PagerDuty Authorization Token

Bridgecrew Policy ID: BC_GIT_57
Chekov Check ID: CKV_SECRET_57
Severity: LOW

PagerDuty Authorization Token

Description

The PagerDuty REST API supports authenticating via an account or user API token. Account API tokens have access to all of the data on an account, and can either be granted read-only access or full access to read, write, update, and delete. For PagerDuty accounts with Advanced Permissions, user API tokens have access to all of the data that the associated user account has access to. Only account administrators have the ability to generate account API tokens.

Fix - Buildtime

PagerDuty

  1. In the web app, navigate to Integrations API Access Keys.
  2. In the table of API access keys, select Remove next to the key you’d like to delete.
  3. Confirm your selection in the browser alert.