- Documentation: https://stripe.com/docs/api
- Summary: Stripe offers payment processing software and application programming interfaces (APIs) for e-commerce websites and mobile application. As an API providing financial related information, the corresponding API key is highly sensitive.
- IPs allowlist: This feature is not mentioned in the API documentation.
- Scopes: By default Stripe API keys have a full access to all the API features. Yet, the user can easily create restricted API keys from the Dashboard and specify which accesses are granted to the key. See this documentation for more details.
#Revoke the secret
Stripe Keys can be revoked or rolled from the Dashboard. See this documentation for more details.
#Check for suspicious activity
A requests log is available for every Stripe Key.
Category: Payment system
High recall: True
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 1
Occurrences found for one million commits: 8.29
- type: ContentWhitelistPreValidator patterns: - '[sr]k'- type: ContentWhitelistPreValidator patterns: - _live_
- text: "+ stripe_secret_key: sk_live_epISNGSkdeXov2frTey7RHAi" apikey: sk_live_epISNGSkdeXov2frTey7RHAi- text: "# stripe_api_key: sk_live_EeHnL644i6zo4Iyq4v1KdV8H" apikey: sk_live_EeHnL644i6zo4Iyq4v1KdV8H- text: "stripe_api_key: sk_live_EeHnL644i6zo4Iyq4v1KdV9H" apikey: sk_live_EeHnL644i6zo4Iyq4v1KdV9H