Okta Token
#
Description#
General- Documentation: https://developer.okta.com/docs/guides/create-an-api-token/main/
- Summary: Okta is an identity and access management company, it provides cloud solutions that help companies manage and secure user authentication. This detector focuses on catching API tokens used to authenticate requests to Okta APIs.
- IPs allowlist: This feature is not supported in the free plan, but in premium plans, admins can set allowlists and banlists according to their needs from the
security/network/add zone
section. - Scopes: Various groups of users can be created, and users can also be assigned to applications. The API token inherits authorization from their user.
#
Revoke the secretAn API token can be revoked from the API tab of the Okta dashboard. The authorization server that is attributed to the account can also be used to automatically rotate API keys.
#
Check for suspicious activityOkta keeps logs of any calls or actions made with a given API key.
Okta token
#
Details for Family: Api
Category: Identity provider
Company: Okta
High recall: False
Validity check available: False
Minimum number of matches: 1
Occurrences found for one million commits: 4.04
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: - ^lock$ - ^storyboard(c|er)?~?$ - ^xib$ - ipynb banlist_filenames: [] check_binaries: false include_default_banlist_extensions: false ban_markup: false- type: ContentWhitelistPreValidator patterns: - okta- type: ContentWhitelistPreValidator patterns: - '00'
#
Examples- text: | // Add Okta_TOKEN GENERATED string token = "00iqMOKIplUddEWA5WEM4YwOkw7RXeGw31lFCMTvZ2"; apikey: 00iqMOKIplUddEWA5WEM4YwOkw7RXeGw31lFCMTvZ2
- text: | // Add Okta_TOKEN GENERATED +00iqMOKIplUddEWA5WEM4YwOkw7RXeGw31lFCMTvZ2"; apikey: 00iqMOKIplUddEWA5WEM4YwOkw7RXeGw31lFCMTvZ2