Doppler API Key
Description
General
- Documentation: https://docs.doppler.com/reference#api
- Summary: Doppler is a secrets manager, it can be used to sync environment variable. The API can be used to access/create/edit secrets stored in Doppler.
- IPs allowlist: Trusted IPs can be set up per environment with a Pro subscription.
- Scopes: Personal and CLI tokens can both read and write in a workspace and service tokens are read-only in a single configuration.
Revoke the secret
An API key can be rolled or revoked on the Doppler workspace dashboard, in the Tokens menu. Every secrets accessible with the leaked doppler token should also be revoked.
Check for suspicious activity
The actions taken with a token can be audited in the workspace dashboard under Activity.
Details for Doppler API Key
-
Family: token
-
Category: secret_management
-
Company: Doppler
-
High recall: True
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: True
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 1
-
Occurrences found for one million commits: 0.05
-
Prefixed: True
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- dp\.(pt|ct|scim|st\.)
Examples
- text: |
curl -H 'api-key: dp.pt.zkxYYBKO2oztRQj72SOAA13PmVyTwI7AboM8bknx' 'https://api.doppler.com/v3/workplace'
apikey: dp.pt.zkxYYBKO2oztRQj72SOAA13PmVyTwI7AboM8bknx
- text: |
"DOPPLER_SERVICE_TOKEN": { {input: "dp.st.dev.5iSgsylLUh1V8gWGbwbWbO8SHSxs3wkdkYAYE3kI"}, },
apikey: dp.st.dev.5iSgsylLUh1V8gWGbwbWbO8SHSxs3wkdkYAYE3kI
- text: |
cli_token: dp.ct.Hz53zCklAAldpZywPRaXPaaYlABB1HOrKgtvyhGL
apikey: dp.ct.Hz53zCklAAldpZywPRaXPaaYlABB1HOrKgtvyhGL
- text: |
Token SCIM := dp.scim.IcgO4od2ONhDCys8tELOouUK9RSDCevePjks0yom
apikey: dp.scim.IcgO4od2ONhDCys8tELOouUK9RSDCevePjks0yom
