topic Dynatrace Internal Tokens in Open Q&A https://community.dynatrace.com/t5/Open-Q-A/Dynatrace-Internal-Tokens/m-p/202708#M24152 <P>Dynatrace became part of the Github secret scanning program a while back and while browsing their supported patterns they make reference of "Dynatrace Internal Tokens" (<A href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-patterns" target="_blank" rel="noopener">https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-patterns</A>).</P> <P>These do not seem to be documented anywhere, at least that I could find, but since Github differentiates them from regular access tokens, I presume they follow a different format than the one documented on the Dynatrace site?<BR />Surely they must be able to be exposed since rules for them exist, but I have yet to find out where these get used and how they look like, and no warning anywhere on how to guard against this.</P> Wed, 08 Feb 2023 10:32:33 GMT Tozya 2023-02-08T10:32:33Z Dynatrace Internal Tokens https://community.dynatrace.com/t5/Open-Q-A/Dynatrace-Internal-Tokens/m-p/202708#M24152 <P>Dynatrace became part of the Github secret scanning program a while back and while browsing their supported patterns they make reference of "Dynatrace Internal Tokens" (<A href="https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-patterns" target="_blank" rel="noopener">https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-patterns</A>).</P> <P>These do not seem to be documented anywhere, at least that I could find, but since Github differentiates them from regular access tokens, I presume they follow a different format than the one documented on the Dynatrace site?<BR />Surely they must be able to be exposed since rules for them exist, but I have yet to find out where these get used and how they look like, and no warning anywhere on how to guard against this.</P> Wed, 08 Feb 2023 10:32:33 GMT https://community.dynatrace.com/t5/Open-Q-A/Dynatrace-Internal-Tokens/m-p/202708#M24152 Tozya 2023-02-08T10:32:33Z Re: Dynatrace Internal Tokens https://community.dynatrace.com/t5/Open-Q-A/Dynatrace-Internal-Tokens/m-p/204532#M24559 <P><a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/58763">@Tozya</a>&nbsp;I think that the vernacular in GITHUB is different then Dynatrace Corp. Dynatrace has two Types of Tags, PaaS Tags and API Tokens.&nbsp;<BR />The PaaS tokens would be equivalent to&nbsp;<SPAN>Dynatrace Access Tokens as listed in the GitHub Doc, where the API Tokens would be equivalent&nbsp;to&nbsp;Dynatrace Internal Tokens as listed in the GitHub Doc.</SPAN></P> Fri, 10 Feb 2023 13:19:23 GMT https://community.dynatrace.com/t5/Open-Q-A/Dynatrace-Internal-Tokens/m-p/204532#M24559 ChadTurner 2023-02-10T13:19:23Z