Airtable API Key
Service Name: Airtable
Service Description: Airtable is a cloud collaboration service that combines the features of a database with the visual interface of a spreadsheet. It's used for creating and sharing relational databases with team collaboration features.
Service Address: https://airtable.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be implemented at the Enterprise level through IP restrictions policy
Secret Access Scope: Grants programmatic access to Airtable bases, tables, and records. Depending on the permissions associated with the API key, it can allow reading, creating, updating, and deleting records.
Secret Revokement URL: https://airtable.com/account
Secret Example: keyABCDEFGHIJKLMNO
Suspicious Activity Investigation Instructions:
-
Review Airtable activity logs for unusual data access or modifications
-
Check for unexpected API calls or data exports
-
Monitor for unauthorized base access or record modifications
-
Verify if there are any new integrations or automations created
-
Look for unusual access patterns or times of access
Mitigation Instructions:
-
Log in to your Airtable account at
https://airtable.com/ -
Navigate to Account > API in the top right corner
-
Locate the compromised API key
-
Click "Regenerate API key" to invalidate the old key
-
Update any legitimate applications or services with the new API key
-
Consider implementing Enterprise-level IP restrictions if available
-
Review and adjust base sharing permissions to limit access
-
Enable two-factor authentication for your Airtable account