Algolia Keys
#
Description#
General- Documentation: https://www.algolia.com/doc/.
- Summary: This detector aim at catching Algolia API keys - admin keys, monitoring keys and keys with more restricted access.
- IPs allowlist: There is no IP allowlisting possible.
- Scopes: This key has all permissions.
#
Revoke the secret- Key can be rotated in the Algolia website.
#
Check for suspicious activityThere is currently no method to verify the actions done with the key.
Algolia custom permissions
#
Details for Family: Api
Category: Data storage
Company: Algolia
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: True
Minimum number of matches: 2
Occurrences found for one million commits: 26.61
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: [] banlist_filenames: [] check_binaries: false include_default_banlist_extensions: true ban_markup: false- type: ContentWhitelistPreValidator patterns: - algolia
#
Examples- text: | algolia clientid= 2D20AW43DA clientsecret= 3c039c651368a6b0f7640dbda46bfadc client_id: 2D20AW43DA client_secret: 3c039c651368a6b0f7640dbda46bfadc- text: algolia clientid= 2D20AW43DA clientsecret= 3c039c651368a6b0f7640dbda46bfadc
client_id: 2D20AW43DA client_secret: 3c039c651368a6b0f7640dbda46bfadc
Algolia monitoring
#
Details for Family: Api
Category: Data storage
Company: Algolia
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: True
Minimum number of matches: 2
Occurrences found for one million commits: 0.02
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: [] banlist_filenames: [] check_binaries: false include_default_banlist_extensions: true ban_markup: false- type: ContentWhitelistPreValidator patterns: - algolia
#
Examples- text: | const ALGOLIA_APP_ID = 'O209R1PN3N'; const ALGOLIA_MONITORING_KEY = '476aee33e12b4ef08e8f1ba9c4b638c0'; client_id: O209R1PN3N client_secret: 476aee33e12b4ef08e8f1ba9c4b638c0- text: const ALGOLIA_APP_ID = 'O209R1PN3N'; const ALGOLIA_MONITORING_KEY = '476aee33e12b4ef08e8f1ba9c4b638c0';
client_id: O209R1PN3N client_secret: 476aee33e12b4ef08e8f1ba9c4b638c0
Algolia admin
#
Details for Family: Api
Category: Data storage
Company: Algolia
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: True
Minimum number of matches: 2
Occurrences found for one million commits: 8.64
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: [] banlist_filenames: [] check_binaries: false include_default_banlist_extensions: true ban_markup: false- type: ContentWhitelistPreValidator patterns: - algolia
#
Examples- text: | const ALGOLIA_APP_ID = 'OH2GRAP30N'; const ALGOLIA_ADMIN_KEY = 'b782df1739614041699a45f8079a3623'; const ALGOLIA_SEARCH_KEY = '46aee733e12b4f08ee8f1ba9c4bc6380'; client_id: OH2GRAP30N client_secret: b782df1739614041699a45f8079a3623- text: | struct Algolia { static let appId: String = "B2NW9U3W8F" static let apiKeySearch: String = "d9ad5cd8c4a29789099c7521561228dc" static let apiKeyAdmin: String = "4934242ed5979c45ed9fb3ec072429ea" } client_id: B2NW9U3W8F client_secret: d9ad5cd8c4a29789099c7521561228dc- text: const ALGOLIA_APP_ID = 'OH2GRAP30N'; const ALGOLIA_ADMIN_KEY = 'b782df1739614041699a45f8079a3623'; const ALGOLIA_SEARCH_KEY = '46aee733e12b4f08ee8f1ba9c4bc6380';
client_id: OH2GRAP30N client_secret: b782df1739614041699a45f8079a3623