- Documentation: https://developer.okta.com/docs/guides/find-your-app-credentials/-/main/
- Summary: Okta is an identity and access management company, it provides cloud solutions that help companies manage and secure user authentication. Applications that use Okta for authentication can be set and associated to a user account, they are attributed a
client_secretto authenticate communications between the applications and Okta. This detector focuses on catching those keys.
- IPs allowlist: Sign on rules can be set for each application to restrict the zone from which user can connect and thus interact with Okta.
- Scopes: A variety of scopes can be associated to the application that is integrating with Okta, from the
Application/Okta API Scopestab.
A new client secret can be generated from the
Application/General tab of the dashboard. This automatically revokes the previous client secret.
Okta keeps logs of any actions or calls made with an application registered on the platform.
Category: Identity provider
High recall: True
Validity check available: False
Minimum number of matches: 2
Occurrences found for one million commits: 5.59
- type: ContentWhitelistPreValidator patterns: - 0oa
- text: > // Add Okta_Keys to your environment variables user.oauth.clientId=0oaq6dlebN0pmmO943l6 user.oauth.clientSecret=3Be9-tFiFMFm6kYdmPAsaUFTVx1K9_wp8lsje2mx client_id: "0oaq6dlebN0pmmO943l6" client_secret: "3Be9-tFiFMFm6kYdmPAsaUFTVx1K9_wp8lsje2mx" - text: > $(app) -i https://dev-123456.oktapreview.com -c 0oaq6dlebN0pmmO943l6 -x 3Be9-tFiFMFm6kYdmPAsaUFTVx1K9_wp8lsje2mx client_id: "0oaq6dlebN0pmmO943l6" client_secret: "3Be9-tFiFMFm6kYdmPAsaUFTVx1K9_wp8lsje2mx"