Twitter Access Keys
Description
General
- Documentation: https://developer.twitter.com/en/docs/twitter-api
- Summary: Twitter is a social network on which user post and interact with messages known as "tweets". Twitter exposes an API to programmatically interact with the platform. To access the API, the developer must apply for a developer account and generate a set of
client_id
andclient_secret
from its developer dashboard. This set of credentials must be passed with each request. This detector focuses on catching these credentials. Alongside application credentials, user access tokens are frequently found. They are a second set of credentials granting access to a Twitter user account. They can be used to send tweets or direct messages in the name of this user.
Revoke the secret
Each App's credentials can be managed from the developer's dashboard.
Details for Twitter/X Access Keys
-
Family: credentials
-
Category: social_network
-
Company: Twitter
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 2
-
Occurrences found for one million commits: 8.92
-
Prefixed: False