secret scanning パターンについて
3 型の シークレット スキャンニング アラート があります。
- ユーザー アラート: リポジトリでサポートされているシークレットが検出されると、リポジトリの [セキュリティ] タブでユーザーに報告されます。
- プッシュ保護アラート: 共同作成者がプッシュ保護をバイパスすると、リポジトリの [セキュリティ] タブでユーザーに報告されます。
- パートナー アラート: secret scanning のパートナーのプログラムの一部であるシークレット プロバイダに直接報告されます。 これらのアラートは、リポジトリの [セキュリティ] タブには報告されません。
各アラートの種類の詳細については、「シークレット スキャン アラートについて」を参照してください。
サポートされているすべてのパターンについて詳しくは、以下の「サポートされているシークレット」セクションを参照してください。
secret scanning に REST API を使う場合は、Secret type を使って特定の発行元からのシークレットについて報告できます。 詳しくは、「シークレット スキャン用の REST API エンドポイント」をご覧ください。
secret scanning でリポジトリにコミットされたシークレットを検出する必要があると思われ、そうでない場合は、まず GitHub でシークレットがサポートされていることを確認する必要があります。 詳細については、次のセクションを参照してください。 より高度なトラブルシューティング情報については、「シークレット スキャンのトラブルシューティング」を参照してください。
サポートされているシークレット
次の表に、secret scanning でサポートされているシークレットの一覧を示します。 トークンごとに生成されるアラートの種類と、トークンに対して有効性チェックが実行されるかどうかを確認できます。
-
プロバイダー: トークン プロバイダーの名前。
-
パートナー: 関連するトークン パートナーにリークが報告されるトークン。 パブリック リポジトリにのみ適用されます。
-
ユーザー: GitHub でユーザーに漏洩が報告されるトークン。
- パブリック リポジトリと、GitHub Secret Protection と secret scanning が有効なプライベート リポジトリに適用されます。
- サポートされているパターンと指定されたカスタム パターンに関連するデフォルトのトークンと、秘密キーなどのプロバイダー以外のトークンが含まれます。これは通常、誤検知の割合が高くなります。
- secret scanning でプロバイダー以外のパターンをスキャンするには、リポジトリまたは組織に対してプロバイダー以外のパターンの検出を有効にする必要があります。 詳しくは、「リポジトリのシークレット スキャンの有効化」をご覧ください。
-
プッシュ保護: GitHub のユーザーにリークが報告されるトークン。 secret scanning とプッシュ保護が有効になっているリポジトリに適用されます。
-
有効性チェック: 有効性チェックが実装されているトークン。 パートナー トークンの場合、GitHub は関連するパートナーにトークンを送信します。 注意: すべてのパートナーが米国に拠点を置いているわけではありません。 詳しくは、サイト ポリシーのドキュメントの「Advanced Security」をご覧ください。
プロバイダー以外のパターン
これらの汎用的なプロバイダーを使わないパターンに加えて、secret scanning は Copilot を使って汎用パスワードを検出します。 詳しくは、「Copilotシークレットスキャンを使用したジェネリックシークレットの責任ある検出」をご覧ください。
| プロバイダー | Token |
|---|---|
| 一般 | http_basic_authentication_header |
| 一般 | http_bearer_authentication_header |
| 一般 | mongodb_connection_string |
| 一般 | mysql_connection_string |
| 一般 | openssh_private_key |
| 一般 | pgp_private_key |
| 一般 | postgres_connection_string |
| 一般 | rsa_private_key |
メモ
プッシュ保護と有効性チェックは、プロバイダー以外のパターンではサポートされていません。
デフォルトのパターン
メモ
有効性チェックは、GitHub Secret Protection の一部としてこの機能を有効にしている GitHub Team または GitHub Enterprise のユーザーのみが使用できます。
| プロバイダー | トークン | Partner | User | プッシュ保護 | 有効性チェック | Base64 |
|---|---|---|---|---|---|---|
| 1Password | 1password_service_account_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Adafruit | adafruit_io_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Adobe | adobe_client_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Adobe | adobe_device_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Adobe | adobe_pac_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Adobe | adobe_refresh_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Adobe | adobe_service_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Adobe | adobe_short_lived_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Aikido | aikido_api_client_secret | ✗ | ✓ | ✓ | ✗ | ✗ |
| Aikido | aikido_ci_scanning_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Airtable | airtable_api_key | ✗ | ✓ | ✗ | ✗ | ✗ |
| Airtable | airtable_personal_access_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Aiven | aiven_auth_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Aiven | aiven_service_password | ✓ | ✓ | ✓ | ✗ | ✗ |
| Alibaba | alibaba_cloud_access_key_id alibaba_cloud_access_key_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Amazon AWS | aws_access_key_id aws_secret_access_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Amazon AWS | aws_api_key | ✓ | ✓ | ✗ | ✗ | ✗ |
| Amazon AWS | aws_secret_access_key aws_session_token aws_temporary_access_key_id | ✗ | ✓ | ✓ | ✓ | ✗ |
| Anthropic | anthropic_admin_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Anthropic | anthropic_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Anthropic | anthropic_session_id | ✓ | ✓ | ✓ | ✗ | ✗ |
| Apify | apify_actor_run_api_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Apify | apify_actor_run_proxy_password | ✓ | ✓ | ✓ | ✗ | ✗ |
| Apify | apify_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Apify | apify_integration_api_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Apify | apify_proxy_password | ✓ | ✓ | ✓ | ✗ | ✗ |
| Apify | apify_ui_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Apify | apify_webhook_dispatch_api_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Asaas | asaas_api_token | ✓ | ✓ | ✗ | ✓ | ✗ |
| Asana | asana_legacy_format_personal_access_token | ✗ | ✓ | ✗ | ✗ | ✗ |
| Asana | asana_personal_access_token Token versions | ✗ | ✓ | ✓ | ✗ | ✗ |
