Skip to main content

Salesforce Refresh Tokens

Description#

General#

  • Documentation: https://developer.salesforce.com/docs/
  • Summary: Salesforce provides customer relationship management services. Its APIs enable to add functionality with third party application. A token is given when a user authorizes an app. It expires after some time and can be renewed with the refresh token. This detector finds these latter refresh tokens.
  • IPs allowlist: As of the time of writing this documentation, this feature is not yet supported.
  • Scopes: Yes. Each APIs has its set of permissions.

Revoke the secret#

The user can revoke the credentials in the web application.

Check for suspicious activity#

As of the time of writing this documentation, this feature is not yet supported.

Details for Salesforce refresh tokens#

  • Family: Api

  • Category: CRM

  • Company: Salesforce

  • High recall: True

  • Validity check available: False

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 1.23

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator  patterns:  - 5aep861

Examples#

- text: |    String refresh_token = "5Aep861..zRMyCurAUqXuPX5uJN1Yk7ghc6h4Cv7m6IPMhhMvOivwnD7dLeOFes5eM6el.JJ5pgP4h3dTR0gnrn";    String access_token = "00D6F000002Tjy4!AQgAQK9zwJVvIAe2jK0Gd1SAhMTh0GCfrNk7QKAoSqjmlXwR71qctjLAyH.3ivQfVKespfPMdgfzFt6oSwKnfD0wxupZj6Bc";  refresh_token: 5Aep861..zRMyCurAUqXuPX5uJN1Yk7ghc6h4Cv7m6IPMhhMvOivwnD7dLeOFes5eM6el.JJ5pgP4h3dTR0gnrn  access_token: 00D6F000002Tjy4!AQgAQK9zwJVvIAe2jK0Gd1SAhMTh0GCfrNk7QKAoSqjmlXwR71qctjLAyH.3ivQfVKespfPMdgfzFt6oSwKnfD0wxupZj6Bc