Fastly Personal Token
Description
General
- Documentation: https://developer.fastly.com/reference/api/auth/
- Summary: Fastly is a company providing cloud computing services such as CDN or load balancing. This detectors aims at catching tokens used to interact with an account.
- IPs allowlist: This feature is not available.
- Scopes: Multiple scopes are available such as restricting read/write access or grant access only to specific projects. More details can be found in the scopes documentation.
Revoke the secret
Tokens can be revoked from the user's dashboard or through the API.
Check for suspicious activity
It is possible to check last use of a token in the dashboard or through the API.
Details for Fastly personal token
-
Family: token
-
Category: cdn
-
Company: Fastly
-
High recall: False
-
Validity check available: True
-
Analyzer available: True
-
On-premise instances exist: False
-
Only valid secrets raise an alert: True
-
Minimum number of matches: 1
-
Occurrences found for one million commits: 0.02
-
Prefixed: False
-
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions:
- ^lock$
- ^storyboard(c|er)?~?$
- ^xib$
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: false
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- fastly
Examples
- text: |
fastly_apikey: 7TCVltde6-TNRSLzQQ5cEExSLi2JxS3G
apikey: '7TCVltde6-TNRSLzQQ5cEExSLi2JxS3G'
Secret Analyzer
Analysis Method
- Provider allows scopes enumeration: True
- Total network call count: 1
- Total call count may vary: False
HTTP Calls
Requests are designed to capture metadata and not to function effectively.
- GET: /tokens/self
Other Calls
No other calls for this analyzer.