Atlassian Admin API Key
Service Name: Atlassian
Service Description: Atlassian is a software company that develops products for software developers, project managers, and other software development teams, including tools like Jira, Confluence, Bitbucket, and Trello.
Service Address: https://www.atlassian.com/
Validation Type: -
IP Allow list: Does not exist
Secret Access Scope: Grants administrative access to Atlassian products and services, allowing management of users, projects, and organization-wide settings.
Secret Revokement URL: https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/
Secret Example: ATCTT3xFfG1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrst==
Suspicious Activity Investigation Instructions:
- Review Atlassian admin audit logs for unauthorized administrative actions
- Check for unusual user permission changes or project access modifications
- Monitor for unexpected API calls or integration setups
- Verify if there are any new users or service accounts created
- Look for data exports or unusual access patterns
Mitigation Instructions:
- Immediately revoke the compromised API token through the Atlassian account settings
- Generate a new API token with appropriate permissions
- Review and update access controls for all Atlassian products
- Enable two-factor authentication for all admin accounts
- Audit all recent administrative actions to identify and revert any unauthorized changes