GitHub OAuth App Keys
Description
General
- Documentation: https://docs.github.com/en/free-pro-team@latest/rest/reference/apps#oauth-applications
- Summary: GitHub Applications are plugins that can be installed on GitHub accounts. This detector focuses on detecting the app's credentials used to retrieve data from GitHub. Note that these credentials are different from GitHub App Keys, the main differences are listed here. When a user installs a GitHub application, they allow the app to act on their behalf within the defined scope. To get more information on the name of the app and the user or oganization it is tied to, visit https://github.com/login/oauth/authorize?client_id=CLIENT_ID_GOES_HERE.
Details for GitHub OAuth App Keys
-
Family: credentials
-
Category: version_control_platform
-
Company: GitHub
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: True
-
Only valid secrets raise an alert: True
-
Minimum number of matches: 2
-
Occurrences found for one million commits: 25.67
-
Prefixed: False