| Atlassian | atlassian_api_token Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Atlassian | atlassian_jwt | ✓ | ✓ | ✓ | ✗ | ✗ |
| Authress | authress_service_client_access_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_active_directory_application_secret Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_active_directory_user_credential | ✓ | ✓ | ✗ | ✗ | ✗ |
| Azure | azure_ai_services_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_anomaly_detector_ee_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_anomaly_detector_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_apim_direct_management_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_apim_gateway_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_apim_repository_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Azure | azure_apim_subscription_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_app_configuration_connection_string | ✗ | ✓ | ✓ | ✓ | ✗ |
| Azure | azure_app_configuration_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_batch_key_identifiable | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_cache_for_redis_access_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_cognitive_services_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_communication_services_connection_string | ✗ | ✓ | ✓ | ✓ | ✗ |
| Azure | azure_communication_services_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_computer_vision_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_container_registry_key_identifiable | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_content_moderator_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_content_safety_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_cosmosdb_key_identifiable | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_custom_vision_prediction_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_custom_vision_training_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_devops_personal_access_token Token versions | ✓ | ✓ | ✓ | ✓ | ✗ |
| Azure | azure_event_grid_key_identifiable Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_event_hub_key_identifiable | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_face_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_fluid_relay_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_form_recognizer_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_function_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_health_decision_support_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_health_insights_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_immersive_reader_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_internal_all_in_one_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_iot_device_connection_string | ✗ | ✓ | ✓ | ✓ | ✗ |
| Azure | azure_iot_device_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_iot_device_provisioning_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_iot_hub_connection_string | ✗ | ✓ | ✓ | ✓ | ✗ |
| Azure | azure_iot_hub_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_iot_provisioning_connection_string | ✗ | ✓ | ✓ | ✓ | ✗ |
| Azure | azure_knowledge_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_luis_authoring_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_luis_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_management_certificate | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_maps_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Azure | azure_metrics_advisor_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_mixed_reality_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_ml_inference_identifiable_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_ml_internal_service_principal_identifiable_key | ✓ | ✗ | ✗ | ✗ | ✗ |
| Azure | azure_ml_web_service_classic_identifiable_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_openai_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_personalizer_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_qna_maker_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_qna_maker_v2_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_quantum_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_relay_key_identifiable | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_sas_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_search_admin_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_search_query_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_service_bus_identifiable | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_signalr_connection_string | ✗ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_signalr_key Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_speech_services_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_speech_translation_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_sql_connection_string | ✓ | ✓ | ✗ | ✗ | ✗ |
