Skip to content

Atlassian ID API Key

Service Name: Atlassian

Service Description: Atlassian is a software company that develops products for software developers, project managers, and other software development teams. Their products include Jira, Confluence, Bitbucket, and Trello.

Service Address: https://www.atlassian.com/

Validation Type: -

IP Allow list: Does not exist

Secret Access Scope: Grants access to Atlassian ID services and APIs, allowing operations on Atlassian accounts and resources.

Secret Revokement URL: https://id.atlassian.com/manage-profile/security

Secret Example: ATATT3xFfG9BqeP2wnQR92BDVYUr7klyOdOXLGAc2eIyRLL6KDwM5BS6PskKx4dBYxzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz

Suspicious Activity Investigation Instructions:

  • Review Atlassian access logs for unauthorized API calls or unusual activity patterns
  • Check for unexpected changes to user permissions or account settings
  • Monitor for unusual geographic access locations or access times
  • Examine any new integrations or applications connected to your Atlassian account
  • Review audit logs for password reset attempts or account recovery actions

Mitigation Instructions:

  • Immediately revoke the compromised API key in the Atlassian account security settings
  • Generate a new API key if needed, with appropriate permissions
  • Review and update access permissions for all remaining API keys
  • Enable two-factor authentication if not already enabled
  • Update passwords for any associated Atlassian accounts
  • Review and remove any unauthorized integrations or applications