Airbyte API Key
Service Name: Airbyte
Service Description: Airbyte is an open-source data integration platform that helps businesses consolidate and replicate data from different sources to destinations such as data warehouses, lakes, and databases.
Service Address: https://airbyte.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the Airbyte Cloud account level for enhanced security.
Secret Access Scope: Grants programmatic access to Airbyte's API, allowing management of connections, sources, destinations, and data synchronization operations.
Secret Revokement URL: https://docs.airbyte.com/api-documentation/#authentication
Secret Example: airbyte_api_key_1a2b3c4d5e6f7g8h9i0j
Suspicious Activity Investigation Instructions:
-
Review Airbyte audit logs for unusual connection configurations or data movement.
-
Check for unexpected changes to source or destination configurations.
-
Monitor for unauthorized creation of new connections or modifications to existing ones.
-
Examine API call patterns for unusual access times or frequencies.
-
Verify if there are any unexpected data syncs or operations running.
Mitigation Instructions:
-
Log in to your Airbyte Cloud account or self-hosted instance.
-
Navigate to the account settings or API key management section.
-
Revoke the compromised API key immediately.
-
Generate a new API key if needed.
-
Update all legitimate applications or services that were using the compromised key.
-
Review and adjust IP access restrictions if available.
-
Enable additional authentication mechanisms if supported.
-
Audit all connections and configurations to ensure no unauthorized changes remain.