Wiki.js
Requarkscms3 credentials
Administrator/User Password
wikijs / administrator-password
Wiki.js users authenticate to the admin UI, wiki UI, and GraphQL API through local or external authentication strategies. The initial administrator is created during setup.
Location
Wiki.js web login, admin UI, and GraphQL APIWiki.js user and authentication tables containing password verifier data
config.ymlruntime configuration and auth strategy settings
Docker/Kubernetes secrets and password managers
deployment manifests and setup automation
setup logs and authentication traces
API Key / JWT Token
wikijs / api-key-jwt-token
Wiki.js API and integrations use API keys or bearer tokens for GraphQL and automation access.
Location
AuthorizationBearer token/API key used for Wiki.js GraphQL/API requests
API key/token records and user sessions
integration scripts, .env files, and automation configs
WIKIJS_API_KEY, WIKIJS_TOKENCI/CD variables and vault entries
automation repositories and tests
GraphQL client traces and debug logs
Database, Storage, and Authentication Strategy Secrets
wikijs / database-storage-auth-secrets
Wiki.js config includes database credentials, session/JWT secrets, Git/storage integration credentials, SMTP passwords, and OAuth/SAML/LDAP authentication strategy secrets.
Location
config.ymldatabase connection, bind address, SSL, and runtime settings
authentication strategy, storage target, and integration secret records
DB_PASS, DB_PASSWORD, WIKI_DB_PASS, WIKIJS_DB_PASSWORDKubernetes Secrets, Docker secrets, and cloud secret managers
Docker Compose files, Helm values, and committed configs
Wiki.js backups and exported configuration
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.