Anypoint API Key
Service Name: MuleSoft Anypoint Platform
Service Description: MuleSoft's Anypoint Platform is an integration platform that enables organizations to build application networks using APIs, integrations, and automation. It allows businesses to connect applications, data, and devices across on-premises and cloud computing environments.
Service Address: https://anypoint.mulesoft.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the organization level through Anypoint Access Management.
Secret Access Scope: Grants programmatic access to Anypoint Platform APIs, allowing management of APIs, integrations, and other platform resources.
Secret Revokement URL: https://anypoint.mulesoft.com/accounts/
Secret Example: a1b2c3d4-5e6f-7g8h-9i0j-k1l2m3n4o5p6
Suspicious Activity Investigation Instructions:
- Review Anypoint Platform audit logs for unusual API calls or access patterns
- Check for unauthorized API registrations or modifications
- Monitor for unexpected changes to API policies or gateway configurations
- Examine access patterns from unfamiliar IP addresses or locations
- Review any automated processes or integrations using the compromised key
Mitigation Instructions:
- Log in to your Anypoint Platform account
- Navigate to Access Management > API Clients
-
Locate the compromised client credentials
-
Click on the client and select "Revoke" or "Delete"
- Create new API client credentials with appropriate permissions
- Update all legitimate applications and services with the new credentials
- Consider implementing additional security measures such as IP restrictions
- Review and adjust the scope of permissions for API clients to follow least
privilege principles