Octopus Deploy API Key
Description
General
- Documentation: https://octopus.com/docs/octopus-rest-api
- Summary: Octopus Deploy facilates release management and ensures that it is auditable and compliant. Every user has an API portal that they can access by providing a valid host/key pair. This detector is capable of catching the host/key pair.
- IPs allowlist: This feature is not currently available.
- Scopes: API keys creation process is described in this page. All keys have the same permissions.
Revoke the secret
The API key can be revoked via the "My API Keys" section of the user's profile, the same page on which keys are created.
Check for suspicious activity
Octopus Deploy provides continuous logging for its 'Octopus' and 'Tentacle' services. These logs can help identify suspicious activities.
Details for Octopus Deploy API Key
-
Family: token
-
Category: ci_cd
-
Company: Octopus Deploy
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 2
-
Occurrences found for one million commits: 0.08
-
Prefixed: False
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- api-
Examples
- text: |-
octopus_server: https://gg.octopus.app/
octopus_api_key: API-QVNQNEYQKWRCXWYK57PIOISUWYQ3MYU
host: https://gg.octopus.app
apikey: API-QVNQNEYQKWRCXWYK57PIOISUWYQ3MYU
