Atlassian ID API Key
Service Name: Atlassian
Service Description: Atlassian is a software company that develops products for software developers, project managers, and other software development teams. Their products include Jira, Confluence, Bitbucket, and Trello.
Service Address: https://www.atlassian.com/
Validation Type: -
IP Allow list: Does not exist
Secret Access Scope: Grants access to Atlassian ID services and APIs, allowing operations on Atlassian accounts and resources.
Secret Revokement URL: https://id.atlassian.com/manage-profile/security
Secret Example: ATATT3xFfG9BqeP2wnQR92BDVYUr7klyOdOXLGAc2eIyRLL6KDwM5BS6PskKx4dBYxzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz
Suspicious Activity Investigation Instructions:
- Review Atlassian access logs for unauthorized API calls or unusual activity patterns
- Check for unexpected changes to user permissions or account settings
- Monitor for unusual geographic access locations or access times
- Examine any new integrations or applications connected to your Atlassian account
- Review audit logs for password reset attempts or account recovery actions
Mitigation Instructions:
- Immediately revoke the compromised API key in the Atlassian account security settings
- Generate a new API key if needed, with appropriate permissions
- Review and update access permissions for all remaining API keys
- Enable two-factor authentication if not already enabled
- Update passwords for any associated Atlassian accounts
- Review and remove any unauthorized integrations or applications