Skip to main content

GitHub App Token

Description

General

Revoke the secret

Tokens can be revoked by uninstalling the GitHub App or regenerating the app's credentials. Navigate to the GitHub App settings to manage app installations and tokens.

Details for GitHub User-to-server Token

  • Family: token

  • Category: version_control_platform

  • Company: GitHub

  • High recall: False

  • Validity check available: True

  • Analyzer available: True

  • On-premise instances exist: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 2.08

  • Prefixed: False

Details for GitHub Server-to-server Token

  • Family: token

  • Category: version_control_platform

  • Company: GitHub

  • High recall: False

  • Validity check available: True

  • Analyzer available: True

  • On-premise instances exist: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.92

  • Prefixed: False

Secret Analyzer

Analysis Method

  • Provider allows scopes enumeration: True
  • Total network call count: 1
  • Total call count may vary: False

HTTP Calls

Requests are designed to capture metadata and not to function effectively.

  • GET: /user

Other Calls

Non-HTTP queries or HTTP calls made through a third-party app (e.g., Python package). No other calls for this analyzer.