GitHub secrets are used to securely store sensitive information like API keys, tokens, and passwords in repositories.
When you store the sensitive information as a GitHub secret, you remove the need to hardcode the credential or key, and prevent exposure of it in your code or logs. The secret can then be used to authenticate services, manage credentials, and securely pass sensitive data in workflows.
There are two types of secrets used by GitHub:
- Dependabot secrets
- Actions secrets
Depending on the GitHub secret type, you can create and manage secrets under your repository, organization, or personal account security settings page.
For information on the usage, scope, permissions, and limitations of each secret type, see Understanding GitHub secret types.