feat(dockerhub): add Organization Access Token pattern

Signed-off-by: Luke Young <bored-engineer@users.noreply.github.com>
2026-01-30 16:11:44 -08:00 · 2026-01-30 16:11:44 -08:00 · 5b2b81ed7e
commit 5b2b81ed7e
parent 2bf9e54ad9
1 changed files with 35 additions and 4 deletions
--- a/data/rules/dockerhub.yml
+++ b/data/rules/dockerhub.yml
@ -2,12 +2,12 @@ rules:
  - name: Docker Hub Personal Access Token
    id: kingfisher.dockerhub.1
    pattern: |
-      (?xi)
+      (?x)
      \b
      (
-        dckr_pat_[A-Z0-9_-]{27}
+        dckr_pat_[A-Za-z0-9_-]{27}
      )
-      (?: $ | [^A-Z0-9_-] )
+      (?: $ | [^A-Za-z0-9_-] )
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.3
@ -31,4 +31,35 @@ rules:
            - status:
                - 200
              type: StatusMatch
-          url: https://hub.docker.com/v2/access-tokens?page_size=1
+          url: https://hub.docker.com/v2/access-tokens?page_size=1
+  - name: Docker Hub Organization Access Token
+    id: kingfisher.dockerhub.2
+    pattern: |
+      (?x)
+      \b
+      (
+        dckr_oat_[A-Za-z0-9_-]{32}
+      )
+      (?: $ | [^A-Za-z0-9_-] )
+    pattern_requirements:
+      min_digits: 2
+    min_entropy: 3.3
+    confidence: medium
+    examples:
+      - docker login -u docker-test -p dckr_oat_7bA9zRt5-JqX3vP0l_MnY8sK2wE-dF6h
+    references:
+      - https://docs.docker.com/enterprise/security/access-tokens/
+    validation:
+      type: Http
+      content:
+        request:
+          headers:
+            Authorization: Bearer {{ TOKEN }}
+            Accept: application/json
+          method: GET
+          response_matcher:
+            - report_response: true
+            - status:
+                - 200
+              type: StatusMatch
+          url: https://hub.docker.com/v2/access-tokens?page_size=1