18 Jan 2023 01:23 PM - last edited on 08 Feb 2023 10:32 AM by Ana_Kuzmenchuk
Dynatrace became part of the Github secret scanning program a while back and while browsing their supported patterns they make reference of "Dynatrace Internal Tokens" (https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-pat...).
These do not seem to be documented anywhere, at least that I could find, but since Github differentiates them from regular access tokens, I presume they follow a different format than the one documented on the Dynatrace site?
Surely they must be able to be exposed since rules for them exist, but I have yet to find out where these get used and how they look like, and no warning anywhere on how to guard against this.
Solved! Go to Solution.
10 Feb 2023 01:19 PM
@Tozya I think that the vernacular in GITHUB is different then Dynatrace Corp. Dynatrace has two Types of Tags, PaaS Tags and API Tokens.
The PaaS tokens would be equivalent to Dynatrace Access Tokens as listed in the GitHub Doc, where the API Tokens would be equivalent to Dynatrace Internal Tokens as listed in the GitHub Doc.