Kraken API Key

Detects Kraken REST API credentials: the public API key (56 base64 characters) and the private key / API secret (86-88 base64 characters, base64 of 64 bytes). Because base64 strings have no distinctive prefix, this pattern is context-gated: it requires a nearby Kraken label and an assignment (= or :) before the value. A leaked private key allows signing authenticated requests to the account.

Type
regex
Engine
universal
Confidence
medium
Confidence justification
Medium confidence: Kraken keys are base64 strings with no self-identifying prefix, so a bare value is indistinguishable from any other base64 blob; detection relies on an adjacent Kraken label plus an assignment. The two fixed lengths (56 and 86-88) narrow the value shape but are not distinctive enough on their own to alert without context.
Jurisdictions
global
Regulations
Criminal Code Act 1995 (Cth)
Frameworks
CIS Controls, ISO 27001, NIST CSF, SOC 2
Data categories
credentials, security
Scope
wide
Risk rating
8
Platform compatibility
Purview: Compatible, GCP DLP: Unsupported, Macie: Unsupported, Zscaler: Compatible, Palo Alto: Unsupported, Netskope: Unsupported

Pattern

(?i)kraken[\s\S]{0,24}?[=:][\s"]*(?:[A-Za-z0-9/+]{86}={0,2}|[A-Za-z0-9/+]{56})(?![A-Za-z0-9/+=])

Corroborative evidence keywords

kraken, kraken api, api key, api_key, api secret, private key, API-Sign, API-Key, apikey, access key, access token, auth token, authorization, bearer, conn str, connection string, connectionstring, cookie, credential, database (+14 more)

Proximity: 300 characters

Should match

Should not match

Known false positives

References