_personal_api_key
New RelicNew Relic REST API Keynew_relic_rest_api_key
New RelicNew Relic Insights Query Keynew_relic_insights_query_key
New RelicNew Relic License Keynew_relic_license_key
NotionNotion Integration Tokennotion_integration_token
NotionNotion OAuth Client Secretnotion_oauth_client_secret npm
Octopus DeployOctopus Deploy API Keyoctopus_deploy_api_key
OnfidoOnfido Live API Tokenonfido_live_api_token
OnfidoOnfido Sandbox API Tokenonfido_sandbox_api_token
OpenAIOpenAI API Keyopenai_api_key Palantir
PlanetScalePlanetScale Database Passwordplanetscale_database_password
PlanetScalePlanetScale OAuth Tokenplanetscale_oauth_token
PlanetScalePlanetScale Service Tokenplanetscale_service_token
PlivoPlivo Auth IDplivo_auth_id
PlivoPlivo Auth Tokenplivo_auth_token Postman
PyPIPyPI API Tokenpypi_api_token API Tokenredirect_pizza_api_token
RubyGemsRubyGems API Keyrubygems_api_key Samsara
SegmentSegment Public API Tokensegment_public_api_token
SendGridSendGrid API Keysendgrid_api_key
SendinblueSendinblue API Keysendinblue_api_key
SendinblueSendinblue SMTP Keysendinblue_smtp_key
ShippoShippo Live API Tokenshippo_live_api_token
ShippoShippo Test API Tokenshippo_test_api_token
ShopifyShopify App Client Credentialsshopify_app_client_credentials Shopify
ShopifyShopify Merchant Tokenshopify_merchant_token Shopify
SquareSquare Access Tokensquare_access_token
SquareSquare Production Application Secretsquare_production_application_secret
SquareSquare Sandbox Application Secretsquare_sandbox_application_secret SSLMate
StripeStripe Webhook Signing Secretstripe_webhook_signing_secret
SupabaseSupabase Service Keysupabase_service_key Tableau
TelegramTelegram Bot Tokentelegram_bot_token Tencent Cloud
TwilioTwilio Access Tokentwilio_access_token Twilio
TypeformTypeform Personal Access Tokentypeform_personal_access_token
WorkOSWorkOS Production API Keyworkos_production_api_key
WorkOSWorkOS Staging API Keyworkos_staging_api_key
YandexYandex.Cloud API Keyyandex_cloud_api_key
YandexYandex.Cloud IAM Cookieyandex_cloud_iam_cookie
YandexYandex.Cloud IAM Tokenyandex_cloud_iam_token
YandexYandex.Dictionary API Keyyandex_dictionary_api_key
YandexYandex.Cloud Access Secretyandex_iam_access_secret
YandexYandex.Predictor API Keyyandex_predictor_api_key
YandexYandex.Translate API Keyyandex_translate_api_key

Further reading