diff --git a/.gitleaks.toml b/.gitleaks.toml
new file mode 100644
index 0000000000..d508e010b3
--- /dev/null
+++ b/.gitleaks.toml
@@ -0,0 +1,11 @@
+#
+# GitLeaks Repo Specific Configuration
+#
+# This allowlist is used to help Red Hat ignore false positives during its code
+# scans.
+
+[allowlist]
+  paths = [
+    '''saml-core/src/test/java/org/keycloak/saml/processing/core/saml/v2/util/AssertionUtilTest.java''',
+    '''testsuite/performance/tests/pom.xml''',
+  ]