Sentry
Sentrymonitoring3 credentials
API Auth Token
sentry / auth-token
Sentry API authentication tokens authenticate as a user or organization account. Sentry documents that auth tokens are passed in the Authorization header using Bearer authentication.
Location
SENTRY_AUTH_TOKEN, SENTRY_TOKENAuthorizationBearer token used for Sentry API requests
.sentryclirc, .env files, release automation config, and CI manifests
CI/CD variables, cloud secret managers, and deployment secrets
release scripts, source-map upload tooling, and committed SDK config
API client debug output, sentry-cli logs, and CI traces
Notes
Token blast radius depends on the scopes granted to the token and whether it belongs to a user account or an organization account.
Project DSN
sentry / dsn
Sentry DSNs configure SDK event ingestion. Sentry documents the DSN as a URL containing protocol, public key, optional secret key, host, path, and project identifier.
Looks like
examplehttps://XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX@o000000.ingest.sentry.io/0000000Location
SENTRY_DSN, NEXT_PUBLIC_SENTRY_DSN, VITE_SENTRY_DSNSDK initialization config, .env files, frontend build config, and mobile app config
Sentry.init calls, committed examples, source maps, and frontend bundles
application startup logs and SDK diagnostic output
Notes
Modern DSNs are often intentionally embedded in client code for event submission, but they still identify the project ingest endpoint and can be abused for noisy event injection.
OAuth Client Secret
sentry / oauth-client-secret
Sentry OAuth applications exchange authorization codes at the token endpoint using a client_id and client_secret. Sentry documents the client_secret parameter in OAuth token requests.
Location
SENTRY_CLIENT_ID, SENTRY_CLIENT_SECRETOAuth backend config, .env files, and deployment manifests
cloud secret managers, hosted app secrets, and CI/CD variables
OAuth examples, tests, and accidentally committed integration config
token exchange request dumps and OAuth troubleshooting output
Notes
Client secret exposure can allow impersonation of the Sentry OAuth application during token exchange flows.
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.