TruffleHog

the trufflehog connector enables swimlane users to integrate secret detection capabilities into their security workflows, allowing for automated scanning and response to potential secret exposures trufflehog is a powerful secret detection tool that scans code repositories and other data sources to identify sensitive information such as api keys, passwords, and tokens the trufflehog connector for swimlane turbine enables users to automate the process of detecting, listing, and managing secrets across various platforms by integrating with trufflehog, swimlane turbine users can enhance their security posture by proactively identifying and addressing secret leaks, streamlining the process of secret management, and ensuring compliance with security policies supported version the trufflehog connector supports the latest api version limitations none to date asset setup trufflehog api allows clients to manage sources and secrets api requests require x thog key and x thog secret headers which can be generated at the your instance trufflehog org/api keys prerequisites to effectively utilize the trufflehog connector within the swimlane platform, ensure you have the following prerequisites trufflehog api authentication using the following parameters url the endpoint url for the trufflehog api api key your personal api key to authenticate requests app id the application identifier associated with your api key capabilities this connector provides the following capabilities list secrets retrieve secret list secret locations retrieve secret location list secrets lists all secrets for all sources retrieve secret get a specific secret by id list secret locations list all secret locations for all sources retrieve secret location retrieve a specific secret location by id configurations trufflehog api key authentication trufflehog api authentication using api key in header configuration parameters parameter description type required url a url to the target host string required apikey x thog secret api key string required appid x thog key api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions list secret locations retrieve a list of all secret locations across various sources using trufflehog endpoint url /v2/secret locations method get input argument name type required description parameters page number optional specifies the page number of the secrets to be displayed parameters secret id number optional filters for secret locations related to a specific secret input example {"parameters" {"page" 123,"secret id" 123}} output parameter type description status code number http status code of the response reason string response reason phrase lastpage number output field lastpage countitems number output field countitems countitemsonpage number output field countitemsonpage current number output field current next string output field next previous string output field previous results array result of the operation total pages number output field total pages cur page number output field cur page output example {"lastpage" 30,"countitems" 10,"countitemsonpage" 10,"current" 2,"next" "https //api trytruffle ai/v2/secret locations?page=3","previous" "https //api trytruffle ai/v2/secret locations?page=1","results" \[{"id" 10,"secret id" 10,"repository" "myrepository","bucket" "mybucket","space" "myspace","registry" "myregistry","channel name" "mychannel","workspace name" "myworkspace","package name" "mypackage","account name" "myaccount","file name" "myfile txt","issue" "myissue","link" "https //api trytruf list secrets retrieve a comprehensive list of secrets detected across all configured sources in trufflehog endpoint url /v2/secrets method get input argument name type required description parameters verified boolean optional filters for secrets with the specified verified status parameters search string optional a fuzzy search string that searches the secret location's email, source repository (if applicable), and source name entries, as well as the secret's type and redacted status parameters created date after string optional filters secrets to include only those first discovered after the specified date and time parameters created date before string optional filters secrets to include only those first discovered before the specified date and time parameters last seen after string optional filters secrets to include only those last found in a scan after the specified date and time parameters last seen before string optional filters secrets to include only those last found in a scan before the specified date and time parameters last verified after string optional filters secrets to include only those last verified as live after the specified date and time parameters last verified before string optional filters secrets to include only those last verified as live before the specified date and time parameters page number optional specifies the page number of the secrets to be displayed parameters secret locations source type string optional specifies one or more sources (comma delimited if multiple) to filter by github, slack, ecr, jira, s3, gcs, gitlab, confluence, googledrive, or any other source type parameters secret locations source id number optional specifies the source id to filter by parameters secret locations source scanner group id number optional specifies the scanner id to filter by parameters secret locations repository string optional specifies the repository value to filter by parameters secret locations bucket string optional specifies the bucket value to filter by parameters secret locations space string optional specifies the confluence space value to filter by parameters secret locations image string optional specifies the docker image name value to filter by parameters secret locations channel string optional specifies the slack or teams channel name to filter by parameters secret locations workspace string optional specifies the bitbucket workspace name to filter by parameters secret locations package string optional specifies the npm or pypi package name to filter by parameters secret locations account string optional specifies the azure storage account name to filter by parameters secret locations issue string optional specifies the jira issue to filter by parameters secret type string optional specifies the secret type to filter by parameters