Anypoint Keys
Description
General
- Documentation: https://docs.mulesoft.com/api-manager/1.x/tutorials
- Summary: Anypoint is a platform used to connect and create APIs. This detector aims to detect
client_idandclient_secretused to connect to the APIs built with Anypoint. - IPs allowlist: This feature is not currently available.
- Scopes: Keys can have a custom access to APIs.
Revoke the secret
This can be done by the administrator through the Anypoint dashboard.
Check for suspicious activity
This feature is not currently available.
Details for Anypoint keys
Family: Api
Category: Identity provider
Company: MuleSoft
High recall: False
Validity check available: True
On-premise instances exist: True
Only valid secrets raise an alert: True
Minimum number of matches: 2
Occurrences found for one million commits: 0.67
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- anypoint
Examples
- text: |
<?xml version="1.0"?>
<cfg>
<anypoint.platform.client_id>421c48999fba7ee2b6a7e8dec374a945</anypoint.platform.clientid>
<anypoint.platform.client_secret>d5D06e8f5c0a6c26eDE090a369ADDFeb</anypoint.platform.client_secret>
</cfg>
client_id: 421c48999fba7ee2b6a7e8dec374a945
client_secret: d5D06e8f5c0a6c26eDE090a369ADDFeb
- text: '`<anypoint.platform.client_id>421c48999fba7ee2b6a7e8dec374a945</anypoint.platform.clientid> <anypoint.platform.client_secret>d5D06e8f5c0a6c26eDE090a369ADDFeb</anypoint.platform.client_secret>`'
client_id: 421c48999fba7ee2b6a7e8dec374a945
client_secret: d5D06e8f5c0a6c26eDE090a369ADDFeb
