Akamai
Akamaicloud4 credentials
EdgeGrid API Credential
akamai / edgegrid-credential
Akamai APIs authenticate with EdgeGrid credentials: client_token, client_secret, access_token, and host values stored in .edgerc or supplied through Akamai environment variables. The token and secret fields are credential material; host and account-switch keys are context.
Looks like
exampleakab-c113ntt0k3n4qtari252bfxxbsl-yvsdj(?m)^\s*(client_token|access_token)\s*=\s*akab-[A-Za-z0-9-]{20,100}\s*$(?m)^\s*client_secret\s*=\s*[A-Za-z0-9+/]{20,255}={0,2}\s*$Location
~/.edgerc, /.edgercOfficial EdgeGrid resource file locations documented by Akamai for downloaded API client credentials
%USERPROFILE%\.edgercWindows home-relative EdgeGrid resource file
AKAMAI_CLIENT_TOKEN, AKAMAI_CLIENT_SECRET, AKAMAI_ACCESS_TOKEN, AKAMAI_PAPI_CLIENT_TOKEN, AKAMAI_PAPI_CLIENT_SECRET, AKAMAI_PAPI_ACCESS_TOKENOfficial EdgeGrid credential environment variables; PAPI is Akamai's documented section-prefix example
AuthorizationEG1-HMAC-SHA256 EdgeGrid authorization header derived from EdgeGrid credentials
CI/CD variables, password vaults, cloud secret managers, and deployment secret stores
Terraform provider configs, deployment repos, purge scripts, SDK initialization code, and tests
HTTP debug traces, Akamai CLI logs, SDK traces, and CI output
Notes
AKAMAI_HOST and AKAMAI_ACCOUNT_KEY are official EdgeGrid context variables but are not credential values, so they are not listed as credential env locations. Arbitrary section-prefixed variables are supported by Akamai libraries but are not represented with wildcards.
Akamai Control Center User Password
akamai / account-user-password
Akamai Control Center users authenticate through browser login, SSO, and MFA to manage accounts, properties, security products, and API clients.
Location
/login, /identity-management, /api-clientsAkamai Control Center and Identity and Access Management login/API-client contexts
Enterprise password vaults, IdP credential stores, break-glass account vaults, and admin runbooks
Akamai account audit logs, IdP sign-in logs, browser exports, and support traces
Notes
No static Akamai account default password is modeled.
NetStorage Upload Account Key
akamai / netstorage-upload-account
Akamai NetStorage upload accounts use upload account names and keys for HTTP API, SSH, Aspera, rsync, and content upload workflows.
Location
/netstorage, /upload-accountsNetStorage upload account management and content upload contexts
CI/CD variables, password vaults, CMS secret stores, and content pipeline secret stores
Deployment scripts, CMS integrations, upload clients, tests, and content pipeline automation
Upload client debug logs, rsync/SSH traces, CMS logs, and CI output
Notes
No exact official NetStorage credential-value environment variable or stable local config filename was confirmed in the checked sources, so scanner-facing env/config locations are omitted for this block.
Certificate / CPS Private Key
akamai / certificate-private-key
Akamai properties and Certificate Provisioning System workflows may include TLS private keys, origin client certificate keys, and deployment key material.
Looks like
pattern-----BEGIN (RSA |EC |OPENSSH |ENCRYPTED )?PRIVATE KEY-----Location
Certificate vaults, HSMs, CI/CD variables, Akamai CPS artifacts, and deployment secret stores
Certificate signing/deployment packages, CPS exports, PEM bundles, and backups
Infrastructure-as-code, deployment repositories, and origin mTLS configuration
TLS, deployment, and certificate provisioning troubleshooting logs
Notes
Generic private-key filenames are intentionally not duplicated as Akamai scanner paths; generic private key detection belongs in CredsHound built-ins.
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.