Clarifai API Key
Service Name: Clarifai
Service Description: Clarifai is an AI platform that provides computer vision, natural language processing, and machine learning models. It allows developers to build, train, and deploy AI models for image and video recognition, text analysis, and other AI-powered applications.
Service Address: https://www.clarifai.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level through Clarifai's enterprise security settings.
Secret Access Scope: Grants programmatic access to Clarifai's AI services, including model prediction, training, and management capabilities.
Secret Revokement URL: https://clarifai.com/settings/security
Secret Example: Key-a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
Suspicious Activity Investigation Instructions:
- Review the Clarifai dashboard for unusual API usage patterns or spikes.
- Check for unauthorized model creations or modifications.
- Monitor for unexpected data access or prediction requests.
- Examine API logs for requests from unfamiliar IP addresses or locations.
- Verify if the key has been used to access or modify sensitive models.
Mitigation Instructions:
- Log in to your Clarifai account at https://clarifai.com/
- Navigate to the "Settings" section in your account dashboard.
-
Select the "Security" or "API Keys" tab.
-
Locate the compromised API key in the list.
- Click "Delete" or "Revoke" next to the key.
- Generate a new API key if needed.
- Update your applications with the new key.
- Consider implementing more restrictive scopes for the new key.
- Enable additional security measures like IP restrictions if available.