Skip to main content

Auth0 Keys

Description

General

  • Documentation: https://auth0.com/docs/
  • Summary: Auth0 is a SaaS solution that adds authentication and authorization services to software applications. It allows users to sign up to only one application and be authenticated on multiple (also called Single Sign-On). This detector searches for application credentials. These credentials could give access to users information, including personally identifiable information.

Revoke the secret

This can be done from Auth0 dashboard.

Details for Auth0 Keys

  • Family: credentials

  • Category: identity_provider

  • Company: Auth0

  • High recall: False

  • Validity check available: True

  • Analyzer available: True

  • On-premise instances exist: True

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 3

  • Occurrences found for one million commits: 9.62

  • Prefixed: False

Secret Analyzer

Analysis Method

  • Provider allows scopes enumeration: False
  • Total network call count: 2
  • Total call count may vary: True

HTTP Calls

Requests are designed to capture metadata and not to function effectively.

  • POST: /oauth/token

Other Calls

Non-HTTP queries or HTTP calls made through a third-party app (e.g., Python package). No other calls for this analyzer.

Last updated on

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status