DigitalOcean OAuth Application Token v1
Description
General
- Documentation: https://docs.digitalocean.com/reference/api/api-reference/
- Summary: DigitalOcean is a cloud infrastructure provider. The DigitalOcean API allows to manage machines and resources in a programmatic way using HTTP requests. All the features available in the control panel are also available via the API. OAuth apps can access users' authorized data using an OAuth2 access token.
- IPs allowlist: IP addresses can be added to an allowlist from the DigitalOcean dashboard in the
Networking/Firewallstab. - Scopes: Access token can have two scopes, "read" (grants read-only access to user account) and "read write" (grants read/write access to user account).
Revoke the secret
Each Oauth token can be deleted if necessary at https://cloud.digitalocean.com/account/api/tokens or by using the Revoke Token Flow API.
Check for suspicious activity
The DigitalOcean Dashboard provides a list of all actions (login, resource creation and deletion) that happened in the last 12 months. This can be accessed from the My Profile/Security section of the dashboard.
Details for Digitalocean oauth application token v1
Family: Api
Category: Cloud Provider
Company: DigitalOcean
High recall: True
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 1
Occurrences found for one million commits: 0.11
Prefixed: True
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- doo_v1_
Examples
- text: token=doo_v1_50cf6e6b617343bb267f1c7760ada3ccde476253d26ebd7fe855705cb26b401e
apikey: doo_v1_50cf6e6b617343bb267f1c7760ada3ccde476253d26ebd7fe855705cb26b401e
- text: doo_v1_50cf6e6b617343bb267f1c7760ada3ccde476253d26ebd7fe855705cb26b401e
apikey: doo_v1_50cf6e6b617343bb267f1c7760ada3ccde476253d26ebd7fe855705cb26b401e
# Fat-fingered secret
- text: ddoo_v1_50cf6e6b617343bb267f1c7760ada3ccde476253d26ebd7fe855705cb26b401e
apikey: doo_v1_50cf6e6b617343bb267f1c7760ada3ccde476253d26ebd7fe855705cb26b401e
