rules:
  - name: Customer.io Tracking API Key
    id: kingfisher.customerio.1
    pattern: |
      (?xi)
      \b
      (?:customer(?:\.?io)?|customerio|cio|tracking|track)
      (?:.|[\n\r]){0,32}?
      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN|API[_-]?KEY)
      (?:.|[\n\r]){0,16}?
      \b
      (
        [0-9a-f]{20}
      )
      \b
    pattern_requirements:
      min_digits: 4
    min_entropy: 3.0
    confidence: medium
    examples:
      - "tracking api key: f3b0c2b92eca01472efe"
      - "customerio_key = a98eab982f4692ceb78f"
      - "customer.io tracking_api_key d24d3915959b4d793a67"
    references:
      - https://docs.customer.io/integrations/api/#track-api

  - name: Customer.io App API Key
    id: kingfisher.customerio.2
    pattern: |
      (?xi)
      \b
      (?:customer(?:\.?io)?|customerio|cio)
      (?:.|[\n\r]){0,32}?
      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN|API)
      (?:.|[\n\r]){0,16}?
      \b
      (
        [0-9a-f]{32}
      )
      \b
    pattern_requirements:
      min_digits: 6
    min_entropy: 3.0
    confidence: medium
    examples:
      - "customerio_app_key=6e86f5734527548b7477a8b627bf4855"
      - "customer.io api key 8363e3ca7e897cae7d76b8f46632e155"
      - "cio_app_key: 801b93d4c8627282bbd3524362f1ea9d"
    references:
      - https://docs.customer.io/integrations/api/#app-api
      - https://api.customer.io/v1/workspaces
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://api.customer.io/v1/workspaces
          headers:
            Authorization: "Bearer {{ TOKEN }}"
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            - type: JsonValid
            - type: WordMatch
              match_all_words: true
              words:
                - '"workspaces"'