Skip to main content

Fastly Personal Token

Description

General

  • Documentation: https://developer.fastly.com/reference/api/auth/
  • Summary: Fastly is a company providing cloud computing services such as CDN or load balancing. This detectors aims at catching tokens used to interact with an account.
  • IPs allowlist: This feature is not available.
  • Scopes: Multiple scopes are available such as restricting read/write access or grant access only to specific projects. More details can be found in the scopes documentation.

Revoke the secret

Tokens can be revoked from the user's dashboard or through the API.

Check for suspicious activity

It is possible to check last use of a token in the dashboard or through the API.

Details for Fastly Personal Token

  • Family: token

  • Category: cdn

  • Company: Fastly

  • High recall: False

  • Validity check available: True

  • Analyzer available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.02

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions:
    - ^lock$
    - ^storyboard(c|er)?~?$
    - ^xib$
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: false
  ban_markup: false
- type: ContentWhitelistPreValidator
  patterns:
    - fastly

Examples

- text: |
    fastly_apikey: 7TCVltde6-TNRSLzQQ5cEExSLi2JxS3G
  apikey: '7TCVltde6-TNRSLzQQ5cEExSLi2JxS3G'

Secret Analyzer

Analysis Method

  • Provider allows scopes enumeration: True
  • Total network call count: 1
  • Total call count may vary: False

HTTP Calls

Requests are designed to capture metadata and not to function effectively.

  • GET: /tokens/self

Other Calls

Non-HTTP queries or HTTP calls made through a third-party app (e.g., Python package). No other calls for this analyzer.

Last updated on

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status