Dropbox Access Token
Description
General
- Documentation: https://www.dropbox.com/developers/documentation/http/overview
- Summary: The Dropbox API enables third party developers to integrate with Dropbox. To make testing the application easier, developers can generate access tokens for their own account. This detector finds Dropbox API tokens.
- IPs allowlist: As of the time of writing this documentation, this feature is not yet supported.
- Scopes: Yes.
Revoke the secret
Go to the application's Developer Console and create a new token with the Generate button in the Generated access token section.
Check for suspicious activity
In the application's Developer Console, there are analytics.
Details for Dropbox token v2
-
Family: Api
-
Category: Data storage
-
Company: Dropbox
-
High recall: True
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 1
-
Occurrences found for one million commits: 1.64
-
Prefixed: True
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- sl\.
Examples
- text: |
apikey="sl.ByGF-oqQAmb-VRzuY0NqMBQwM_c07IByqIaSt6w5Ov2zbEUiPZRvKKnONDM2SdfMhnvvbkXiO7_RtDQ4Gud6pR6uouc7Zndar80hbFdhKrpNwTZCkSKcbbNWZ97jb_tQlTG29ijoBKIV"
apikey: sl.ByGF-oqQAmb-VRzuY0NqMBQwM_c07IByqIaSt6w5Ov2zbEUiPZRvKKnONDM2SdfMhnvvbkXiO7_RtDQ4Gud6pR6uouc7Zndar80hbFdhKrpNwTZCkSKcbbNWZ97jb_tQlTG29ijoBKIV
