ノート: Organizationが所有するリポジトリのためのSecret scanningは現在ベータで、変更されることがあります。
Supported secrets
When >- secret scanning is enabled, GitHub scans for secrets issued by the following service providers.
If you use the REST API for secret scanning, you can use the Secret type
to report on secrets from specific issuers. For more information, see "Secret scanning."
Note: You can also define custom secret scanning patterns for your repository, organization, or enterprise. For more information, see "Defining custom patterns for secret scanning."
Provider | サポートされているシークレット | Secret type |
---|---|---|
Adafruit IO | Adafruit IO Key | adafruit_io_key |
Adobe | Adobe Device Token | adobe_device_token |
Adobe | Adobe Service Token | adobe_service_token |
Adobe | Adobe Short-Lived Access Token | adobe_short_lived_access_token |
Adobe | Adobe JSON Web Token | adobe_jwt Alibaba Cloud |
Asana | Asana Personal Access Token | asana_personal_access_token Atlassian |
Atlassian | Bitbucket Server Personal Access Token | bitbucket_server_personal_access_token Azure |
Azure | Azure SQL Connection String | azure_sql_connection_string Azure |
Checkout.com | Checkout.com Production Secret Key | checkout_production_secret_key |
Checkout.com | Checkout.com Test Secret Key | checkout_test_secret_key Clojars |
CloudBees CodeShip | CloudBees CodeShip Credential | codeship_credential Databricks |
Doppler | Doppler Audit Token | doppler_audit_token Dropbox |
Duffel | Duffel Live Access Token | duffel_live_access_token |
Duffel | Duffel Test Access Token | duffel_test_access_token Dynatrace |
EasyPost | EasyPost Production API Key | easypost_production_api_key |
EasyPost | EasyPost Test API Key | easypost_test_api_key |
Fastly | Fastly API Token | fastly_api_token Finicity |
Flutterwave | Flutterwave Live API Secret Key | flutterwave_live_api_secret_key |
Flutterwave | Flutterwave Test API Secret Key | flutterwave_test_api_secret_key Frame.io |
GitHub | GitHub個人アクセストークン | github_personal_access_token |
GitHub | GitHub OAuthアクセストークン | github_oauth_access_token |
GitHub | GitHubリフレッシュトークン | github_refresh_token |
GitHub | GitHub App Installation Access Token | github_app_installation_access_token GitHub |
Grafana | Grafana API Key | grafana_api_key HashiCorp |
Intercom | Intercom Access Token | intercom_access_token |
Ionic | Ionic Personal Access Token | ionic_personal_access_token |
Ionic | Ionic Refresh Token | ionic_refresh_token |
Linear | Linear API Key | linear_api_key |
Linear | Linear OAuth Access Token | linear_oauth_access_token |
Lob | Lob Live API Key | lob_live_api_key |
Lob | Lob Test API Key | lob_test_api_key Mailchimp |
MessageBird | MessageBird API Key | messagebird_api_key |
Meta | Facebook Access Token | facebook_access_token npm |
Onfido | Onfido Live API Token | onfido_live_api_token |
Onfido | Onfido Sandbox API Token | onfido_sandbox_api_token |
OpenAI | OpenAI API Key | openai_api_key Palantir |
PyPI | PyPI API Token | pypi_api_token |
RubyGems | RubyGems API Key | rubygems_api_key Samsara |
SendGrid | SendGrid API Key | sendgrid_api_key |
Shippo | Shippo Live API Token | shippo_live_api_token |
Shippo | Shippo Test API Token | shippo_test_api_token Shopify |
Stripe | Stripe Webhook Signing Secret | stripe_webhook_signing_secret Tableau |
Telegram | Telegram Bot Token | telegram_bot_token Tencent Cloud |
Further reading
- "Securing your repository"
- "Keeping your account and data secure"
- "Secret scanning partner program" in the GitHub Enterprise Cloud documentation