PagerDuty Authorization Token

Description

General

• Documentation: https://developer.pagerduty.com/api-reference/
• Summary: PagerDuty is a cloud company providing an incident response platform for IT departments. PagerDuty provides an API to programmatically interact with applications.
• IPs allowlist: This feature is not supported on the server side.
• Scopes: When creating an API Key, a read-only permission can be chosen. Otherwise, if the account has advanced permissions enabled, users can create personal REST API Keys with permissions restricted to those of the user.

Revoke the secret

API Keys can be disabled or deleted from the PagerDuty developer dashboard.

Check for suspicious activity

In the PagerDuty dashboard, the date and time of the last API call for each key is displayed, allowing to detect some abnormal behaviours.

Details for Pagerduty api key

• Family: Api

• Category: Monitoring

• Company: PagerDuty

• High recall: False

• Validity check available: True

• On-premise instances exist: False

• Only valid secrets raise an alert: True

• Minimum number of matches: 1

• Occurrences found for one million commits: 0.04

• Prefixed: False

• PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions:
    - ^lock$
    - ^storyboard(c|er)?~?$
    - ^xib$
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: false
  ban_markup: false
- type: ContentWhitelistPreValidator
  patterns:
    - pager[_-]?duty

Examples

- text: |
    curl -H "Accept: application/vnd.pagerduty+json;version=2" \
    -H "Authorization: Token token=Vc9i8_jGmjuczWF3GXq3" -X GET \
    "https://api.pagerduty.com/incidents"
  apikey: Vc9i8_jGmjuczWF3GXq3