| Azure | azure_sql_internal_default_cloudsa_key | ✓ | ✗ | ✗ | ✗ | ✗ |
| Azure | azure_sql_password | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_storage_account_key Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_storage_account_key_base64 | ✓ | ✓ | ✓ | ✗ | ✓ |
| Azure | azure_text_analytics_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_text_translation_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_video_intelligence_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_web_app_bot_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_web_pub_sub_connection_string | ✗ | ✓ | ✓ | ✗ | ✗ |
| Azure | azure_web_pub_sub_key Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Azure | microsoft_azure_entra_id_token | ✗ | ✓ | ✓ | ✓ | ✗ |
| Azure | microsoft_corporate_network_user_credential | ✓ | ✓ | ✗ | ✗ | ✗ |
| Baidu | baiducloud_api_accesskey | ✓ | ✓ | ✓ | ✗ | ✗ |
| Beamer | beamer_api_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| Bitbucket | bitbucket_server_personal_access_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Bitrise | bitrise_personal_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Bitrise | bitrise_workspace_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Block Protocol | block_protocol_api_key | ✗ | ✓ | ✗ | ✓ | ✗ |
| Brevo | sendinblue_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Brevo | sendinblue_smtp_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Buildkite | buildkite_agent_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Buildkite | buildkite_agent_job_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Buildkite | buildkite_agent_registration_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Buildkite | buildkite_cluster_queue_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Buildkite | buildkite_cluster_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Buildkite | buildkite_packages_registry_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Buildkite | buildkite_packages_temporary_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Buildkite | buildkite_portal_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Buildkite | buildkite_portal_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Buildkite | buildkite_user_access_token | ✓ | ✓ | ✗ | ✗ | ✗ |
| Canadian Digital Service | cds_canada_notify_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Canva | canva_app_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Canva | canva_connect_api_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Canva | canva_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Cashfree | cashfree_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Cfx.re | cfxre_server_key | ✓ | ✓ | ✗ | ✗ | ✗ |
| Checkout.com | checkout_production_secret_key Token versions | ✓ | ✓ | ✓ | ✓ | ✗ |
| Checkout.com | checkout_test_secret_key Token versions | ✓ | ✓ | ✓ | ✓ | ✗ |
| Chief Tools | chief_tools_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| CircleCI | circleci_bot_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| CircleCI | circleci_personal_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| CircleCI | circleci_project_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| CircleCI | circleci_release_integration_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Clojars | clojars_deploy_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| CloudBees | codeship_credential | ✓ | ✗ | ✗ | ✗ | ✗ |
| Cockroach Labs | ccdb_api_key | ✓ | ✓ | ✗ | ✓ | ✗ |
| Cohere | cohere_api_key | ✗ | ✓ | ✗ | ✗ | ✗ |
| Contentful | contentful_personal_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Contentful | contentful_web_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Contributed Systems | contributed_systems_credentials | ✓ | ✗ | ✗ | ✗ | ✗ |
| Coveo | coveo_access_token | ✓ | ✗ | ✗ | ✗ | ✗ |
| Coveo | coveo_api_key | ✓ | ✗ | ✗ | ✗ | ✗ |
| crates.io | cratesio_api_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Databento | databento_api_key | ✓ | ✓ | ✗ | ✓ | ✗ |
