Skip to main content

Padrões de digitalização de segredo

Lista de segredos compatíveis e parceiros com quem GitHub trabalha para evitar o uso fraudulento de segredos cometidos acidentalmente.

Varredura secreta is available for organization-owned repositories in GitHub Enterprise Server if your enterprise has a license for Segurança Avançada GitHub. For more information, see "GitHub's products."

Observação: O administrador do site deve habilitar varredura secreta para your GitHub Enterprise Server instance antes de usar este recurso. Para obter mais informações, consulte "Configurar o varredura secreta para seu aplicativo ".

Segredos compatíveis

Quando >- secret scanning está habilitado, GitHub digitalia os segredos emitidos pelos seguintes prestadores de serviços.

If access to a resource requires paired credentials, then secret scanning will create an alert only when both parts of the pair are detected in the same file. This ensures that the most critical leaks are not hidden behind information about partial leaks.

Se você usar a API REST para a digitalização de segredo, você pode usar o tipo tipo de segredo para relatar segredos de emissores específicos. Para obter mais informações, consulte "Verificação de segredo".

Obersvação: Você também pode definir padrões personalizados de varredura secreta para seu repositório, organização ou empresa. Para obter mais informações, consulte "Definir padrões personalizados para varredura secreta".

ProviderSegredo compatívelSecret type
Adafruit IOChave de IO de Adafruitadafruit_io_key
AdobeAdobe Device Tokenadobe_device_token
AdobeAdobe Service Tokenadobe_service_token
AdobeAdobe Short-Lived Access Tokenadobe_short_lived_access_token
AdobeAdobe JSON Web Tokenadobe_jwt
Alibaba CloudAlibaba Cloud Access Key ID with Alibaba Cloud Access Key Secretalibaba_cloud_access_key_id
alibaba_cloud_access_key_secret
AmazonAmazon OAuth Client ID with Amazon OAuth Client Secretamazon_oauth_client_id
amazon_oauth_client_secret Amazon Web Services (AWS)
Amazon Web Services (AWS)Amazon AWS Session Token with Amazon AWS Temporary Access Key ID and Amazon AWS Secret Access Keyaws_session_token
aws_temporary_access_key_id
aws_secret_access_key Asana
AzureAzure Active Directory Application Secretazure_active_directory_application_secret
AzureAzure Cache for Redis Access Keyazure_cache_for_redis_access_key Azure
BeamerBeamer API Keybeamer_api_key Checkout.com
ContentfulContentful Personal Access Tokencontentful_personal_access_token Databricks
FullStoryFullStory API Keyfullstory_api_key GitHub
GitLabGitLab Access Tokengitlab_access_token GoCardless
GoogleFirebase Cloud Messaging Server Keyfirebase_cloud_messaging_server_key Google
GoogleGoogle Cloud Storage Service Account Access Key ID with Google Cloud Storage Access Key Secretgoogle_cloud_storage_service_account_access_key_id
google_cloud_storage_access_key_secret
GoogleGoogle Cloud Storage User Access Key ID with Google Cloud Storage Access Key Secretgoogle_cloud_storage_user_access_key_id
google_cloud_storage_access_key_secret
GoogleGoogle OAuth Access Tokengoogle_oauth_access_token
GoogleGoogle OAuth Client ID with Google OAuth Client Secretgoogle_oauth_client_id
google_oauth_client_secret
GoogleGoogle OAuth Refresh Tokengoogle_oauth_refresh_token Grafana
JFrogJFrog Platform Access Tokenjfrog_platform_access_token
JFrogJFrog Platform API Keyjfrog_platform_api_key Linear
MapboxMapbox Secret Access Tokenmapbox_secret_access_token MessageBird
MidtransMidtrans Production Server Keymidtrans_production_server_key
MidtransMidtrans Sandbox Server Keymidtrans_sandbox_server_key
New RelicNew Relic Personal API Keynew_relic_personal_api_key
New RelicNew Relic REST API Keynew_relic_rest_api_key
New RelicNew Relic Insights Query Keynew_relic_insights_query_key
New RelicNew Relic License Keynew_relic_license_key
NotionNotion Integration Tokennotion_integration_token
NotionNotion OAuth Client Secretnotion_oauth_client_secret npm
Octopus DeployOctopus Deploy API Keyoctopus_deploy_api_key Onfido
PlanetScalePlanetScale Database Passwordplanetscale_database_password
PlanetScalePlanetScale OAuth Tokenplanetscale_oauth_token
PlanetScalePlanetScale Service Tokenplanetscale_service_token
PlivoPlivo Auth ID with Plivo Auth Tokenplivo_auth_id
plivo_auth_token Postman
SendinblueSendinblue API Keysendinblue_api_key
SendinblueSendinblue SMTP Keysendinblue_smtp_key Shippo
SquareSquare Access Tokensquare_access_token
SquareSquare Production Application Secretsquare_production_application_secret
SquareSquare Sandbox Application Secretsquare_sandbox_application_secret SSLMate
SupabaseSupabase Service Keysupabase_service_key Tableau
TwilioTwilio Access Tokentwilio_access_token Twilio
TypeformTypeform Personal Access Tokentypeform_personal_access_token
YandexYandex.Cloud API Keyyandex_cloud_api_key
YandexYandex.Cloud IAM Cookieyandex_cloud_iam_cookie
YandexYandex.Cloud IAM Tokenyandex_cloud_iam_token
YandexYandex.Dictionary API Keyyandex_dictionary_api_key
YandexYandex.Predictor API Keyyandex_predictor_api_key
YandexYandex.Translate API Keyyandex_translate_api_key

Leia mais