Introduction to secret scanning

Learn how secret scanning detects secrets in existing content and new commits, helping you to avoid exposing sensitive data that could be exploited.

Who can use this feature?

Secret scanning is available for the following repository types:

  • Public repositories on GitHub.com
  • Organization-owned repositories on GitHub Team or GitHub Enterprise Cloud with GitHub Secret Protection enabled
  • User-owned repositories for GitHub Enterprise Cloud with Enterprise Managed Users

Supported secret scanning patterns

Lists of supported secrets and the partners that GitHub works with to prevent fraudulent use of secrets that were committed accidentally.