kingfisher/crates/kingfisher-rules/data/rules/onfido.yml

rules:
  - name: Onfido API Token
    id: kingfisher.onfido.1
    pattern: |
      (?x)
      \b
      (
        api_(?:live|sandbox)\.[a-zA-Z0-9_-]{20,80}
      )
      \b
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.5
    confidence: high
    categories: [api, key]
    examples:
      - 'ONFIDO_API_TOKEN=api_live.AbCdEfGhIjKlMnOpQrStUvWxYz123456'
      - 'onfido_token: api_sandbox.AbCdEfGhIjKlMnOpQrStUvWxYz123456'
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://api.eu.onfido.com/v3.6/ping
          headers:
            Authorization: Token token={{ TOKEN }}
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
    references:
      - https://documentation.identity.entrust.com/api/latest/