rules:
  - name: Atlassian API token
    id: kingfisher.atlassian.1
    pattern: |
      (?xi)                       
      \b                         
      atlassian
      (?:.|[\n\r]){0,32}?
      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
      (?:.|[\n\r]){0,32}?
      \b                         
      (
        [a-z0-9]{24}
      )
      \b                         
    min_entropy: 3.5
    confidence: medium
    examples:
      - Atlassian_key = "DjayBenyJrtpvydFCzAphcqc"
      - "ATLASSIAN_API_TOKEN:'abcdef1234567890abcdef12'"
    references:
      - https://developer.atlassian.com/cloud/admin/organization/rest/api-group-orgs/#api-v1-orgs-get
    validation:
      type: Http
      content:
        request:
          url: https://api.atlassian.com/me
          headers:
            Authorization: "Bearer {{ TOKEN }}"
            Accept: "application/json"
          method: GET
          response_matcher:
            - report_response: true
            - status:
                - 200
              type: StatusMatch
            - type: WordMatch
              words:
                - "Unauthorized"
              negative: true