Skip to main content
__wf_reserved_inherit

LaunchDarkly Personal Token

Description

General

  • Documentation: https://apidocs.launchdarkly.com/reference
  • Summary: LaunchDarkly offers a SaaS to manage feature flags in the lifecycle of a project. Users can interact with their workspace via a REST API. This detector aims at catching personal access tokens used to authenticate to this API.
  • IPs allowlist: This feature is not mentioned in the API documentation.
  • Scopes: Personal access token can have three types of role: reader, writer or admin.

Revoke the secret

To revoke the API key, go to the authorization section of the concerned account settings.

Check for suspicious activity

The last usage date is displayed in the same authorization section.

Details for Launch darkly personal token

  • Family: Api

  • Category: CI/CD

  • Company: LaunchDarkly

  • High recall: True

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.08

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - api-

Examples

- text: |
    "key": "LD-Key
    "value": "api-44404887-8a6d-426e-9e81-27b1f6222222"
  apikey: api-44404887-8a6d-426e-9e81-27b1f6222222
__wf_reserved_inherit__wf_reserved_inherit

Something we didn’t cover?

__wf_reserved_inherit

See our Roadmap

__wf_reserved_inherit

Subscribe on GitHub

__wf_reserved_inherit

Submit a request

__wf_reserved_inherit

API status