PagerDuty Authorization Token
Bridgecrew Policy ID: BC_GIT_57
Chekov Check ID: CKV_SECRET_57
Severity: LOW
PagerDuty Authorization Token
Description
The PagerDuty REST API supports authenticating via an account or user API token. Account API tokens have access to all of the data on an account, and can either be granted read-only access or full access to read, write, update, and delete. For PagerDuty accounts with Advanced Permissions, user API tokens have access to all of the data that the associated user account has access to. Only account administrators have the ability to generate account API tokens.
Fix - Buildtime
PagerDuty
- In the web app, navigate to Integrations API Access Keys.
- In the table of API access keys, select Remove next to the key you’d like to delete.
- Confirm your selection in the browser alert.
Updated 10 months ago