rules:
  - name: Apollo API Key
    id: kingfisher.apollo.1
    pattern: |
      (?xi)
      \b
      apollo
      (?:.|[\n\r]){0,16}?
      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
      (?:.|[\n\r]){0,32}?
      \b
      (
        [A-Z0-9_-]{22}
      )
      \b
    pattern_requirements:
      min_digits: 2
      min_uppercase: 1
      min_lowercase: 1
    min_entropy: 3.0
    confidence: medium
    examples:
      - 'APOLLO_API_KEY="ZNh-14foqIiscbz24oKwww"'
      - apollo_key=8ku3EoDJxz8fOSCdxYozdA
      - apollo.io api_key oD8GCL8MNZIyg0tzeSDuhw
    references:
      - https://docs.apollo.io/reference/people-api-search
    validation:
      type: Http
      content:
        request:
          method: POST
          url: "https://api.apollo.io/api/v1/mixed_people/api_search"
          headers:
            accept: "application/json"
            content-type: "application/json"
            x-api-key: "{{ TOKEN }}"
          body: |
            {"page":1,"per_page":1}
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200, 403]
            - type: WordMatch
              words:
                - '"total_entries"'
                - '"API_INACCESSIBLE"'
              match_all_words: false
            - type: WordMatch
              negative: true
              words:
                - '"Invalid access credentials"'