search

streaak / keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
4.84k stars 1.01k forks source link

coveo access token #143

Open sushantdhopat opened 1 year ago

sushantdhopat commented 1 year ago

https://platform.cloud.coveo.com/rest/search accessToken: 'xx564559b1-0045-48e1-retretertret-fgegertreter'

GET /rest/search HTTP/2
Host: platform.cloud.coveo.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:108.0) Gecko/20100101 Firefox/108.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Te: trailers
Authorization: Bearer {{token-here}}
POST /rest/search/v2/token?organizationid={{org-id}} HTTP/2
Host: platform.cloud.coveo.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:108.0) Gecko/20100101 Firefox/108.0
Content-Type: application/json
Accept: application/json
Authorization: Bearer {{token-here}}
Content-Length: 144

{
  "userIds": [
    {
      "name": "asmith@example.com",
      "provider": "Email Security Provider",
      "type": "User"
    }
  ]
}