Skip to main content

Okta Token

Description#

General#

  • Documentation: https://developer.okta.com/docs/reference/api/users/
  • Summary: Okta is an identity and access management company, it provides cloud solutions that help companies manage and secure user authentication. The Okta User API provides operations to manage users in organizations. The API can be accessed using a token. This detector focuses on catching those tokens.
  • IPs allowlist: This feature is not supported in the free plan, but in premium plans, admins can set allowlists and banlists according to their needs from the security/network/add zone section.
  • Scopes: Various groups of users can be created, and users can also be assigned to applications. The API token inherits authorization from their user.

Revoke the secret#

An API token can be revoked from the API tab of the Okta dashboard. The authorization server that is attributed to the account can also be used to automatically rotate api keys.

Check for suspicious activity#

Okta keeps logs of any calls or actions made with a given API key.

Details for Okta token#

  • Category: Identity provider

  • Company: Okta

  • High recall: False

  • Validity check available: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 1.67

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^lock$  - ^storyboard(c|er)?~?$  - ^xib$  - ipynb  banlist_filenames: []  check_binaries: false- type: ContentWhitelistPreValidator  patterns:  - okta- type: ContentWhitelistPreValidator  patterns:  - '00'

Examples#

- text: >    // Add Okta_TOKEN GENERATED    string token = "00iqSYKIphXdpEWH5WDH7JwOkw7RXeIw31lMCMTvO7";//EnvironmentVariable("NETLIFY_TOKEN");  apikey: 00iqSYKIphXdpEWH5WDH7JwOkw7RXeIw31lMCMTvO7
- text: >    +00iqSYKIphXdpEWH5WDH7JwOkw7RXeIw31lMCMTvO7";//EnvironmentVariable("NETLIFY_TOKEN");    // Add Okta_TOKEN GENERATED  apikey: 00iqSYKIphXdpEWH5WDH7JwOkw7RXeIw31lMCMTvO7