Postman API Key
- Documentation: https://documenter.getpostman.com/view/631643/JsLs/#authentication
- Summary: Postman is a software that allows developers to build and test APIs. Access to online resources can be done through the API. This detectors aims at catching the API key used to access those resources.
- IPs allowlist: This feature is not currently available.
- Scopes: The API key has the same scope as the user who created it.
Revoke the secret
Keys can be revoked or temporarily deactivated from the API keys dashboard.
Check for suspicious activity
The last accessed date of a key can be inspected from the API keys dashboard.
Postman api key
Category: Messaging system
High recall: True
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 1
Occurrences found for one million commits: 2.85
- type: ContentWhitelistPreValidator
- text: |