| Databricks | databricks_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Datadog | datadog_api_key | ✓ | ✗ | ✗ | ✗ | ✗ |
| Datadog | datadog_app_key | ✓ | ✗ | ✗ | ✗ | ✗ |
| Datadog | datadog_rcm | ✗ | ✓ | ✗ | ✗ | ✗ |
| Datastax | datastax_astracs_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| DeepSeek | deepseek_api_key | ✗ | ✓ | ✗ | ✗ | ✗ |
| Defined Networking | defined_networking_nebula_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| DevCycle | devcycle_client_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| DevCycle | devcycle_mobile_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| DevCycle | devcycle_server_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| DigitalOcean | digitalocean_oauth_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| DigitalOcean | digitalocean_personal_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| DigitalOcean | digitalocean_refresh_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| DigitalOcean | digitalocean_system_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Discord | discord_bot_token Token versions | ✓ | ✓ | ✓ | ✓ | ✗ |
| Docker | docker_organization_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Docker | docker_personal_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Docker | docker_swarm_join_token | ✗ | ✓ | ✗ | ✗ | ✗ |
| Docker | docker_swarm_unlock_key | ✗ | ✓ | ✗ | ✗ | ✗ |
| Doppler | doppler_audit_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Doppler | doppler_cli_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Doppler | doppler_personal_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Doppler | doppler_scim_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Doppler | doppler_service_account_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Doppler | doppler_service_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Dropbox | dropbox_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Dropbox | dropbox_short_lived_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Duffel | duffel_live_access_token | ✗ | ✓ | ✓ | ✓ | ✗ |
| Duffel | duffel_test_access_token | ✗ | ✓ | ✓ | ✓ | ✗ |
| Dynatrace | dynatrace_api_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Dynatrace | dynatrace_internal_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| EasyPost | easypost_production_api_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| EasyPost | easypost_test_api_key | ✗ | ✓ | ✗ | ✗ | ✗ |
| eBay | ebay_production_client_id ebay_production_client_secret | ✗ | ✓ | ✓ | ✗ | ✗ |
| eBay | ebay_sandbox_client_id ebay_sandbox_client_secret | ✗ | ✓ | ✓ | ✗ | ✗ |
| Elastic | elastic_cloud_api_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| facebook_access_token | ✓ | ✓ | ✓ | ✓ | ✗ | |
| Fastly | fastly_api_token Token versions | ✓ | ✓ | ✗ | ✓ | ✗ |
| Figma | figma_pat | ✓ | ✓ | ✓ | ✓ | ✗ |
| Finicity | finicity_app_key | ✓ | ✓ | ✗ | ✗ | ✗ |
| Firebase | firebase_cloud_messaging_server_key | ✗ | ✓ | ✗ | ✗ | ✗ |
| Flutterwave | flutterwave_live_api_secret_key | ✗ | ✓ | ✓ | ✓ | ✗ |
| Flutterwave | flutterwave_test_api_secret_key | ✗ | ✓ | ✗ | ✓ | ✗ |
| Frame.io | frameio_developer_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Frame.io | frameio_jwt | ✓ | ✓ | ✓ | ✓ | ✗ |
| FullStory | fullstory_api_key Token versions | ✓ | ✓ | ✓ | ✓ | ✗ |
| GitHub | github_app_installation_access_token Token versions | ✓ | ✓ | ✓ | ✓ | ✓ |
| GitHub | github_oauth_access_token Token versions | ✓ | ✓ | ✓ | ✓ | ✓ |
| GitHub | github_personal_access_token Token versions | ✓ | ✓ | ✓ | ✓ | ✓ |
| GitHub | github_refresh_token Token versions | ✓ | ✓ | ✓ | ✓ | ✓ |
| GitHub | github_ssh_private_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| GitHub | github_test_token | ✓ | ✓ | ✗ | ✗ | ✗ |
| GitHub Secret Scanning | secret_scanning_sample_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| GitHub Secret Scanning | secret_scanning_sample_token_base64 | ✓ | ✓ | ✓ | ✗ | ✓ |
| GitLab | gitlab_access_token | ✗ | ✓ | ✓ | ✓ | ✗ |
| GoCardless | gocardless_live_access_token | ✓ | ✓ | ✗ | ✓ | ✗ |
| GoCardless | gocardless_sandbox_access_token | ✓ | ✓ | ✗ | ✓ | ✗ |
| google_api_key | ✓ | ✓ | ✗ | ✓ | ✗ | |
| google_cloud_service_account_credentials | ✓ | ✓ | ✓ | ✓ | ✗ | |
| google_cloud_storage_access_key_secret google_cloud_storage_service_account_access_key_id | ✓ | ✓ | ✓ | ✗ | ✗ | |
| google_cloud_storage_access_key_secret google_cloud_storage_user_access_key_id | ✓ | ✓ | ✓ | ✗ | ✗ | |
