Sentry Token

Detects Sentry auth tokens: organization tokens (sntrys_), user auth tokens (sntryu_), the user-app and internal-integration prefixes from Sentry's own token-type source (sntrya_, sntryi_), and, when labelled with Sentry context in an assignment, the legacy unprefixed 64-hex tokens issued before prefixing. A leaked token grants API access to error and performance data -- which routinely embeds further secrets, PII, and source context -- and to release/CI operations. Sentry DSNs are explicitly NOT matched: Sentry documents DSNs as safe to keep public.

Type
regex
Engine
universal
Confidence
high
Confidence justification
High confidence: the sntry?_ prefix family is confirmed by Sentry's own source code (AuthTokenType enum: sntryu_/sntrys_/sntrya_/sntryi_), and the two dominant formats are pinned by multiple independent production detectors -- sntryu_ + 64 hex identically in gitleaks, TruffleHog, and Kingfisher; the sntrys_ branch adopts the full gitleaks/Kingfisher-attested structure (eyJpYXQiO payload head, embedded base64 region_url marker in any of its three rotations, and the trailing ={0,2}_ + 43-character base64 secret; TruffleHog's flat sntrys_eyJ + 197-character body is consistent with this envelope). Sentry is a GitHub secret-scanning partner for both (push protection enabled). The sntrya_/sntryi_ bodies are not published by any source, so they carry an honest bounded range behind their distinctive prefixes rather than an invented exact length. The legacy unprefixed 64-hex form is deliberately context-gated: it is indistinguishable from any SHA-256 hex digest, so it requires a labelled assignment and never fires value-only.
Jurisdictions
global
Regulations
Criminal Code Act 1995 (Cth)
Frameworks
CIS Controls, ISO 27001, NIST CSF, SOC 2
Data categories
credentials, security
Scope
narrow
Risk rating
8
Platform compatibility
Purview: Compatible, GCP DLP: Unsupported, Macie: Unsupported, Zscaler: Compatible, Palo Alto: Unsupported, Netskope: Unsupported

Pattern

(?<![A-Za-z0-9+/_-])(?:sntrys_eyJpYXQiO[A-Za-z0-9+/]{10,200}(?:LCJyZWdpb25fdXJs|InJlZ2lvbl91cmwi|cmVnaW9uX3VybCI6)[A-Za-z0-9+/]{10,200}={0,2}_[A-Za-z0-9+/]{43}|sntryu_[a-f0-9]{64}|sntry[ai]_[A-Za-z0-9+/=_-]{20,200})(?![A-Za-z0-9+/=_-])

Corroborative evidence keywords

sentry, sentry.io, SENTRY_AUTH_TOKEN, sentry-cli, auth token, api key, api_key, apikey, access key, access token, authorization, bearer, conn str, connection string, connectionstring, cookie, credential, database, host, [object Object] (+37 more)

Proximity: 300 characters

Should match

Should not match

Known false positives

References