Sourcegraph User Gateway Access Token

Description

General

• Documentation: https://docs.sourcegraph.com/api
• Summary: Sourcegraph is a platform that facilitates code reading, writing, and fixing. Some functionalities are powered by AI such as their coding assistant Cody. Two APIs are exposed, GraphQL and Stream. This detector aims at finding backend tokens used to grant sourcegraph.com users access to Cody.
• IPs allowlist: This feature is not supported.
• Scopes: All keys have the same permissions.

Revoke the secret

Secrets can be revoked from the platform user account.

Check for suspicious activity

This feature is not supported.

Details for Sourcegraph user gateway access token

• Family: Api

• Category: Code analysis

• Company: Sourcegraph

• High recall: True

• Validity check available: False

• Minimum number of matches: 1

• Occurrences found for one million commits: 0.275

• Prefixed: True

• PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - sgd_

Examples

- text: sgd_ccc0008e23e123456f08cd15e9be20e69b1234c2dff701b81d16250a4a861f66
  apikey: sgd_ccc0008e23e123456f08cd15e9be20e69b1234c2dff701b81d16250a4a861f66

# Fat-fingered secret
- text: Xsgd_ccc0008e23e123456f08cd15e9be20e69b1234c2dff701b81d16250a4a861f66
  apikey: sgd_ccc0008e23e123456f08cd15e9be20e69b1234c2dff701b81d16250a4a861f66