Skip to main content

Mattermost Personal Token

Description

General

  • Documentation: https://developers.mattermost.com/integrate/reference/personal-access-token/
  • Summary: Mattermost is an open-source messaging app. Tokens allow users to interact with the app. By default only admin users can create personal tokens, so they have full access to the account including System Admin privileges (see doc. Leaking a Mattermost admin personal token is a highly critical incident.

Revoke the secret

Tokens can be revoked from the account setting or the system console. Token can also be temporarily deactivated.

Details for Mattermost Personal Token

  • Family: token

  • Category: messaging_system

  • Company: Mattermost

  • High recall: False

  • Validity check available: True

  • Analyzer available: False

  • On-premise instances exist: False

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 0.13

  • Prefixed: False

Last updated on

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status