Skip to content

Amplitude API Key

Service Name: Amplitude

Service Description: Amplitude is a product analytics platform that helps companies understand user behavior, optimize product experiences, and drive business growth through data-driven insights.

Service Address: https://amplitude.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the organization level through Amplitude's security settings.

Secret Access Scope: Grants programmatic access to Amplitude's analytics API, allowing data ingestion, querying analytics data, and managing user properties.

Secret Revokement URL: https://help.amplitude.com/hc/en-us/articles/360058073772-Create-and-manage-API-keys

Secret Example: a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6

Suspicious Activity Investigation Instructions:

  • Review Amplitude audit logs for unusual API calls or data access patterns.
  • Check for unexpected spikes in API usage or data export activities.
  • Monitor for unauthorized project access or unusual query patterns.
  • Examine IP addresses and locations accessing the API for anomalies.
  • Review any changes to user properties or event schemas that weren't planned.

Mitigation Instructions:

  • Log in to your Amplitude dashboard and navigate to Settings > Projects.
  • Select the relevant project where the key is used.
  • Go to the "API Keys" section.

  • Locate the compromised API key and click "Revoke" or "Delete".

  • Generate a new API key if needed.
  • Update all legitimate applications and services with the new API key.
  • Review and adjust API key permissions to follow the principle of least privilege.
  • Consider implementing IP restrictions for API access if not already in place.