RubyGems API Key
Description
General
- Documentation: https://guides.rubygems.org/rubygems-org-api/
- Summary: RubyGems is the Ruby package manager and hosting service. Its API can be used to interact programmatically with their services. Gem servers can also be self-hosted. This detector catches API keys for both RubyGems.org and self-hosted gem servers.
- IPs allowlist: This feature is not supported for RubyGems.org.
- Scopes: There are 7 scopes, see the RubyGem's documentation for more details.
Revoke the secret
API keys can be revoked from the API keys page.
Check for suspicious activity
No extensive logs are provided on RubyGems.org. Yet, the "last access" date is available and can give insights on suspicious activities.
Details for Rubygems saas apikey
Family: Api
Category: Package registry
Company: RubyGems
High recall: True
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 1
Occurrences found for one million commits: 0.01
Prefixed: True
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- rubygems_
Examples
- text: |
$ curl -H 'Authorization: rubygems_123abc01a15f32b0be0103de4c9b3dcb3f2fea0fa8a84f23' \
https://rubygems.org/api/v1/gems.json
apikey: rubygems_123abc01a15f32b0be0103de4c9b3dcb3f2fea0fa8a84f23
- text: |
----
-:rubygems_api_key: rubygems_123abc01a15f32b0be0103de4c9b3dcb3f2fea0fa8a84f23
-:status: :ok
apikey: rubygems_123abc01a15f32b0be0103de4c9b3dcb3f2fea0fa8a84f23
Details for Gemstash apikey
Family: Api
Category: Package registry
Company: RubyGems
High recall: False
Validity check available: False
Minimum number of matches: 1
Occurrences found for one million commits: 0.05
Prefixed: False
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- gems
Examples
- filename: credentials
text: |
:gemstash_key: e374b232fbf5db4718d9a21fd63bc410
apikey: e374b232fbf5db4718d9a21fd63bc410
Was this page helpful?
