Skip to main content

Stripe Keys

Description

General

  • Documentation: https://stripe.com/docs/api
  • Summary: Stripe offers payment processing software and application programming interfaces (APIs) for e-commerce websites and mobile application. As an API providing financial related information, the corresponding API key is highly sensitive.

Revoke the secret

Stripe Keys can be revoked or rolled from the Dashboard. See this documentation for more details.

Details for Stripe Keys

  • Family: token

  • Category: payment_system

  • Company: Stripe

  • High recall: True

  • Validity check available: True

  • Analyzer available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 12.9

  • Prefixed: True

Secret Analyzer

Analysis Method

  • Provider allows scopes enumeration: False
  • Total network call count: 200
  • Total call count may vary: True

HTTP Calls

Requests are designed to capture metadata and not to function effectively.

  • GET: /v1/apple_pay/domains
  • GET: /v1/application_fees
  • GET: /v1/balance
  • GET: /v1/billing/meters
  • GET: /v1/billing/meters/***/event_summaries
  • GET: /v1/charges?limit=1
  • GET: /v1/checkout/sessions
  • GET: /v1/climate/orders
  • GET: /v1/confirmation_tokens/***
  • GET: /v1/coupons
  • GET: /v1/credit_notes
  • GET: /v1/customers
  • GET: /v1/disputes
  • GET: /v1/events
  • GET: /v1/files
  • GET: /v1/invoices
  • GET: /v1/issuing/authorizations
  • GET: /v1/issuing/cardholders
  • GET: /v1/issuing/cards
  • GET: /v1/issuing/disputes
  • GET: /v1/issuing/funding_instructions
  • GET: /v1/issuing/tokens
  • GET: /v1/issuing/tokens/***?expand[]=network_data
  • GET: /v1/issuing/transactions
  • GET: /v1/orders
  • GET: /v1/payment_intents
  • GET: /v1/payment_links
  • GET: /v1/payment_method_domains
  • GET: /v1/payment_methods
  • GET: /v1/payouts
  • GET: /v1/prices
  • GET: /v1/products
  • GET: /v1/promotion_codes
  • GET: /v1/quotes
  • GET: /v1/reporting/report_runs
  • GET: /v1/reviews
  • GET: /v1/setup_intents
  • GET: /v1/shipping_rates
  • GET: /v1/skus
  • GET: /v1/sources/***
  • GET: /v1/subscription_items/***/usage_record_summaries
  • GET: /v1/subscriptions
  • GET: /v1/tax/calculations/***
  • GET: /v1/tax/settings
  • GET: /v1/tax_ids
  • GET: /v1/tax_rates
  • GET: /v1/terminal/configurations
  • GET: /v1/terminal/locations
  • GET: /v1/terminal/readers
  • GET: /v1/test_helpers/test_clocks
  • GET: /v1/tokens/***
  • GET: /v1/topups
  • GET: /v1/transfers
  • GET: /v1/webhook_endpoints
  • POST: /v1/account/login_links
  • POST: /v1/account_links
  • POST: /v1/apple_pay/domains
  • POST: /v1/application_fees/***/refunds
  • POST: /v1/billing/meter_event_adjustments
  • POST: /v1/billing/meter_events
  • POST: /v1/billing/meters
  • POST: /v1/billing_portal/sessions
  • POST: /v1/charges
  • POST: /v1/checkout/sessions
  • POST: /v1/climate/orders
  • POST: /v1/coupons
  • POST: /v1/credit_notes
  • POST: /v1/customer_sessions
  • POST: /v1/customers/***
  • POST: /v1/disputes/***
  • POST: /v1/ephemeral_keys
  • POST: /v1/invoices
  • POST: /v1/issuing/authorizations/***
  • POST: /v1/issuing/cardholders
  • POST: /v1/issuing/cards
  • POST: /v1/issuing/disputes
  • POST: /v1/issuing/funding_instructions
  • POST: /v1/issuing/tokens/***
  • POST: /v1/issuing/transactions/***
  • POST: /v1/orders
  • POST: /v1/payment_intents
  • POST: /v1/payment_links
  • POST: /v1/payment_method_domains
  • POST: /v1/payment_methods/***
  • POST: /v1/payouts
  • POST: /v1/prices
  • POST: /v1/products
  • POST: /v1/promotion_codes
  • POST: /v1/quotes/***
  • POST: /v1/reviews/***/approve
  • POST: /v1/setup_intents/***
  • POST: /v1/shipping_rates
  • POST: /v1/skus
  • POST: /v1/sources
  • POST: /v1/subscription_items/***/usage_records
  • POST: /v1/subscriptions
  • POST: /v1/tax/calculations
  • POST: /v1/tax/settings?***=0
  • POST: /v1/tax_ids
  • POST: /v1/tax_rates
  • POST: /v1/terminal/configurations?***=0
  • POST: /v1/terminal/connection_tokens?***=0
  • POST: /v1/terminal/locations
  • POST: /v1/terminal/readers
  • POST: /v1/test_helpers/test_clocks
  • POST: /v1/tokens?card[number]=1111111111111111
  • POST: /v1/topups
  • POST: /v1/transfers
  • POST: /v1/webhook_endpoints
  • POST: https://files.stripe.com/v1/files?purpose=account_requirement

Other Calls

Non-HTTP queries or HTTP calls made through a third-party app (e.g., Python package). No other calls for this analyzer.

Last updated on

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status