Securityflags: g

Stripe API Key

Match Stripe API keys: secret (sk_), publishable (pk_), or restricted (rk_), in test or live mode.

Try it in RegexPro →

Available in

JSSupported

JavaScript / ECMAScript

Browser-native RegExp. Default if you don't pick.

PYSupported

Python (re)

CPython stdlib `re`. Unicode-aware `\w` and `\d` by default.

GOSupported

Go (RE2)

Linear-time matching. No backreferences or lookarounds.

Pattern

regexengine-agnostic
(?:sk|pk|rk)_(?:test|live)_[A-Za-z0-9]{24,}   (flags: g)

Raw source: (?:sk|pk|rk)_(?:test|live)_[A-Za-z0-9]{24,}

How it works

(?:sk|pk|rk) matches one of the three key types. _(?:test|live)_ matches the mode separator. [A-Za-z0-9]{24,} matches the random suffix — Stripe's keys are at least 24 characters, sometimes longer for restricted keys. The pattern catches keys exposed in source code, logs, or chat transcripts.

Examples

Input

Use sk_live_4eC39HqLyjWDarjtT1zdp7dc for prod

Matches

  • sk_live_4eC39HqLyjWDarjtT1zdp7dc

Input

Public: pk_test_TYooMQauvdEDq54NiTphI7jx

Matches

  • pk_test_TYooMQauvdEDq54NiTphI7jx

Input

no keys here

No match

Common use cases

  • Pre-commit secret-scanning hooks
  • Log redaction pipelines
  • Incident response: searching backups for leaked keys
  • CI security audits

Related patterns

Generic API Key

Security

Match generic long alphanumeric tokens (32+ chars) typical of API keys and access tokens.

SSH Public Key

Security

Match SSH public keys in OpenSSH `authorized_keys` format, including the optional comment field.

AWS Access Key ID

Security

Match AWS access key IDs (both long-term AKIA and temporary ASIA prefixes).

PEM Private Key Block

Security

Match PEM-encoded private key blocks across the common variants (RSA, EC, DSA, OpenSSH, encrypted, PGP).

PreviousSSH Public Key
All patterns
NextMongoDB Connection URI