| google_gcp_api_key_bound_service_account | ✓ | ✓ | ✗ | ✗ | ✗ | |
| google_gemini_api_key | ✗ | ✓ | ✗ | ✗ | ✗ | |
| google_oauth_access_token | ✓ | ✓ | ✓ | ✓ | ✗ | |
| google_oauth_client_id google_oauth_client_secret | ✓ | ✓ | ✓ | ✗ | ✗ | |
| google_oauth_refresh_token | ✓ | ✓ | ✓ | ✗ | ✗ | |
| Grafana | grafana_cloud_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Grafana | grafana_cloud_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Grafana | grafana_project_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Grafana | grafana_project_service_account_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Groq | groq_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| GuardSquare | guardsquare_appsweep_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| GuardSquare | guardsquare_cli_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| GuardSquare | guardsquare_maven_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| HashiCorp | hashicorp_vault_batch_token Token versions | ✗ | ✓ | ✓ | ✗ | ✗ |
| HashiCorp | hashicorp_vault_root_service_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| HashiCorp | hashicorp_vault_service_token Token versions | ✗ | ✓ | ✓ | ✗ | ✗ |
| HashiCorp | terraform_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| hCaptcha | hcaptcha_siteverify_secret | ✗ | ✓ | ✓ | ✗ | ✗ |
| Heroku | heroku_platform_api_oauth2_token | ✗ | ✓ | ✓ | ✓ | ✗ |
| Heroku | heroku_postgres_connection_url | ✗ | ✓ | ✗ | ✗ | ✗ |
| Highnote | highnote_rk_live_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Highnote | highnote_rk_test_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Highnote | highnote_sk_live_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Highnote | highnote_sk_test_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| HOP | hop_bearer | ✓ | ✓ | ✓ | ✗ | ✗ |
| HOP | hop_pat | ✓ | ✓ | ✓ | ✗ | ✗ |
| HOP | hop_ptk | ✓ | ✓ | ✓ | ✗ | ✗ |
| Hubspot | hubspot_api_key Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Hubspot | hubspot_personal_access_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Hubspot | hubspot_private_apps_user_token | ✓ | ✓ | ✗ | ✗ | ✗ |
| Hubspot | hubspot_smtp_credential Token versions | ✓ | ✓ | ✗ | ✗ | ✗ |
| Hugging Face | hf_org_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Hugging Face | hf_user_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Hugging Face | hf_user_access_token_base64 | ✓ | ✓ | ✓ | ✗ | ✓ |
| Intercom | intercom_access_token | ✗ | ✓ | ✓ | ✓ | ✗ |
| Ionic | ionic_personal_access_token Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Ionic | ionic_refresh_token Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Iterative | iterative_dvc_studio_access_token | ✓ | ✗ | ✗ | ✗ | ✗ |
| JFrog | jfrog_platform_access_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| JFrog | jfrog_platform_api_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| JFrog | jfrog_platform_reference_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Langchain | langchain_api_personal_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| Langchain | langchain_api_server_key | ✗ | ✓ | ✗ | ✗ | ✗ |
| LaunchDarkly | launchdarkly_access_token | ✓ | ✓ | ✗ | ✗ | ✗ |
| Lichess | lichess_oauth_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Lichess | lichess_personal_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Lightspeed | lightspeed_xs_pat | ✗ | ✓ | ✓ | ✗ | ✗ |
| Linear | linear_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Linear | linear_oauth_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| linkedin_client_secret | ✗ | ✓ | ✓ | ✗ | ✗ | |
| Lob | lob_live_api_key | ✗ | ✓ | ✗ | ✓ | ✗ |
| Lob | lob_test_api_key | ✗ | ✓ | ✓ | ✓ | ✗ |
| Localstack | localstack_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| LogicMonitor | logicmonitor_bearer_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| LogicMonitor | logicmonitor_lmv1_access_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Login with Amazon | amazon_oauth_client_id amazon_oauth_client_secret amazon_oauth_client_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Mailchimp | mailchimp_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Mailchimp | mandrill_api_key | ✓ | ✗ | ✗ | ✗ | ✗ |
| Mailersend | mailersend_api_token | ✓ | ✗ | ✗ | ✗ | ✗ |
| Mailersend | mailersend_smtp_password | ✓ | ✗ | ✗ | ✗ | ✗ |
| Mailersend | mailersend_smtp_username | ✓ | ✗ | ✗ | ✗ | ✗ |
| Mailgun | mailgun_api_key Token versions | ✓ | ✓ | ✓ | ✓ | ✗ |
