Skip to main content

DigitalOcean Token

Description#

General#

  • Documentation: https://docs.digitalocean.com/reference/api/api-reference/
  • Summary: Digital Ocean is a cloud infrastructure provider. The Digital Ocean API allows to manage machines and resources in a programmatic way using HTTP requests. All the features available in the control panel are also available via the API. An OAuth token is used to authenticate with the API.
  • IPs allowlist: IP addresses can be added to an allowlist from the Digital Ocean dashboard in the Networking/Firewalls tab.
  • Scopes: Each token gives full access to the corresponding Digital Ocean account. It is possible to access and modify all the cloud resources with this token so leaking a DigitalOcean token is an extremely serious security incident.

Revoke the secret#

Each Oauth token can be deleted if necessary.

Check for suspicious activity#

The Digital Ocean Dashboard provides a list of all actions (login, resource creation and deletion) that happened in the last 12 months. This can be accessed from the My Profile/Security section of the dashboard.

Details for Digitalocean token#

  • Family: Api

  • Category: Cloud Provider

  • Company: DigitalOcean

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.3

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions: []  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: true  ban_markup: false- type: ContentWhitelistPreValidator  patterns:  - do[-_](token|key|pat)  - digital[-_ ]?ocean

Examples#

- text: knife[:digital_ocean_access_token]  = '710550c7dad844f89c9414db7556e74f3faedf9f5228ab2099c67fa1f2a61f66'  apikey: 710550c7dad844f89c9414db7556e74f3faedf9f5228ab2099c67fa1f2a61f66- text: self.digital_ocean_handle.input_access_token("a1a7c625c612c3d9a07300b1396fff2ff129342c63d4516b3101fdb61b1f2a48")  apikey: a1a7c625c612c3d9a07300b1396fff2ff129342c63d4516b3101fdb61b1f2a48- text: "be able to edit the file and set the values. The file should look something like this:\n\n    ---\n vault_do_token: 245b743ede8d627b2e7dfbecc7a94711063b6c24ecd65a38f039a24f407bff54\n"  apikey: 245b743ede8d627b2e7dfbecc7a94711063b6c24ecd65a38f039a24f407bff54- text: '#define DIGITALOCEAN_CLIENT_SECRET @"245b743ede8d627b2e7dfbecc7a94711063b6c24ecd65a38f039a24f407bff54"'  apikey: 245b743ede8d627b2e7dfbecc7a94711063b6c24ecd65a38f039a24f407bff54- text: public $tokenDigitalOcean="6b7ebde6030ce371cafc2266c5450c219d93851d7c12561cf6815440c2e3cb19";  apikey: 6b7ebde6030ce371cafc2266c5450c219d93851d7c12561cf6815440c2e3cb19- text: "Bruk denne do_token-en: ea2543dade39ff6f913510cb763ff989f701e668e5ee2a202eee508bb6a80020\n"  apikey: ea2543dade39ff6f913510cb763ff989f701e668e5ee2a202eee508bb6a80020- text: knife[:digital_ocean_access_token]  = '710550c7dad844f89c9414db7556e74f3faedf9f5228ab2099c67fa1f2a61f66'  apikey: 710550c7dad844f89c9414db7556e74f3faedf9f5228ab2099c67fa1f2a61f66  filename: some_file.md