Anypoint Keys
Description
General
- Documentation: https://docs.mulesoft.com/api-manager/1.x/tutorials
- Summary: Anypoint is a platform used to connect and create APIs. This detector aims to detect
client_idandclient_secretused to connect to the APIs built with Anypoint. - IPs allowlist: This feature is not currently available.
- Scopes: Keys can have a custom access to APIs.
Revoke the secret
This can be done by the administrator through the Anypoint dashboard.
Check for suspicious activity
This feature is not currently available.
Details for Anypoint keys
-
Family: Api
-
Category: Identity provider
-
Company: MuleSoft
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: True
-
Only valid secrets raise an alert: True
-
Minimum number of matches: 2
-
Occurrences found for one million commits: 0.67
-
Prefixed: False
-
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- anypoint
Examples
- text: |
<?xml version="1.0"?>
<cfg>
<anypoint.platform.client_id>421c48999fba7ee2b6a7e8dec374a945</anypoint.platform.clientid>
<anypoint.platform.client_secret>d5D06e8f5c0a6c26eDE090a369ADDFeb</anypoint.platform.client_secret>
</cfg>
client_id: 421c48999fba7ee2b6a7e8dec374a945
client_secret: d5D06e8f5c0a6c26eDE090a369ADDFeb
- text: '`<anypoint.platform.client_id>421c48999fba7ee2b6a7e8dec374a945</anypoint.platform.clientid> <anypoint.platform.client_secret>d5D06e8f5c0a6c26eDE090a369ADDFeb</anypoint.platform.client_secret>`'
client_id: 421c48999fba7ee2b6a7e8dec374a945
client_secret: d5D06e8f5c0a6c26eDE090a369ADDFeb