| Mailgun | mailgun_smtp_credential | ✓ | ✗ | ✗ | ✗ | ✗ |
| Mapbox | mapbox_secret_access_token | ✗ | ✓ | ✗ | ✓ | ✗ |
| MaxMind | maxmind_license_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Mercury | mercury_non_production_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Mercury | mercury_production_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Mergify | mergify_application_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| MessageBird | messagebird_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Midtrans | midtrans_production_server_key | ✗ | ✓ | ✓ | ✓ | ✗ |
| Midtrans | midtrans_sandbox_server_key | ✗ | ✓ | ✗ | ✓ | ✗ |
| Mistral AI | mistral_ai_api_key | ✗ | ✓ | ✗ | ✗ | ✗ |
| MongoDB | mongodb_atlas_db_uri_with_credentials | ✓ | ✓ | ✗ | ✓ | ✗ |
| MongoDB | mongodb_atlas_service_account_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Naver Cloud | navercloud_gov_access_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Naver Cloud | navercloud_gov_access_key_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Naver Cloud | navercloud_gov_sts | ✓ | ✓ | ✓ | ✗ | ✗ |
| Naver Cloud | navercloud_gov_sts_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Naver Cloud | navercloud_pub_access_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Naver Cloud | navercloud_pub_access_key_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Naver Cloud | navercloud_pub_sts | ✓ | ✓ | ✓ | ✗ | ✗ |
| Naver Cloud | navercloud_pub_sts_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Neon | neon_api_key | ✓ | ✗ | ✗ | ✗ | ✗ |
| Neon | neon_connection_uri | ✓ | ✗ | ✗ | ✗ | ✗ |
| Netflix | netflix_netkey | ✓ | ✓ | ✗ | ✗ | ✗ |
| New Relic | new_relic_insights_query_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| New Relic | new_relic_license_key | ✗ | ✓ | ✗ | ✗ | ✗ |
| New Relic | new_relic_personal_api_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| New Relic | new_relic_rest_api_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| Notion | notion_api_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Notion | notion_integration_token | ✗ | ✓ | ✓ | ✓ | ✗ |
| Notion | notion_oauth_client_secret | ✗ | ✓ | ✓ | ✗ | ✗ |
| npm | npm_access_token Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| NuGet | nuget_api_key Token versions | ✓ | ✓ | ✓ | ✓ | ✗ |
| Octopus Deploy | octopus_deploy_api_key | ✓ | ✓ | ✗ | ✗ | ✗ |
| Oculus | oculus_access_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| OneChronos | onechronos_api_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| OneChronos | onechronos_eb_api_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| OneChronos | onechronos_eb_encryption_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| OneChronos | onechronos_oauth_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| OneChronos | onechronos_refresh_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Onfido | onfido_live_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Onfido | onfido_sandbox_api_token | ✓ | ✓ | ✗ | ✓ | ✗ |
| OpenAI | openai_api_key Token versions | ✓ | ✓ | ✓ | ✓ | ✗ |
| OpenRouter | openrouter_api_key | ✓ | ✓ | ✗ | ✓ | ✗ |
| OpenVSX | openvsx_access_token Token versions | ✗ | ✓ | ✗ | ✗ | ✗ |
| Openweather | openweather_api_key | ✗ | ✓ | ✗ | ✗ | ✗ |
| Oracle | oracle_api_key | ✓ | ✗ | ✗ | ✗ | ✗ |
| Orbit | orbit_api_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| PagerDuty | pagerduty_oauth_secret | ✗ | ✓ | ✓ | ✗ | ✗ |
| PagerDuty | pagerduty_oauth_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Palantir | palantir_jwt | ✓ | ✓ | ✓ | ✗ | ✗ |
| Pangea | pangea_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Perplexity | perplexity_api_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| Persona Identities | persona_production_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Persona Identities | persona_sandbox_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Pinecone | pinecone_api_key pinecone_environment | ✗ | ✓ | ✗ | ✗ | ✗ |
| pinterest_access_token | ✓ | ✓ | ✓ | ✗ | ✗ | |
| pinterest_refresh_token | ✓ | ✓ | ✓ | ✗ | ✗ | |
| PlanetScale | planetscale_database_password | ✓ | ✓ | ✓ | ✗ | ✗ |
| PlanetScale | planetscale_oauth_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| PlanetScale | planetscale_service_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Planning Center | planning_center_oauth_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Planning Center | planning_center_oauth_app_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Planning Center | planning_center_personal_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Plivo | plivo_auth_id plivo_auth_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Polar | polar_access_token Token versions | ✓ | ✓ | ✓ | ✓ | ✗ |
