This page contains the names and descriptions of Developer Secrets Data Classes discovered by Open Raven's Data Scan service.
Data Class Name | Data Class Description |
|---|---|
AWS Secrets | Keys for connecting to AWS resources. |
SSH Key | Private keys in various formats including OpenSSH, .pem, .ppk, and .xml. |
PGP Key | Data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. |
X.509 Digital Certificate | Standard format for public key certificates, digital documents that securely associate cryptographic key pairs with identities such as websites, individuals, or organizations. |
Database Connection String | A location and identity used to connect to a database. It includes JDBC and ODBC connection strings. |
Facebook Access Token | A Facebookaccess token is an opaque string that identifies a user, app, or Page and can be used by the app to make graph API calls. Read more here. |
Github Access Key (Personal Access Token) | Github Personal access tokens (PATs) are an alternative to using passwords for authentication to GitHub when using the GitHub API or the command line. Read more here. |
Google API key | A Google API key is a simple encrypted string that identifies an application without any principal. They are useful for accessing public data anonymously, and are used to associate API requests with your project for quota and billing. Read more here. |
Slack API Token | There are more than a few tokens in the Slack platform. A token ties together all the scopes and permissions your app has obtained. Read more here. |
Twitter API key | The Twitter developer App provides a set of API Keys (also known as Consumer Keys). Read more here. |
Mailchimp API key | If you want to set up an integration with your Mailchimp account, chances are high that you'll need to generate an API key. Users with Manager permissions can generate and view their own API keys. Users with Admin permissions can also see API keys for other account users. Read more here. |
Mailgun API key | When you sign up for Mailgun, they generate a primary account API key. This key allows you to perform all CRUD operations via their various API endpoints and for any of your sending domains. Read more here. |
Heroku API token | The Heroku API token is used for authentication in all other Heroku API requests, and can be regenerated at will by the user in the heroku.com web interface. Read more here. |
PayPal Access token | PayPal access tokens authorize you to use the PayPal REST API server. Read more here. |
Square API access token | Personal access tokens are used to get unlimited Square API access to resources in your own Square account. Read more here. |
Stripe API access tokens | Stripe uses tokens to collect sensitive card or bank account details, or personally identifiable information (PII), directly from your customers in a secure manner. A token representing this information is returned to your server to use. Read more here. |
Twilio API key | Twilio API keys allow you to authenticate with Twilio's API and create and revoke Access Tokens. Read more here. |
URL password | Generic clear text passwords stored in URLs. |
Generic Secret Key | Generic secret or access key in an alphanumeric format. |
Updated 6 months ago
What's Next
| Healthcare Data Classes |