Skip to main content

Xray Access Token

Description

General

  • Documentation: https://jfrog.com/help/r/xray-rest-apis/component-identifiers
  • Summary: Xray is a universal software composition analysis tool that helps developers identify vulnerabilities and license compliance issues in their software packages. This detector aims at detecting access tokens used to interact with Xray's REST API. These tokens allow users to scan artifacts, manage policies, and view vulnerability reports.

Revoke the secret

Access tokens can be revoked directly from the user profile or programmatically via the Xray REST API.

Details for Xray Access Token

  • Family: token

  • Category: package_registry

  • Company: JFrog

  • High recall: True

  • Validity check available: True

  • Analyzer available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 0.02

  • Prefixed: True

Secret Analyzer

Analysis Method

  • Provider allows scopes enumeration: True
  • Total network call count: 0
  • Total call count may vary: False

HTTP Calls

Requests are designed to capture metadata and not to function effectively. No HTTP calls for this analyzer.

Other Calls

Non-HTTP queries or HTTP calls made through a third-party app (e.g., Python package). No other calls for this analyzer.