GitLab Token
#
Description#
General- Documentation: https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html
- Summary: GitLab is an open-source code hosting website that provides issue tracking, continuous integration and deployment pipeline. This detector aims at detecting tokens used to programmatically act on behalf of a user.
- IPs allowlist: Allowlists are supported for self-managed installs.
- Scopes: A range of scopes can be set when creating an access token, more information in the scopes documentation.
#
Revoke the secretTokens can be revoked from the user's dashboard or programmatically.
#
Check for suspicious activityFor each personal token, GitLab displays the last used
date, under Settings and Access Tokens.
Gitlab token
#
Details for Family: Api
Category: Version control platform
Company: GitLab
High recall: False
Validity check available: False
Minimum number of matches: 1
Occurrences found for one million commits: 22.04
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: [] banlist_filenames: [] check_binaries: false include_default_banlist_extensions: true ban_markup: true- type: ContentWhitelistPreValidator patterns: - gitlab
#
Examples- text: | git+https://gitlab+deploy-token-4:jaiveyYredWX3wixerW-@git.alpha-beta.fr/some/project
apikey: jaiveyYredWX3wixerW-
- text: | +gitlab_config +set _SCRIPTDIR=%CD% +popd + +set _TOKEN=u_zx0envC23WEwvCzEKp
apikey: u_zx0envC23WEwvCzEKp
- text: | GitLab Runner + runnerRegistrationToken: "tQgCbx5UPy_ByM2FczhU" + # resources: + # limits: + # memory:
apikey: tQgCbx5UPy_ByM2FczhU
Gitlab personal token
#
Details for Family: Api
Category: Version control platform
Company: GitLab
High recall: False
Validity check available: True
On-premise instances exist: True
Only valid secrets raise an alert: True
Minimum number of matches: 1
Occurrences found for one million commits: 0.09
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: [] banlist_filenames: [] check_binaries: false include_default_banlist_extensions: true ban_markup: false- type: ContentWhitelistPreValidator patterns: - gitlab
#
Examples- text: | 'my gitlab token is set below. I want something that is not handled by the AssignmentRegexMatcher not to interfere with the gitlab_token detector "qZ3do4vK3MiSHbE29vAQ"' apikey: qZ3do4vK3MiSHbE29vAQ- text: | 'my gitlab token is set below. I want something that is not handled by the AssignmentRegexMatcher not to interfere with the gitlab_token detector "qZ3do4vK3MiSHbE29vAQ"'
apikey: qZ3do4vK3MiSHbE29vAQ filename: some_file.md
Gitlab personal token v2
#
Details for Family: Api
Category: Version control platform
Company: GitLab
High recall: True
Validity check available: True
On-premise instances exist: True
Only valid secrets raise an alert: False
Minimum number of matches: 1
Occurrences found for one million commits: 7.23
Prefixed: True
PreValidators:
- type: ContentWhitelistPreValidator patterns: - glpat-
#
Examples- text: | The prefixed gitlab personal token glpat-SNixgZ5e6NWeo1Wwga11 apikey: glpat-SNixgZ5e6NWeo1Wwga11