Skip to main content

PlanetScale Token

Description

General

  • Documentation: https://docs.planetscale.com/
  • Summary: PlanetScale is a MySQL compatible, serverless database platform. PlanetScale offers a CLI (pscale) and an API to programmatically manage the databases. This detector aims at catching the Service and OAuth tokens used to authenticate API calls.
  • IPs allowlist: This feature is not currently available.
  • Scopes: Service tokens are linked to a single organization and are given a limited set of permissions while OAuth tokens are linked to a user and can access every organization of the user with the same permissions as the user.

Revoke the secret

Service tokens can be deleted in the organization settings and OAuth tokens are revoked via the API or CLI. If the token was generated by pscale login, use the command pscale logout.

Check for suspicious activity

Detailed logs are accessible in the settings of users and organizations.

Details for Planetscale service token

  • Family: Api

  • Category: Data storage

  • Company: PlanetScale

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 3

  • Occurrences found for one million commits: 0.05

  • Prefixed: False

  • PreValidators:

- type: ContentWhitelistPreValidator
patterns:
- pscale_tkn_

Examples

- text: |
PLANETSCALE_TOKEN_NAME="khgf9jbsrx1l"
PLANETSCALE_TOKEN="pscale_tkn_m_ABffR3bVXQn83xueOUpYrJlA3V7DfnoTVaaSlHCyZ"
PLANETSCALE_ORG=gg-org
client_id: khgf9jbsrx1l
apikey: pscale_tkn_m_ABffR3bVXQn83xueOUpYrJlA3V7DfnoTVaaSlHCyZ
organization: gg-org

Details for Planetscale oauth token

  • Family: Api

  • Category: Data storage

  • Company: PlanetScale

  • High recall: True

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.04

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator
patterns:
- pscale_oauth_

Examples

- text: |
--- /dev/null
+++ b/.config/planetscale/access-token
@@ -0,0 +1 @@
+pscale_oauth_aB0gQfl4oz9_iIocifChjPuvEOS_ieaWTT6ChduCXYZ
apikey: pscale_oauth_aB0gQfl4oz9_iIocifChjPuvEOS_ieaWTT6ChduCXYZ

# Fat-fingered secret
- text: Xpscale_oauth_aB0gQfl4oz9_iIocifChjPuvEOS_ieaWTT6ChduCXYZ
apikey: pscale_oauth_aB0gQfl4oz9_iIocifChjPuvEOS_ieaWTT6ChduCXYZ

How can I help you ?