Beamer API Token
Service Name: Beamer
Service Description: Beamer is a user engagement and announcement platform that helps businesses communicate updates, new features, and important information to their users through in-app notifications, changelogs, and feedback collection.
Service Address: https://www.getbeamer.com/
Validation Type: API Auth
IP Allow list: Does not exist
Secret Access Scope: Grants programmatic access to Beamer's API, allowing management of announcements, posts, feedback, and user data.
Secret Revokement URL: https://app.getbeamer.com/settings/api
Secret Example: bm_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Suspicious Activity Investigation Instructions:
- Review Beamer dashboard for unauthorized posts or announcements
- Check for unusual API activity in your Beamer account logs
- Monitor for unexpected changes to your Beamer configuration
- Verify if there are any new integrations or webhooks that were not authorized
- Look for unusual feedback submissions or user interactions
Mitigation Instructions:
- Log in to your Beamer dashboard at https://app.getbeamer.com/
- Navigate to Settings > API
-
Revoke the compromised API token by clicking "Regenerate API Key"
-
Update the API token in all legitimate applications and integrations
- Review and update access permissions for team members with access to
Beamer
- Enable two-factor authentication if available
- Review and update any webhooks or integrations that use the Beamer API