triage state string optional describes the the triage state of a secret as set by the customer untriaged a triage state has not been set (referred to as active in the ui) false positive the secret has been marked as a false positive (reffered to as invalid in the ui) resolved the secret leak has been resolved will not fix the secret leak has been confirmed, but will not be fixed parameters has no last verified boolean optional specifies if results should only include secrets that have never been verified parameters has connection issues boolean optional specifies if results should only include secrets that have a connection issue from their last scan input example {"parameters" {"verified"\ true,"search" "string","created date after" "string","created date before" "string","last seen after" "string","last seen before" "string","last verified after" "string","last verified before" "string","page" 123,"secret locations source type" "string","secret locations source id" 123,"secret locations source scanner group id" 123,"secret locations repository" "string","secret locations bucket" "string","secret locations space" "string","secret locations imag output parameter type description status code number http status code of the response reason string response reason phrase lastpage number output field lastpage countitems number output field countitems countitemsonpage number output field countitemsonpage current number output field current next string output field next previous string output field previous results array result of the operation results id number unique identifier results secret type string type of the resource results redacted string result of the operation results verified boolean result of the operation results source string result of the operation results found date string result of the operation results triage state string result of the operation results last verified string result of the operation results last seen string result of the operation results created date string result of the operation results modified date string result of the operation results date rotated string result of the operation results user defined boolean result of the operation results secret locations count number result of the operation results distinct source types array type of the resource results distinct source names array name of the resource output example {"lastpage" 10,"countitems" 10,"countitemsonpage" 10,"current" 2,"next" "https //api trytruffle ai/v2/secrets?page=3","previous" "https //api trytruffle ai/v2/secrets?page=1","results" \[{"id" 10,"secret type" "test","redacted" "test","verified"\ true,"source" "myrepository","found date" "2025 11 17","triage state" "untriaged","last verified" "2025 11 17","last seen" "2025 11 17","created date" "2025 11 17","modified date" "2025 11 17","date rotated" "2025 11 17","user defined"\ true,"secret locati retrieve secret retrieves a specific secret from trufflehog using the provided unique identifier endpoint url /v2/secrets/{{id}} method get input argument name type required description path parameters id number required parameters for the retrieve secret action input example {"path parameters" {"id" 123}} output parameter type description status code number http status code of the response reason string response reason phrase id number unique identifier secret type string type of the resource redacted string output field redacted verified boolean output field verified source string output field source found date string date value triage state string output field triage state last verified string output field last verified last seen string output field last seen created date string date value modified date string date value date rotated string output field date rotated user defined boolean output field user defined secret locations count number count value distinct source types array type of the resource distinct source names array name of the resource verification error message string response message analyze id number unique identifier output example {"id" 10,"secret type" "test","redacted" "test","verified"\ true,"source" "myrepository","found date" "2025 11 17","triage state" "untriaged","last verified" "2025 11 17","last seen" "2025 11 17","created date" "2025 11 17","modified date" "2025 11 17","date rotated" "2025 11 17","user defined"\ true,"secret locations count" 10,"distinct source types" \["github"]} retrieve secret location retrieve a specific secret location in trufflehog using the unique identifier provided in the path parameters endpoint url /v2/secret locations/{{id}} method get input argument name type required description path parameters id number required the id of the secret location to retrieve input example {"path parameters" {"id" 123}} output parameter type description status code number http status code of the response reason string response reason phrase id number unique identifier secret id number unique identifier repository string output field repository bucket string output field bucket space string output field space registry string output field registry channel name string name of the resource workspace name string name of the resource package name string name of the resource account name string name of the resource file name string name of the resource issue string output field issue link string output field link azure container string output field azure container email string output field email snippet id number unique identifier title string output field title commit string output field commit timestamp string output field timestamp org string output field org pipeline string output field pipeline build number string output field build number vcs type string type of the resource output example {"id" 10,"secret id" 10,"repository" "myrepository","bucket" "mybucket","space" "myspace","registry" "myregistry","channel name" "mychannel","workspace name" "myworkspace","package name" "mypackage","account name" "myaccount","file name" "myfile txt","issue" "myissue","link" "https //api trytruffle ai/v2/secret locations/10","azure container" "myazurecontainer","email" "myemail\@example com"} response headers header description example content type the media type of the resource application/json date the date and time at which the message was originated thu, 01 jan 2024 00 00 00 gmt