Anypoint Keys
#
Description#
General- Documentation: https://docs.mulesoft.com/api-manager/1.x/tutorials
- Summary: Anypoint is a platform used to connect and create APIs. This detector aims to detect
client_id
andclient_secret
used to connect to the APIs built with Anypoint. - IPs allowlist: This feature is not currently available.
- Scopes: Keys can have a custom access to APIs.
#
Revoke the secretThis can be done by the administrator through the Anypoint dashboard.
#
Check for suspicious activityThis feature is not currently available.
Anypoint keys
#
Details for Family: Api
Category: Identity provider
Company: MuleSoft
High recall: False
Validity check available: True
On-premise instances exist: True
Only valid secrets raise an alert: True
Minimum number of matches: 2
Occurrences found for one million commits: 0.67
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: [] banlist_filenames: [] check_binaries: false include_default_banlist_extensions: true ban_markup: false- type: ContentWhitelistPreValidator patterns: - anypoint
#
Examples- text: | <anypoint.platform.client_id>421c48999fba7ee2b6a7e8dec374a945</anypoint.platform.clientid> <anypoint.platform.client_secret>d5D06e8f5c0a6c26eDE090a369ADDFeb</anypoint.platform.client_secret> client_id: 421c48999fba7ee2b6a7e8dec374a945 client_secret: d5D06e8f5c0a6c26eDE090a369ADDFeb- text: <anypoint.platform.client_id>421c48999fba7ee2b6a7e8dec374a945</anypoint.platform.clientid> <anypoint.platform.client_secret>d5D06e8f5c0a6c26eDE090a369ADDFeb</anypoint.platform.client_secret>
client_id: 421c48999fba7ee2b6a7e8dec374a945 client_secret: d5D06e8f5c0a6c26eDE090a369ADDFeb filename: some_file.md