Skip to main content

Anypoint Keys

Description#

General#

  • Documentation: https://docs.mulesoft.com/api-manager/1.x/tutorials
  • Summary: Anypoint is a platform used to connect and create APIs. This detector aims to detect client_id and client_secret used to connect to the APIs built with Anypoint.
  • IPs allowlist: This feature is not currently available.
  • Scopes: Keys can have a custom access to APIs.

Revoke the secret#

This can be done by the administrator through the Anypoint dashboard.

Check for suspicious activity#

This feature is not currently available.

Details for Anypoint keys#

  • Family: Api

  • Category: Identity provider

  • Company: MuleSoft

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: True

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 0.67

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions: []  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: true  ban_markup: false- type: ContentWhitelistPreValidator  patterns:  - anypoint

Examples#

- text: |    <anypoint.platform.client_id>421c48999fba7ee2b6a7e8dec374a945</anypoint.platform.clientid>    <anypoint.platform.client_secret>d5D06e8f5c0a6c26eDE090a369ADDFeb</anypoint.platform.client_secret>  client_id: 421c48999fba7ee2b6a7e8dec374a945  client_secret: d5D06e8f5c0a6c26eDE090a369ADDFeb- text: <anypoint.platform.client_id>421c48999fba7ee2b6a7e8dec374a945</anypoint.platform.clientid> <anypoint.platform.client_secret>d5D06e8f5c0a6c26eDE090a369ADDFeb</anypoint.platform.client_secret>
  client_id: 421c48999fba7ee2b6a7e8dec374a945  client_secret: d5D06e8f5c0a6c26eDE090a369ADDFeb  filename: some_file.md