Skip to content

Beamer API Token

Service Name: Beamer

Service Description: Beamer is a user engagement and announcement platform that helps businesses communicate updates, new features, and important information to their users through in-app notifications, changelogs, and feedback collection.

Service Address: https://www.getbeamer.com/

Validation Type: API Auth

IP Allow list: Does not exist

Secret Access Scope: Grants programmatic access to Beamer's API, allowing management of announcements, posts, feedback, and user data.

Secret Revokement URL: https://app.getbeamer.com/settings/api

Secret Example: bm_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Suspicious Activity Investigation Instructions:

  • Review Beamer dashboard for unauthorized posts or announcements
  • Check for unusual API activity in your Beamer account logs
  • Monitor for unexpected changes to your Beamer configuration
  • Verify if there are any new integrations or webhooks that were not authorized
  • Look for unusual feedback submissions or user interactions

Mitigation Instructions:

  • Log in to your Beamer dashboard at https://app.getbeamer.com/
  • Navigate to Settings > API
  • Revoke the compromised API token by clicking "Regenerate API Key"

  • Update the API token in all legitimate applications and integrations

  • Review and update access permissions for team members with access to

Beamer

  • Enable two-factor authentication if available
  • Review and update any webhooks or integrations that use the Beamer API