| Polar | polar_authorization_code Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Polar | polar_client_registration_token Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Polar | polar_client_secret Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Polar | polar_customer_session_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Polar | polar_personal_access_token Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Polar | polar_refresh_token Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Polar | polar_user_session_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Postman | postman_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Postman | postman_collection_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Prefect | prefect_server_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Prefect | prefect_user_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Proctorio | proctorio_consumer_key | ✓ | ✓ | ✗ | ✗ | ✗ |
| Proctorio | proctorio_linkage_key | ✓ | ✓ | ✗ | ✗ | ✗ |
| Proctorio | proctorio_registration_key | ✓ | ✓ | ✗ | ✗ | ✗ |
| Proctorio | proctorio_secret_key Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| Pulumi | pulumi_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| PyPI | pypi_api_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Ramp | ramp_client_id | ✓ | ✓ | ✓ | ✗ | ✗ |
| Ramp | ramp_client_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Ramp | ramp_oauth_token | ✓ | ✓ | ✗ | ✗ | ✗ |
| ReadMe | readmeio_api_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| redirect.pizza | redirect_pizza_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Replicate | replicate_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Rootly | rootly_api_key | ✗ | ✓ | ✓ | ✓ | ✗ |
| RubyGems | rubygems_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| RunPod | runpod_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Salesforce | salesforce_access_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Salesforce | salesforce_oauth2_consumer_key salesforce_oauth2_consumer_secret | ✗ | ✓ | ✓ | ✗ | ✗ |
| Salesforce | salesforce_refresh_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Samsara | samsara_api_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Samsara | samsara_oauth_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Scalr | scalr_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Segment | segment_public_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| SendGrid | sendgrid_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Sentry | sentry_integration_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Sentry | sentry_org_auth_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Sentry | sentry_user_app_auth_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Sentry | sentry_user_auth_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Shippo | shippo_live_api_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Shippo | shippo_test_api_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Shopee | shopee_open_platform_partner_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Shopify | shopify_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Shopify | shopify_app_client_credentials | ✓ | ✓ | ✓ | ✗ | ✗ |
| Shopify | shopify_app_client_secret | ✓ | ✓ | ✗ | ✗ | ✗ |
| Shopify | shopify_app_shared_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Shopify | shopify_custom_app_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Shopify | shopify_marketplace_token | ✓ | ✓ | ✗ | ✗ | ✗ |
| Shopify | shopify_merchant_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Shopify | shopify_partner_api_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Shopify | shopify_private_app_password | ✓ | ✓ | ✓ | ✗ | ✗ |
| Siemens | siemens_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Siemens | siemens_code_token | ✓ | ✗ | ✗ | ✗ | ✗ |
| Sindri | sindri_api_key Token versions | ✓ | ✓ | ✗ | ✓ | ✗ |
| Slack | slack_api_token Token versions | ✓ | ✓ | ✓ | ✓ | ✗ |
| Slack | slack_incoming_webhook_url | ✓ | ✓ | ✓ | ✓ | ✗ |
| Slack | slack_workflow_webhook_url | ✓ | ✓ | ✓ | ✗ | ✗ |
| Snowflake | snowflake_programmatic_access_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Sourcegraph | sourcegraph_access_token | ✓ | ✓ | ✗ | ✓ | ✗ |
