Skip to main content

Search

How do I disable/enable a Canarytoken?

Learn how to disable or enable a Canarytoken via the Canary Console. Log in, search for your token, and toggle its status under "Token Status" to stop or resume alerts.

What happens if you deploy a Canarytoken that an attacker trips, and then discovers? Can the attacker trip it repeatedly just to annoy you?

Aside from the fact that your Canarytoken server will attempt to rate limit alerts, any Canarytoken may be disabled to stop the alerts and then re-enabled at a later stage.

Note

A Canarytoken can also be permanently deleted — see guide here.

Follow the steps below to disable/enable a Canarytoken:

Step 1: Log in to your Console

Console Login.png

Step 2: Click the Canarytokens tile

Click the Canarytokens tile or click Add a new Canarytoken.

CleanShot 2024-08-16 at 09.22.30@2x.png

Step 3: Search for your Canarytoken

Enter the name of the Canarytoken you want to disable/enable in the search bar.

CleanShot 2024-08-16 at 11.39.34@2x.png

Step 4: Select the Canarytoken

Select the Canarytoken from the search history.

Note

We searched and selected "AWS API Key on desktop".

CleanShot 2024-08-16 at 11.41.23@2x.png

Step 5: Toggle the Canarytoken

You can disable/enable the token under Token Status.

Token disabled:

CleanShot 2024-08-16 at 12.05.06@2x.png

Token enabled:

CleanShot 2024-08-16 at 12.06.55@2x.png

Was this article helpful?
5 out of 8 found this helpful
Return to top