Twitch User App Credentials
Description
General
- Documentation: https://dev.twitch.tv/docs/api/
- Summary: Twitch is a video live streaming platform focusing on video game live streaming. Twitch provides a REST API to interact with various services on the platform: videos, leaderboards, chats, analytics... This detector focuses on detecting a couple
client_idand API token. The API token is issued using an application credentials, it is the token used to perform the actual API calls. It has a lifetime limited to 60 days. - IPs allowlist: Some part of the API require being allowlisted by the platform to consume data.
- Scopes: An API token can have various scopes. See this documentation for more details.
Revoke the secret
An API token can be revoked using the API. See this documentation for more details.
Check for suspicious activity
As of the time of writing this documentation, this feature is not yet supported.
Details for Twitch User App Credentials
-
Family: credentials
-
Category: other
-
Company: Twitch
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 2
-
Occurrences found for one million commits: 0.14
-
Prefixed: False
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- twitch
Examples
- text: |
"TWITCH_ID": "exxxhp00halu8nm0ggs3m0uejmnwlp",
"TWITCH_TOKEN": "lxx03s2vel8ggi6yhgxj6ggg85x2ve"
client_id: exxxhp00halu8nm0ggs3m0uejmnwlp
client_secret: lxx03s2vel8ggi6yhgxj6ggg85x2ve
