Skip to main content

Doppler API Key

Description#

General#

  • Documentation: https://docs.doppler.com/reference#api
  • Summary: Doppler is a secrets manager, it can be used to sync environment variable. The API can be used to access/create/edit secrets stored in Doppler.
  • IPs allowlist: Trusted IPs can be set up per environment with a Pro subscription.
  • Scopes: Personal and CLI tokens can both read and write in a workspace and service tokens are read-only in a single configuration.

Revoke the secret#

An API key can be rolled or revoked on the Doppler workspace dashboard, in the Tokens menu. Every secrets accessible with the leaked doppler token should also be revoked.

Check for suspicious activity#

The actions taken with a token can be audited in the workspace dashboard under Activity.

Details for Doppler apikey#

  • Category: Development tool

  • Company: Doppler

  • High recall: True

  • Validity check available: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.05

  • Prefixed: True

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^(cs|x|p|s|r)?html5?~?$  - ^[aps]?cssc?~?$  - ^lock$  - ^mdx?~?$  - ^storyboard(c|er)?~?$  - ^xib$  banlist_filenames: []  check_binaries: false- type: ContentWhitelistPreValidator  patterns:  - dp\.(pt|ct|scim|st\.)

Examples#

- text: |    curl -H 'api-key: dp.pt.zkxYYBKO2oztRQj72SOAA13PmVyTwI7AboM8bknx' 'https://api.doppler.com/v3/workplace'  apikey: dp.pt.zkxYYBKO2oztRQj72SOAA13PmVyTwI7AboM8bknx- text: |    "DOPPLER_SERVICE_TOKEN": { {input: "dp.st.dev.5iSgsylLUh1V8gWGbwbWbO8SHSxs3wkdkYAYE3kI"}, },  apikey: dp.st.dev.5iSgsylLUh1V8gWGbwbWbO8SHSxs3wkdkYAYE3kI- text: |    cli_token: dp.ct.Hz53zCklAAldpZywPRaXPaaYlABB1HOrKgtvyhGL  apikey: dp.ct.Hz53zCklAAldpZywPRaXPaaYlABB1HOrKgtvyhGL- text: |    Token SCIM := dp.scim.IcgO4od2ONhDCys8tELOouUK9RSDCevePjks0yom  apikey: dp.scim.IcgO4od2ONhDCys8tELOouUK9RSDCevePjks0yom