DigitalOcean Token
Description
General
- Documentation: https://docs.digitalocean.com/reference/api/api-reference/
- Summary: Digital Ocean is a cloud infrastructure provider. The Digital Ocean API allows to manage machines and resources in a programmatic way using HTTP requests. All the features available in the control panel are also available via the API. An OAuth token is used to authenticate with the API.
- IPs allowlist: IP addresses can be added to an allowlist from the Digital Ocean dashboard in the
Networking/Firewallstab. - Scopes: Each token gives full access to the corresponding Digital Ocean account. It is possible to access and modify all the cloud resources with this token so leaking a DigitalOcean token is an extremely serious security incident.
Revoke the secret
Each Oauth token can be deleted if necessary.
Check for suspicious activity
The Digital Ocean Dashboard provides a list of all actions (login, resource creation and deletion) that happened in the last 12 months. This can be accessed from the My Profile/Security section of the dashboard.
Details for DigitalOcean Token
-
Family: token
-
Category: cloud_provider
-
Company: DigitalOcean
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: True
-
Minimum number of matches: 1
-
Occurrences found for one million commits: 0.06
-
Prefixed: False
-
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- do[-_](token|key|pat)
- digital[-_ ]?ocean
Examples
- text: knife[:digital_ocean_access_token] = '710550c7dad844f89c9414db7556e74f3faedf9f5228ab2099c67fa1f2a61f66'
apikey: 710550c7dad844f89c9414db7556e74f3faedf9f5228ab2099c67fa1f2a61f66
- text: self.digital_ocean_handle.input_access_token("a1a7c625c612c3d9a07300b1396fff2ff129342c63d4516b3101fdb61b1f2a48")
apikey: a1a7c625c612c3d9a07300b1396fff2ff129342c63d4516b3101fdb61b1f2a48
- text: "be able to edit the file and set the values. The file should look something like this:\n\n ---\n vault_do_token: 245b743ede8d627b2e7dfbecc7a94711063b6c24ecd65a38f039a24f407bff54\n"
apikey: 245b743ede8d627b2e7dfbecc7a94711063b6c24ecd65a38f039a24f407bff54
- text: '#define DIGITALOCEAN_CLIENT_SECRET @"245b743ede8d627b2e7dfbecc7a94711063b6c24ecd65a38f039a24f407bff54"'
apikey: 245b743ede8d627b2e7dfbecc7a94711063b6c24ecd65a38f039a24f407bff54
- text: public $tokenDigitalOcean="6b7ebde6030ce371cafc2266c5450c219d93851d7c12561cf6815440c2e3cb19";
apikey: 6b7ebde6030ce371cafc2266c5450c219d93851d7c12561cf6815440c2e3cb19
- text: "Bruk denne do_token-en: ea2543dade39ff6f913510cb763ff989f701e668e5ee2a202eee508bb6a80020\n"
apikey: ea2543dade39ff6f913510cb763ff989f701e668e5ee2a202eee508bb6a80020
- text: knife[:digital_ocean_access_token] = '710550c7dad844f89c9414db7556e74f3faedf9f5228ab2099c67fa1f2a61f66'
apikey: 710550c7dad844f89c9414db7556e74f3faedf9f5228ab2099c67fa1f2a61f66
