trufflehog icon indicating copy to clipboard operation
trufflehog copied to clipboard

Published 20 hours ago verified publisher icon trufflesecurity

Add Personio detector

Open nyanhp opened this issue 1 year ago • 1 comments

Description:

This test adds support for Personio (https://personio.com), an HR tool containing sensitive data where a leaked key could have enormous impact. The provider expects two components, a GUID prefixed with papi- as well as a 48 character string prefixed with papi-. While API keys can be scoped to specific fields, what we can test is the authentication, which returns a bearer token. Regardless of the key's scopes the authentication will work if the credentials are still valid.

Checklist:

  • [x] Tests passing (make test-community)?
  • [x] Lint passing (make lint this requires golangci-lint)?

nyanhp avatar Jan 26 '24 13:01 nyanhp

CLA assistant check
All committers have signed the CLA.

CLAassistant avatar Jan 26 '24 13:01 CLAassistant