lolcreds

Public credential defaults and exposure patterns for authorized security testing.

Akamai

Akamaicloud4 credentials

Credentials4 documented
01

EdgeGrid API Credential

akamai / edgegrid-credential

Akamai APIs authenticate with EdgeGrid credentials: client_token, client_secret, access_token, and host values stored in .edgerc or supplied through Akamai environment variables. The token and secret fields are credential material; host and account-switch keys are context.

generated on installuser definedsecretAPI key

Looks like

example
example

Akamai EdgeGrid client/access token prefix shown in official .edgerc examples; use with EdgeGrid context

akab-c113ntt0k3n4qtari252bfxxbsl-yvsdj
pattern

EdgeGrid token fields in .edgerc

(?m)^\s*(client_token|access_token)\s*=\s*akab-[A-Za-z0-9-]{20,100}\s*$
pattern

EdgeGrid client_secret field in .edgerc

(?m)^\s*client_secret\s*=\s*[A-Za-z0-9+/]{20,255}={0,2}\s*$

Location

config file
~/.edgerc, /.edgerc

Official EdgeGrid resource file locations documented by Akamai for downloaded API client credentials

config file
%USERPROFILE%\.edgerc

Windows home-relative EdgeGrid resource file

environment
AKAMAI_CLIENT_TOKEN, AKAMAI_CLIENT_SECRET, AKAMAI_ACCESS_TOKEN, AKAMAI_PAPI_CLIENT_TOKEN, AKAMAI_PAPI_CLIENT_SECRET, AKAMAI_PAPI_ACCESS_TOKEN

Official EdgeGrid credential environment variables; PAPI is Akamai's documented section-prefix example

http header
Authorization

EG1-HMAC-SHA256 EdgeGrid authorization header derived from EdgeGrid credentials

secret store

CI/CD variables, password vaults, cloud secret managers, and deployment secret stores

source code

Terraform provider configs, deployment repos, purge scripts, SDK initialization code, and tests

logs

HTTP debug traces, Akamai CLI logs, SDK traces, and CI output

Notes

AKAMAI_HOST and AKAMAI_ACCOUNT_KEY are official EdgeGrid context variables but are not credential values, so they are not listed as credential env locations. Arbitrary section-prefixed variables are supported by Akamai libraries but are not represented with wildcards.

02

Akamai Control Center User Password

akamai / account-user-password

Akamai Control Center users authenticate through browser login, SSO, and MFA to manage accounts, properties, security products, and API clients.

user definedsecretusername/password

Location

public interface
/login, /identity-management, /api-clients

Akamai Control Center and Identity and Access Management login/API-client contexts

secret store

Enterprise password vaults, IdP credential stores, break-glass account vaults, and admin runbooks

logs

Akamai account audit logs, IdP sign-in logs, browser exports, and support traces

Notes

No static Akamai account default password is modeled.

03

NetStorage Upload Account Key

akamai / netstorage-upload-account

Akamai NetStorage upload accounts use upload account names and keys for HTTP API, SSH, Aspera, rsync, and content upload workflows.

generated on installuser definedsecretsecret value

Location

public interface
/netstorage, /upload-accounts

NetStorage upload account management and content upload contexts

secret store

CI/CD variables, password vaults, CMS secret stores, and content pipeline secret stores

source code

Deployment scripts, CMS integrations, upload clients, tests, and content pipeline automation

logs

Upload client debug logs, rsync/SSH traces, CMS logs, and CI output

Notes

No exact official NetStorage credential-value environment variable or stable local config filename was confirmed in the checked sources, so scanner-facing env/config locations are omitted for this block.

04

Certificate / CPS Private Key

akamai / certificate-private-key

Akamai properties and Certificate Provisioning System workflows may include TLS private keys, origin client certificate keys, and deployment key material.

generated on installuser definedsecretkey pair

Looks like

pattern
pattern

Private key material for Akamai CPS, mTLS to origin, or deployment workflows

-----BEGIN (RSA |EC |OPENSSH |ENCRYPTED )?PRIVATE KEY-----

Location

secret store

Certificate vaults, HSMs, CI/CD variables, Akamai CPS artifacts, and deployment secret stores

artifact

Certificate signing/deployment packages, CPS exports, PEM bundles, and backups

source code

Infrastructure-as-code, deployment repositories, and origin mTLS configuration

logs

TLS, deployment, and certificate provisioning troubleshooting logs

Notes

Generic private-key filenames are intentionally not duplicated as Akamai scanner paths; generic private key detection belongs in CredsHound built-ins.

Scope

Authorized use

LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.