This page contains the names and descriptions of Developer Secrets Data Classes discovered by Open Raven's Data Scan service.
Data Class Name
Data Class Description
Keys for connecting to AWS resources.
Private keys in various formats including OpenSSH, .pem, .ppk, and .xml.
Data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication.
X.509 Digital Certificate
Standard format for public key certificates, digital documents that securely associate cryptographic key pairs with identities such as websites, individuals, or organizations.
Database Connection String
A location and identity used to connect to a database. It includes JDBC and ODBC connection strings.
Facebook Access Token
A Facebookaccess token is an opaque string that identifies a user, app, or Page and can be used by the app to make graph API calls. Read more here.
Github Access Key (Personal Access Token)
Github Personal access tokens (PATs) are an alternative to using passwords for authentication to GitHub when using the GitHub API or the command line. Read more here.
Google API key
A Google API key is a simple encrypted string that identifies an application without any principal. They are useful for accessing public data anonymously, and are used to associate API requests with your project for quota and billing. Read more here.
Slack API Token
There are more than a few tokens in the Slack platform. A token ties together all the scopes and permissions your app has obtained. Read more here.
Twitter API key
The Twitter developer App provides a set of API Keys (also known as Consumer Keys). Read more here.
Mailchimp API key
If you want to set up an integration with your Mailchimp account, chances are high that you'll need to generate an API key. Users with Manager permissions can generate and view their own API keys. Users with Admin permissions can also see API keys for other account users. Read more here.
Mailgun API key
When you sign up for Mailgun, they generate a primary account API key. This key allows you to perform all CRUD operations via their various API endpoints and for any of your sending domains. Read more here.
Heroku API token
The Heroku API token is used for authentication in all other Heroku API requests, and can be regenerated at will by the user in the heroku.com web interface. Read more here.
PayPal Access token
PayPal access tokens authorize you to use the PayPal REST API server. Read more here.
Square API access token
Personal access tokens are used to get unlimited Square API access to resources in your own Square account. Read more here.
Stripe API access tokens
Stripe uses tokens to collect sensitive card or bank account details, or personally identifiable information (PII), directly from your customers in a secure manner. A token representing this information is returned to your server to use. Read more here.
Twilio API key
Twilio API keys allow you to authenticate with Twilio's API and create and revoke Access Tokens. Read more here.
Generic clear text passwords stored in URLs.
Generic Secret Key
Generic secret or access key in an alphanumeric format.
Updated 3 months ago
|Healthcare Data Classes|