Skip to main content

Dropbox Key

Description#

General#

  • Documentation: https://www.dropbox.com/developers/documentation/http/overview
  • Summary: The Dropbox API enables third party developers to integrate with Dropbox. To make testing the application easier, developers can generate access tokens for their own account. This detector finds Dropbox API tokens.
  • IPs allowlist: To the best of our knowledge, this feature is not supported.
  • Scopes: Yes.

Revoke the secret#

Go to the application's Developer Console and create a new token with the Generate button in the Generated access token section.

Check for suspicious activity#

In the application's Developer Console, there are analytics.

Details for Dropbox token#

  • Category: Data storage

  • Company: Dropbox

  • High recall: True

  • Validity check available: True

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.14

  • Prefixed: True

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^(cs|x|p|s|r)?html5?~?$  - ^[aps]?cssc?~?$  - ^lock$  - ^mdx?~?$  - ^storyboard(c|er)?~?$  - ^xib$  banlist_filenames: []  check_binaries: false- type: ContentWhitelistPreValidator  patterns:  - aaaaaaa

Examples#

- text: >    apikey dropbox= bda46abfdcaAAAAAAA--3c0c3965368a6b10f7640dbda46abfd23a4d1c245ea1  apikey: bda46abfdcaAAAAAAA--3c0c3965368a6b10f7640dbda46abfd23a4d1c245ea1