Skip to main content

DigitalOcean Personal Access Token v1



  • Documentation:
  • Summary: DigitalOcean is a cloud infrastructure provider. The DigitalOcean API allows to manage machines and resources in a programmatic way using HTTP requests. All the features available in the control panel are also available via the API. A Personal Access Token is used like ordinary OAuth access tokens. It is used to authenticate with the API.
  • IPs allowlist: IP addresses can be added to an allowlist from the DigitalOcean dashboard in the Networking/Firewalls tab.
  • Scopes: Access token can have two scopes, "read" (grants read-only access to user account) and "read write" (grants read/write access to user account).

Revoke the secret#

Each Oauth token can be deleted if necessary at or by using the Revoke Token Flow API.

Check for suspicious activity#

The DigitalOcean Dashboard provides a list of all actions (login, resource creation and deletion) that happened in the last 12 months. This can be accessed from the My Profile/Security section of the dashboard.

Details for Digitalocean personal token v1#

  • Family: Api

  • Category: Cloud Provider

  • Company: DigitalOcean

  • High recall: True

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 4.9

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator  patterns:  - dop_v1_


- text: token=dop_v1_fbc6b13d4d3a05d70e2ce78f284acc9a91bfe157acde781304adc25aafa5d605  apikey: dop_v1_fbc6b13d4d3a05d70e2ce78f284acc9a91bfe157acde781304adc25aafa5d605- text: dop_v1_fbc6b13d4d3a05d70e2ce78f284acc9a91bfe157acde781304adc25aafa5d605  apikey: dop_v1_fbc6b13d4d3a05d70e2ce78f284acc9a91bfe157acde781304adc25aafa5d605