# Setting Up Gitleaks for Secret Detection

## Using the Gitleaks scanner with Codefortify

#### License Key for Organization Repositories

Gitleaks scanning requires an additional step if you're scanning repositories belonging to an organization account. You'll need a free Gitleaks license key.

For personal account repositories, no license key is required.

#### How to Get a Free Gitleaks License Key

1. Visit[ Gitleaks.io](https://gitleaks.io).
2. Click Sign Up to complete a Google form with your name, email, and company details.
3. After submitting the form, you will receive an email with your free license key.

<figure><img src="https://lh7-rt.googleusercontent.com/docsz/AD_4nXeZ4blNBUYdxkI-6wTGPx4-wDD0qG2UzD3v2ScdCbAffVZsBzy4SmnCR5k-f_uTIeRpVUntBbswI3nDJrTNZFcRATNiCe9CCRbBUPpYML1YHn1nuJhl1LmYQMotO5ZHo-dHDUdLOpRffJiN5QeK-aODrRh3?key=uh_H-qvEO1v_hxMqf2wm7A" alt=""><figcaption></figcaption></figure>

<figure><img src="https://lh7-rt.googleusercontent.com/docsz/AD_4nXfpldQuo8eOitfMx6aKakm1RLMg1MvW945Mgdoh85L19cRibAMqJ10D3Z2IIj1XD3VaJNYe-L3HNE8RfeWbEYIuwCwLWe9hm6IJN1Qom8ceI5hQBzsdQplxW3SylDueZh39DyJBKF23hP5yzrPdjns_1g?key=uh_H-qvEO1v_hxMqf2wm7A" alt=""><figcaption></figcaption></figure>

#### Adding Your License Key

Once you have your Gitleaks license key, it must be added as an encrypted secret in one of the following locations:

* The repository
* The organization

<figure><img src="/files/ZtcKIhl8c15ukhgwVcql" alt=""><figcaption></figcaption></figure>

***

## Using Secrets in GitHub Actions

Secrets in GitHub Actions allow you to store sensitive information in your repository, organization, or specific repository environments. Ensure you follow best practices when handling and storing sensitive data, such as your Gitleaks license key.

For more information on how to use and configure secrets in GitHub Actions, visit the[ GitHub documentation on secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.codefortify.ai/getting-started/setting-up-gitleaks-for-secret-detection.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.