Skip to main content

PayPal Braintree Keys



  • Documentation:
  • Summary: Braintree is a payment service built by PayPal. It allows customers to create payment pipelines, fraud detection systems and reporting of current operations. These operations can be done through their API. This detector aims at catching credentials used to authenticate requests to the API. These credentials allow to make payments, and get historical data.
  • IPs allowlist: IP allowlisting can be setup from the account's API dashboard, in the Security tab.
  • Scopes: Credentials are either sandbox or production credentials. This detector aims at catching only production credentials.

Revoke the secret

API keys can be deleted in the API dashboard.

Check for suspicious activity

Last usage of a key is displayed in the API dashboard.

Details for Paypal braintree keys

  • Family: Api

  • Category: Payment system

  • Company: PayPal

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 0.17

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
- ^lock$
- ^storyboard(c|er)?~?$
- ^xib$
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: false
ban_markup: false
- type: ContentWhitelistPreValidator
- paypal
- braintree


- text: |
"braintree": {
"publicKey": "gz69wf3m5zvydp4x",
"privateKey": "84a57105677aef32ec2c2341a028242b"
client_id: 'gz69wf3m5zvydp4x'
client_secret: '84a57105677aef32ec2c2341a028242b'

How can I help you ?