You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/api/public-api/index.md
+22-1Lines changed: 22 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -24,4 +24,25 @@ The Public API includes the following benefits over the Config API:
24
24
| Improved architecture | The Public API is built with improved security, checks for authentication, authorization, input validation, HTTPS exposed services, auto-scaling, and more in mind. |
25
25
| Cleaner mapping | The Public API uses unique IDs for reference, in place of slugs in the Config API. Unique IDs are, by design, unique. |
26
26
| Available in Europe | The Public API is accessible to both US and EU-based workspaces. |
27
-
| Increased reliability | The Public API features more stable endpoints, and a 99.8% success rate |
27
+
| Increased reliability | The Public API features more stable endpoints, and a 99.8% success rate |
28
+
29
+
## API Token Security
30
+
31
+
To enhance API token security, Segment partners with GitHub to prevent fraudulent use of exposed API tokens found in public git repositories. Malicious actors can use exposed tokens to perform unauthorized actions in your Segment workspace.
32
+
33
+
GitHub scans each commit in public repositories for Public API tokens and detected tokens are sent to Segment. Valid tokens are automatically revoked and workspace owners are notified. This process, Github identifying a token and Segment revoking it, typically takes seconds.
34
+
35
+
Learn more about [GitHub's secret scanning program](https://docs.github.com/en/developers/overview/secret-scanning-partner-program).
36
+
37
+
### Frequently Asked Questions
38
+
#### What should I do if I see a notification that my token was exposed?
39
+
In most cases, identifying and revoking an exposed token takes seconds. Still, we recommend you check the [audit trail](/docs/segment-app/iam/audit-trail/) to ensure no unauthorized actions were taken with the token.
40
+
41
+
#### How did my token get exposed?
42
+
Typically, tokens are exposed when developers commit them to a public git repository. This can happen when developers use a token in a local development environment and forget to remove it before committing their code.
43
+
44
+
#### Why are exposed tokens automatically revoked?
45
+
By automatically revoking the exposed token, we help keep your workspace secure and prevent potential abuse of the token.
46
+
47
+
#### How do I enable this feature?
48
+
This feature is automatically enabled for all workspaces on Team or Business tier plans.
0 commit comments