Slack Configuration Refresh Token
Description
General
- Documentation: https://api.slack.com
- Summary: Slack is a business communication platform. Configuration tokens expire 12 hours after being generated. To continually rotate them, a refresh token is also provided. Using a refresh token will generate new configuration and refresh tokens.
- IPs allowlist: Slack's internal integrations support IPs allowlisting and will limit a token's usage to a given set of IP addresses if enforced. See allowlisting documentation for more details.
- Scopes: There is one refresh token per configuration token.
Revoke the secret
Tokens can be revoked in the Managing Configuration Tokens section of the Slack API docs, or by using the auth.revoke API route. See revocation documentation for more details.
Check for suspicious activity
Monitoring suspicious activity of a given token is not mentioned in Slack's documentation.
Details for Slack Configuration Refresh Token
-
Family: token
-
Category: messaging_system
-
Company: Slack
-
High recall: True
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 1
-
Occurrences found for one million commits: 0.43
-
Prefixed: True
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- xoxe-
Examples
- text: refresh_token1= "xoxe-1-My0xLTMxNzcwMjQ0MTcxMy01MTU4MTUyNjkxNzE0LTUxODE4NDI0MDY3MzYtMjA5MGFkOTFlZThkZWE2OGFlZDYwYWJjODNhYzAxYjA5ZjVmODBhYjgzN2QyNDdjOTNlOGY5NTg21111111111"
apikey: xoxe-1-My0xLTMxNzcwMjQ0MTcxMy01MTU4MTUyNjkxNzE0LTUxODE4NDI0MDY3MzYtMjA5MGFkOTFlZThkZWE2OGFlZDYwYWJjODNhYzAxYjA5ZjVmODBhYjgzN2QyNDdjOTNlOGY5NTg21111111111
# Fat-fingered secret
- text: Xxoxe-1-My0xLTMxNzcwMjQ0MTcxMy01MTU4MTUyNjkxNzE0LTUxODE4NDI0MDY3MzYtMjA5MGFkOTFlZThkZWE2OGFlZDYwYWJjODNhYzAxYjA5ZjVmODBhYjgzN2QyNDdjOTNlOGY5NTg21111111111
apikey: xoxe-1-My0xLTMxNzcwMjQ0MTcxMy01MTU4MTUyNjkxNzE0LTUxODE4NDI0MDY3MzYtMjA5MGFkOTFlZThkZWE2OGFlZDYwYWJjODNhYzAxYjA5ZjVmODBhYjgzN2QyNDdjOTNlOGY5NTg21111111111
