RubyGems API Key
Description#
General#
- Documentation: https://guides.rubygems.org/rubygems-org-api/
- Summary: RubyGems is the Ruby package manager and hosting service. Its API can be used to interact programmatically with their services. Gem servers can also be self-hosted. This detector catches API keys for both RubyGems.org and self-hosted gem servers.
- IPs allowlist: This feature is not supported for RubyGems.org.
- Scopes: There are 7 scopes, see the RubyGem's documentation for more details.
Revoke the secret#
API keys can be revoked from the API keys page.
Check for suspicious activity#
No extensive logs are provided on RubyGems.org. Yet, the "last access" date is available and can give insights on suspicious activities.
Details for Rubygems saas apikey#
Family: Api
Category: Package registry
Company: RubyGems
High recall: True
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 1
Occurrences found for one million commits: 0.01
Prefixed: True
PreValidators:
- type: ContentWhitelistPreValidator patterns: - rubygems_
Examples#
- text: > $ curl -H 'Authorization: rubygems_123abc01a15f32b0be0103de4c9b3dcb3f2fea0fa8a84f23' \ https://rubygems.org/api/v1/gems.json apikey: rubygems_123abc01a15f32b0be0103de4c9b3dcb3f2fea0fa8a84f23- text: > ---- -:rubygems_api_key: rubygems_123abc01a15f32b0be0103de4c9b3dcb3f2fea0fa8a84f23 -:status: :ok apikey: rubygems_123abc01a15f32b0be0103de4c9b3dcb3f2fea0fa8a84f23
Details for Gemstash apikey#
Family: Api
Category: Package registry
Company: RubyGems
High recall: False
Validity check available: False
Minimum number of matches: 1
Occurrences found for one million commits: 0.05
Prefixed: False
PreValidators:
- type: ContentWhitelistPreValidator patterns: - gems
Examples#
- filename: credentials text: > :gemstash_key: e374e237fdf5fa5718d2a21bd63dc911 apikey: e374e237fdf5fa5718d2a21bd63dc911