DigitalOcean Refresh Token v1
Description
General
- Documentation: https://docs.digitalocean.com/reference/api/api-reference/
- Summary: DigitalOcean is a cloud infrastructure provider. The DigitalOcean API allows to manage machines and resources in a programmatic way using HTTP requests. All the features available in the control panel are also available via the API. A token is given when a user authorizes an app. It expires after some time and can be renewed with the refresh token. This detector finds these latter refresh tokens.
- IPs allowlist: IP addresses can be added to an allowlist from the DigitalOcean dashboard in the
Networking/Firewallstab. - Scopes: Access token can have two scopes, "read" (grants read-only access to user account) and "read write" (grants read/write access to user account).
Revoke the secret
Each Oauth token can be deleted if necessary at https://cloud.digitalocean.com/account/api/tokens or by using the Revoke Token Flow API.
Check for suspicious activity
The DigitalOcean Dashboard provides a list of all actions (login, resource creation and deletion) that happened in the last 12 months. This can be accessed from the My Profile/Security section of the dashboard.
Details for Digitalocean refresh token v1
Family: Api
Category: Cloud Provider
Company: DigitalOcean
High recall: True
Validity check available: False
Minimum number of matches: 1
Occurrences found for one million commits: 0.11
Prefixed: True
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- dor_v1_
Examples
- text: token=dor_v1_9c61089d51700805399a9eff2d792c75b5b3f2f49d85f776082319d16324fc8a
apikey: dor_v1_9c61089d51700805399a9eff2d792c75b5b3f2f49d85f776082319d16324fc8a
- text: dor_v1_9c61089d51700805399a9eff2d792c75b5b3f2f49d85f776082319d16324fc8a
apikey: dor_v1_9c61089d51700805399a9eff2d792c75b5b3f2f49d85f776082319d16324fc8a
# Fat-fingered secret
- text: ddor_v1_9c61089d51700805399a9eff2d792c75b5b3f2f49d85f776082319d16324fc8a
apikey: dor_v1_9c61089d51700805399a9eff2d792c75b5b3f2f49d85f776082319d16324fc8a
