CARTO API Access Token
Service Name: CARTO
Service Description: CARTO is a cloud-based location intelligence and data visualization platform that enables organizations to analyze and visualize spatial data for business intelligence, urban planning, and other geospatial applications.
Service Address: https://carto.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the organization level through CARTO's security settings.
Secret Access Scope: Grants programmatic access to CARTO's APIs, allowing users to create, read, update, and delete datasets, maps, and visualizations within their CARTO account.
Secret Revokement URL: https://carto.com/developers/auth-api/guides/revoking-access-tokens/
Secret Example: carto_pk.eyJ1IjoiY2FydG8iLCJhIjoiY2s5b2txM2EzMDVvMzNsbzFjM3MyYnM4aCJ9.7XA0Vl1F2FCN6GGqLcZ9WQ
Suspicious Activity Investigation Instructions:
- Review the CARTO dashboard for unauthorized datasets or visualizations.
- Check API usage logs for unusual patterns or high-volume requests.
- Monitor for unexpected changes to maps, datasets, or account settings.
- Review IP addresses that have accessed the account for unfamiliar locations.
- Check for unauthorized API calls or data exports.
Mitigation Instructions:
- Log in to your CARTO account and navigate to the API Keys section.
- Identify the compromised API token and revoke it immediately.
- Create a new API token with appropriate permissions.
- Update all applications and services to use the new token.
- Review and adjust the scope of permissions for API tokens to follow the Principle of Least Privilege.
- Consider implementing IP restrictions for API access if available in your plan.
- Enable notifications for suspicious account activities.
- Review all account users and remove any unauthorized access.