Google API Key
#
Description#
General- Documentation: https://cloud.google.com/docs/authentication/api-keys
- Summary: Google API key is used to authenticate requests to any Google API (such as Maps for instance). Although these API keys don't give access to personal or sensitive data, exposing them can result in quota theft and unauthorized usage.
- IPs allowlist: Some limitations can be added to each API key. See documentation for more details.
- Scopes: Scopes can be finely configured for each API key. See documentation for more details.
#
Revoke the secretExisting keys can be managed from the console.
#
Check for suspicious activityAPI key usage in the past 30 days can be monitored from the Google console.
Googleaiza
#
Details for Family: Api
Category: Cloud Provider
Company: Google
High recall: True
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 1
Occurrences found for one million commits: 1176.9
Prefixed: True
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: - ^(cs|x|p|s|r)?html5?~?$ banlist_filenames: - google-services - googleservice-info check_binaries: false include_default_banlist_extensions: false ban_markup: false- type: ContentWhitelistPreValidator patterns: - aiza
#
Examples- text: | key = AIzaSy0c3965368a6b10f7640dbda46abfdca98 apikey: AIzaSy0c3965368a6b10f7640dbda46abfdca98
- text: | googleMapsKey = AIzaSy0c3965368a6b10f7640dbda46abfdca98 request(coords, googleMapsKey) # some really interesting stuff about code and stuff and code firebaseConfig apikey: AIzaSy0c3965368a6b10f7640dbda46abfdca98