Apigee API Key
Service Name: Apigee (Google Cloud)
Service Description: Apigee is an API management platform that enables organizations to design, secure, analyze, and scale APIs. It serves as a bridge between services and applications, helping businesses accelerate digital transformation through APIs.
Service Address: https://cloud.google.com/apigee
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the API proxy level using policies and environment configurations.
Secret Access Scope: Grants access to specific API proxies and resources within the Apigee platform, allowing for API calls based on the permissions assigned to the API key.
Secret Revokement URL: https://cloud.google.com/apigee/docs/api-platform/publish/managing-api-keys
Secret Example: yBa45GhT9pLsK3vR7xZqN8mD2cF6jW1eX4oU0iHb
Suspicious Activity Investigation Instructions:
- Review Apigee Analytics for unusual traffic patterns or spikes in API usage.
- Check API call logs for unauthorized access attempts or unusual endpoints being accessed.
- Monitor for API calls from unexpected geographic locations or IP addresses.
- Examine rate limit violations that might indicate abuse of the API key.
- Review the developer app associated with the API key for any unauthorized changes.
Mitigation Instructions:
- Log in to the Apigee management console.
- Navigate to Publish > API Products > Apps.
- Locate the developer app that contains the compromised API key.
- Select the app and navigate to the API Keys section.
- Click on the compromised API key and select "Revoke" to immediately disable it.
- Generate a new API key for legitimate users if needed.
- Consider implementing additional security measures such as OAuth 2.0 for more sensitive APIs.
- Update any IP restrictions or quotas associated with your API products.