- Documentation: https://www.clockworksms.com/doc/
Clockwork SMSoffers a service to send and receive SMS from an application. They provide an API, and various wrapper to interact with it. The authentication method relies on an
API keythat needs to be attached to every call.
- IPs allowlist:
Clockwork SMSmentions IP allowlisting in their security documentation
- Scopes: Associating scopes to
API keyis not specified in the documentation.
#Revoke the secret
The procedure to revoke the
API key is not specified in the documentation.
#Check for suspicious activity
Checking for suspicious activity is not mentioned in the documentation.
Category: Messaging system
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: True
Minimum number of matches: 1
Occurrences found for one million commits: very rare
- type: FilenameBanlistPreValidator banlist_extensions:  banlist_filenames: - Godeps check_binaries: false include_default_banlist_extensions: true ban_markup: false- type: ContentWhitelistPreValidator patterns: - clockwork
- text: | clockwork api=3c3a8964368a3b10f8645dbde42abfbca980a2a3 apikey: 3c3a8964368a3b10f8645dbde42abfbca980a2a3- text: clockwork api=3c3a8964368a3b10f8645dbde42abfbca980a2a3 apikey: 3c3a8964368a3b10f8645dbde42abfbca980a2a3 filename: some_file.md