| Sourcegraph | sourcegraph_dotcom_user_gateway | ✓ | ✓ | ✓ | ✗ | ✗ |
| Sourcegraph | sourcegraph_instance_identifier_access_token | ✓ | ✓ | ✗ | ✓ | ✗ |
| Sourcegraph | sourcegraph_license_key_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Sourcegraph | sourcegraph_product_subscription_token | ✓ | ✓ | ✗ | ✗ | ✗ |
| Square | square_access_token Token versions | ✗ | ✓ | ✓ | ✓ | ✗ |
| Square | square_production_application_secret | ✗ | ✓ | ✓ | ✗ | ✗ |
| Square | square_sandbox_application_secret | ✗ | ✓ | ✓ | ✗ | ✗ |
| SSLMate | sslmate_api_key Token versions | ✓ | ✓ | ✓ | ✓ | ✗ |
| SSLMate | sslmate_cluster_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Stripe | stripe_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Stripe | stripe_legacy_api_key | ✓ | ✓ | ✗ | ✗ | ✗ |
| Stripe | stripe_live_restricted_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Stripe | stripe_test_restricted_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Stripe | stripe_test_secret_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Stripe | stripe_webhook_signing_secret | ✓ | ✓ | ✗ | ✗ | ✗ |
| Supabase | supabase_service_key Token versions | ✓ | ✓ | ✗ | ✗ | ✗ |
| Tableau | tableau_personal_access_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Tailscale | tailscale_api_key | ✓ | ✓ | ✗ | ✓ | ✗ |
| Telegram | telegram_bot_token | ✗ | ✓ | ✗ | ✓ | ✗ |
| Telnyx | telnyx_api_v2_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Temporal | temporal_cloud_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Tencent | tencent_cloud_intl_access_token | ✓ | ✓ | ✗ | ✗ | ✗ |
| Tencent | tencent_cloud_secret_id | ✓ | ✓ | ✓ | ✗ | ✗ |
| Tencent | tencent_wechat_api_app_id | ✓ | ✓ | ✗ | ✗ | ✗ |
| Tencent | tencent_wechat_pay_token | ✗ | ✓ | ✗ | ✗ | ✗ |
| Thunderstore | thunderstore_io_api_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Twilio | twilio_access_token | ✗ | ✓ | ✓ | ✗ | ✗ |
| Twilio | twilio_account_sid | ✓ | ✓ | ✓ | ✗ | ✗ |
| Twilio | twilio_account_sid_base64 | ✓ | ✓ | ✓ | ✗ | ✓ |
| Twilio | twilio_api_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Typeform | typeform_personal_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Uniwise | wiseflow_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Unkey | unkey_root_key | ✓ | ✓ | ✗ | ✓ | ✗ |
| Val Town | val_town_api_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| VolcEngine | volcengine_access_key_id | ✓ | ✓ | ✓ | ✗ | ✗ |
| Wakatime | wakatime_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Wakatime | wakatime_app_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Wakatime | wakatime_oauth_access_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Wakatime | wakatime_oauth_refresh_token | ✓ | ✓ | ✓ | ✗ | ✗ |
| Weights & Biases | wandb_api_key | ✗ | ✓ | ✗ | ✗ | ✗ |
| Workato | workato_developer_api_token Token versions | ✓ | ✓ | ✓ | ✓ | ✗ |
| WorkOS | workos_production_api_key Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| WorkOS | workos_staging_api_key Token versions | ✓ | ✓ | ✓ | ✗ | ✗ |
| xAI | xai_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Yandex | yandex_cloud_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
| Yandex | yandex_cloud_iam_access_secret | ✓ | ✓ | ✓ | ✗ | ✗ |
| Yandex | yandex_cloud_iam_cookie | ✓ | ✓ | ✓ | ✗ | ✗ |
| Yandex | yandex_cloud_iam_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Yandex | yandex_cloud_smartcaptcha_server_key | ✓ | ✓ | ✓ | ✗ | ✗ |
| Yandex | yandex_dictionary_api_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| Yandex | yandex_passport_oauth_token | ✓ | ✓ | ✓ | ✓ | ✗ |
| Yandex | yandex_predictor_api_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| Yandex | yandex_translate_api_key | ✗ | ✓ | ✓ | ✓ | ✗ |
| ZenHub | zenhub_personal_api_key | ✗ | ✓ | ✓ | ✗ | ✗ |
| Zuplo | zuplo_consumer_api_key | ✓ | ✓ | ✓ | ✓ | ✗ |
トークンのバージョン
サービス プロバイダーは、トークンを定期的に生成するために使用されるパターンを更新し、複数のバージョンのトークンをサポートしている場合があります。 プッシュ保護では、secret scanning が確実に識別できる最新のトークン バージョンのみがサポートされます。 これにより、結果が誤検知になる可能性がある場合に、プッシュ保護によってコミットが不必要にブロックされるのを回避できます。これは、レガシ トークンで発生する可能性が高いです。
マルチパート シークレット
secret scanning の既定では、ペアが一致するアクセス キーとキー ID の検証をサポートします。
また、Secret scanning は、既存のペア一致に加えて、Amazon AWS アクセス キー ID の個々のキー ID の検証もサポートします。
対応するアクセス キーが見つかったかどうかに関係なく、secret scanning によってキー ID の存在が確認されると、キー ID はアクティブとして表示されます。 キー ID が無効な場合 (たとえば、実際のキー ID ではない場合)、キー ID は inactive と表示されます。
有効なペアが見つかった場合、secret scanning アラートがリンクされます。