Skip to main content

Okta Keys

Description#

General#

  • Documentation: https://developer.okta.com/docs/guides/add-an-external-idp/saml2/register-app-in-okta/
  • Summary: Okta is an identity and access management company, it provides cloud solutions that help companies manage and secure user authentication. Applications that use Okta for authentication can be set and associated to a user account, they are attributed a client_id and a client_secret to authenticate communications between the applications and Okta. This detector focuses on catching those keys.
  • IPs allowlist: Sign on rules can be set for each application to restrict the zone from which user can connect and thus interact with Okta.
  • Scopes: A variety of scopes can be associated to the application that is integrating with Okta, from the Application/Okta API Scopes tab.

Revoke the secret#

A new client secret can be generated from the Application/General tab of the dashboard. This automatically revokes the previous client secret.

Check for suspicious activity#

Okta keeps logs of any actions or calls made with an application registered on the platform.

Details for Okta keys#

  • Category: Identity provider

  • Company: Okta

  • High recall: True

  • Validity check available: False

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 5.59

  • Prefixed: True

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - css  - html  - lock  - md  - storyboard  - xib  banlist_filenames: []  check_binaries: false- type: ContentWhitelistPreValidator  patterns:  - 0oa

Examples#

- text: >    // Add Okta_Keys to your enviornment variables    user.oauth.clientId=0oaq6dlebN0pmmO943l6    user.oauth.clientSecret=3Be9-tFiFMFm6kYdmPAsaUFTVx1K9_wp8lsje2mx  client_id: "0oaq6dlebN0pmmO943l6"  client_secret: "3Be9-tFiFMFm6kYdmPAsaUFTVx1K9_wp8lsje2mx"
- text: >    $(app) -i https://dev-123456.oktapreview.com -c 0oaq6dlebN0pmmO943l6 -x 3Be9-tFiFMFm6kYdmPAsaUFTVx1K9_wp8lsje2mx  client_id: "0oaq6dlebN0pmmO943l6"  client_secret: "3Be9-tFiFMFm6kYdmPAsaUFTVx1K9_wp8lsje2mx"