Mattermost Personal Token
Description
General
- Documentation: https://developers.mattermost.com/integrate/reference/personal-access-token/
- Summary: Mattermost is an open-source messaging app. Tokens allow users to interact with the app. By default only admin users can create personal tokens, so they have full access to the account including System Admin privileges (see doc. Leaking a Mattermost admin personal token is a highly critical incident.
Revoke the secret
Tokens can be revoked from the account setting or the system console. Token can also be temporarily deactivated.
Details for Mattermost Personal Token
-
Family: token
-
Category: messaging_system
-
Company: Mattermost
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: True
-
Minimum number of matches: 2
-
Occurrences found for one million commits: 0.13
-
Prefixed: False