Algolia Keys
Description
General
- Documentation: https://www.algolia.com/doc/.
- Summary: This detector aim at catching Algolia API keys - admin keys, monitoring keys and keys with more restricted access.
- IPs allowlist: There is no IP allowlisting possible.
- Scopes: This key has all permissions.
Revoke the secret
- Key can be rotated in the Algolia website.
Check for suspicious activity
There is currently no method to verify the actions done with the key.
Details for Algolia custom permissions
Family: Api
Category: Data storage
Company: Algolia
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: True
Minimum number of matches: 2
Occurrences found for one million commits: 5.07
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- algolia
Examples
- text: |
algolia
clientid= 2D20AW43DA
clientsecret= 3c039c651368a6b0f7640dbda46bfadc
client_id: 2D20AW43DA
client_secret: 3c039c651368a6b0f7640dbda46bfadc
- text: algolia clientid= 2D20AW43DA clientsecret= 3c039c651368a6b0f7640dbda46bfadc
client_id: 2D20AW43DA
client_secret: 3c039c651368a6b0f7640dbda46bfadc
Details for Algolia monitoring
Family: Api
Category: Data storage
Company: Algolia
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: True
Minimum number of matches: 2
Occurrences found for one million commits: very rare
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- algolia
Examples
- text: |
const ALGOLIA_APP_ID = 'O209R1PN3N';
const ALGOLIA_MONITORING_KEY = '476aee33e12b4ef08e8f1ba9c4b638c0';
client_id: O209R1PN3N
client_secret: 476aee33e12b4ef08e8f1ba9c4b638c0
- text: const ALGOLIA_APP_ID = 'O209R1PN3N'; const ALGOLIA_MONITORING_KEY = '476aee33e12b4ef08e8f1ba9c4b638c0';
client_id: O209R1PN3N
client_secret: 476aee33e12b4ef08e8f1ba9c4b638c0
Details for Algolia admin
Family: Api
Category: Data storage
Company: Algolia
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: True
Minimum number of matches: 2
Occurrences found for one million commits: 6.87
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- algolia
Examples
- text: |
const ALGOLIA_APP_ID = 'OH2GRAP30N';
const ALGOLIA_ADMIN_KEY = 'b782df1739614041699a45f8079a3623';
const ALGOLIA_SEARCH_KEY = '46aee733e12b4f08ee8f1ba9c4bc6380';
client_id: OH2GRAP30N
client_secret: b782df1739614041699a45f8079a3623
- text: |
struct Algolia {
static let appId: String = "B2NW9U3W8F"
static let apiKeySearch: String = "d9ad5cd8c4a29789099c7521561228dc"
static let apiKeyAdmin: String = "4934242ed5979c45ed9fb3ec072429ea"
}
client_id: B2NW9U3W8F
client_secret: d9ad5cd8c4a29789099c7521561228dc
- text: const ALGOLIA_APP_ID = 'OH2GRAP30N'; const ALGOLIA_ADMIN_KEY = 'b782df1739614041699a45f8079a3623'; const ALGOLIA_SEARCH_KEY = '46aee733e12b4f08ee8f1ba9c4bc6380';
client_id: OH2GRAP30N
client_secret: b782df1739614041699a45f8079a3623
