Skip to main content

DigitalOcean Refresh Token v1

Description#

General#

  • Documentation: https://docs.digitalocean.com/reference/api/api-reference/
  • Summary: DigitalOcean is a cloud infrastructure provider. The DigitalOcean API allows to manage machines and resources in a programmatic way using HTTP requests. All the features available in the control panel are also available via the API. A token is given when a user authorizes an app. It expires after some time and can be renewed with the refresh token. This detector finds these latter refresh tokens.
  • IPs allowlist: IP addresses can be added to an allowlist from the DigitalOcean dashboard in the Networking/Firewalls tab.
  • Scopes: Access token can have two scopes, "read" (grants read-only access to user account) and "read write" (grants read/write access to user account).

Revoke the secret#

Each Oauth token can be deleted if necessary at https://cloud.digitalocean.com/account/api/tokens or by using the Revoke Token Flow API.

Check for suspicious activity#

The DigitalOcean Dashboard provides a list of all actions (login, resource creation and deletion) that happened in the last 12 months. This can be accessed from the My Profile/Security section of the dashboard.

Details for Digitalocean refresh token v1#

  • Family: Api

  • Category: Cloud Provider

  • Company: DigitalOcean

  • High recall: True

  • Validity check available: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: very rare

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator  patterns:  - dor_v1_

Examples#

- text: token=dor_v1_9c61089d51700805399a9eff2d792c75b5b3f2f49d85f776082319d16324fc8a  apikey: dor_v1_9c61089d51700805399a9eff2d792c75b5b3f2f49d85f776082319d16324fc8a- text: dor_v1_9c61089d51700805399a9eff2d792c75b5b3f2f49d85f776082319d16324fc8a  apikey: dor_v1_9c61089d51700805399a9eff2d792c75b5b3f2f49d85f776082319d16324fc8a