Skip to content

Azure Subscription Key

Service Name: Microsoft Azure

Service Description: Microsoft Azure is a cloud computing platform and infrastructure created by Microsoft for building, deploying, and managing applications and services through Microsoft-managed data centers. Azure Subscription Keys are used to authenticate API requests to various Azure services.

Service Address: https://azure.microsoft.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the service level through Azure API Management or Azure App Service IP restrictions.

Secret Access Scope: Grants access to specific Azure services based on the subscription and service type. Different Azure services use subscription keys for authentication, including Cognitive Services, Maps, and other Azure APIs.

Secret Revokement URL: https://portal.azure.com/ (Navigate to the specific service and manage keys in the "Keys and Endpoint" section)

Secret Example: a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6

Suspicious Activity Investigation Instructions:

  • Review Azure Activity Logs for unusual API calls or resource access patterns
  • Check Azure Monitor for unexpected spikes in API usage or requests
  • Examine IP addresses and locations that have been using the subscription key
  • Review Azure Security Center alerts for potential security issues
  • Analyze resource consumption metrics for abnormal patterns

Mitigation Instructions:

  • Log in to the Azure Portal at https://portal.azure.com/

  • Navigate to the specific service using the subscription key

  • Go to the "Keys and Endpoint" section for that service
  • Click "Regenerate Key" for the compromised key
  • Update all legitimate applications to use the new key
  • Consider implementing Azure API Management to add additional security layers
  • Enable Azure Monitor alerts to detect unusual activity
  • Implement IP restrictions where possible to limit access to trusted networks
  • Review and update access policies for the affected resources