Skip to main content

Discord Bot Token



  • Documentation:

  • Summary: Discord is an instant messaging and VoIP application. Bots can read and send text messages, join VoIP discussions and manage servers via its API. A token is needed for authentication. This detector finds them.

  • IPs allowlist: As of the time of writing this documentation, this feature is not yet supported.

  • Scopes: A bot can have no permissions or it can be the administrator of a discord server. See the documentation.

Revoke the secret#

A token can be regenerated from the developer portal.

Check for suspicious activity#

Audit Log are accessible in each Discord server settings. Review of the logs of every Discord server accessible by the bot is important.

Details for Discord bot token#

  • Family: Api

  • Category: Messaging system

  • Company: Discord

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.46

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions: []  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: true  ban_markup: false- type: ContentWhitelistPreValidator  patterns:  - '[m-z][a-z0-9_-]{23}\.[a-z0-9_-]{6}\.[a-z0-9_-]{27}'


- text: |'MZ1yGvKTjE0rY0cV8i47CjAa.uRHQPq.Xb1Mk2nEhe-4iUcrGOuegj57zMC')  apikey: MZ1yGvKTjE0rY0cV8i47CjAa.uRHQPq.Xb1Mk2nEhe-4iUcrGOuegj57zMC- text: |    "token": "Nzk5MjgxNDk0NDc2NDU1OTg3.YABS5g.2lmzECVlZv3vv6miVnUaKPQi2wI",  apikey: Nzk5MjgxNDk0NDc2NDU1OTg3.YABS5g.2lmzECVlZv3vv6miVnUaKPQi2wI- text:'MZ1yGvKTjE0rY0cV8i47CjAa.uRHQPq.Xb1Mk2nEhe-4iUcrGOuegj57zMC')
  apikey: MZ1yGvKTjE0rY0cV8i47CjAa.uRHQPq.Xb1Mk2nEhe-4iUcrGOuegj57zMC