Azure SignalR Service Key
Service Name: Azure SignalR Service
Service Description: Azure SignalR Service is a fully managed service that enables real-time web functionality, allowing web applications to push content updates to connected clients. It simplifies the development of real-time web applications by handling the WebSocket connections and scaling to millions of connections.
Service Address: https://azure.microsoft.com/en-us/services/signalr-service/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured through Azure Network Security Groups and Private Endpoints.
Secret Access Scope: Grants access to manage and use Azure SignalR Service resources, including sending messages to clients, managing connections, and accessing service metrics.
Secret Revokement URL: https://portal.azure.com/ (Navigate to your SignalR Service resource > Access keys > Regenerate keys)
Secret Example: Endpoint=https://mysignalr.service.signalr.net;AccessKey=abcdefghijklmnopq rstuvwxyz0123456789ABCDEFGH=;Version=1.0;
Suspicious Activity Investigation Instructions:
- Review Azure Activity Logs for unusual operations on your SignalR Service.
- Check Azure Monitor metrics for unexpected spikes in connection counts or message volume.
- Examine IP addresses accessing your SignalR Service for unauthorized locations.
- Review application logs for unexpected connection patterns or message broadcasts.
- Monitor for unauthorized changes to service configuration or networking settings.
Mitigation Instructions:
- Immediately regenerate the SignalR Service access key in the Azure Portal.
- Navigate to your SignalR Service resource in the Azure Portal.
- Select "Keys" from the left navigation menu.
- Click "Regenerate" for the compromised key.
- Update your application configurations with the new key.
- Consider implementing Azure Private Link to restrict network access.
- Enable diagnostic logging for better monitoring and auditing.
- Review and update network security groups to restrict access to trusted IP ranges.