Airtable Personal Access Token
Service Name: Airtable
Service Description: Airtable is a cloud collaboration service that combines the features of a database with the visual interface of a spreadsheet. It allows users to create and share relational databases with team collaboration features.
Service Address: https://airtable.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be set at the organization level for Enterprise plans, but not at the individual token level.
Secret Access Scope: Grants programmatic access to Airtable bases and workspaces according to the permissions of the user who created the token. Can be used to read, create, update, and delete records.
Secret Revokement URL: https://airtable.com/account
Secret Example: patXXXXXXXXXXXXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Suspicious Activity Investigation Instructions:
-
Review Airtable account activity logs for unusual access patterns or operations
-
Check for unexpected changes to bases, tables, or records
-
Monitor for unauthorized API calls from unfamiliar IP addresses or locations
-
Verify if there are any new integrations or automations that were not authorized
-
Examine the scope and permissions granted to the compromised token
Mitigation Instructions:
-
Log in to your Airtable account at
https://airtable.com/account -
Navigate to the "Personal access tokens" section
-
Locate the compromised token in the list
-
Click the "Revoke" button next to the token
-
Create a new token with appropriate permissions if needed
-
Review and update any applications or services that were using the revoked token
-
Consider implementing IP restrictions at the organization level if on an Enterprise plan
-
Enable two-factor authentication for your Airtable account if not already enabled