kingfisher/data/rules/fastly.yml

rules:
  - name: Fastly API token
    id: kingfisher.fastly.1
    pattern: |
      (?x)(?i)
      \b
      fastly
      (?:.|[\n\r]){0,32}?
      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
      (?:.|[\n\r]){0,32}?
      \b
      ([a-z0-9_-]{32})
      \b
    min_entropy: 3.5
    confidence: medium
    examples:
      - 'Fastly token: fgsb3ef237afd6c1b9d91f81cdba64f3'
    references:
      - https://developer.fastly.com/reference/api/#authentication
    validation:
      type: Http
      content:
        request:
          headers:
            Fastly-Key: '{{ TOKEN }}'
          method: GET
          response_matcher:
            - report_response: true
            - status:
                - 200
              type: StatusMatch
          url: https://api.fastly.com/current_user