Contentstack API Key
Service Name: Contentstack
Service Description: Contentstack is a headless Content Management System (CMS) and Digital Experience Platform (DXP) that enables organizations to deliver personalized, omnichannel digital experiences.
Service Address: https://www.contentstack.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the organization level through Contentstack's security settings.
Secret Access Scope: Grants programmatic access to manage content, assets, and configurations within a Contentstack stack. Depending on the API key type (delivery or management), it can provide read-only or read-write access to content.
Secret Revokement URL: https://www.contentstack.com/docs/developers/apis/content-management-api/#authentication
Secret Example: blt1234567890abcdef
Suspicious Activity Investigation Instructions:
- Review the API logs in Contentstack dashboard for unusual API calls or access patterns.
- Check for unauthorized content modifications or publishing activities.
- Monitor for unexpected asset uploads or deletions.
- Review user activity logs for suspicious login times or locations.
- Examine webhook configurations for unauthorized changes.
Mitigation Instructions:
- Log in to your Contentstack account and navigate to the Stack settings.
- Go to the "API Keys" section in your stack settings.
- Locate the compromised API key and click "Delete" or "Revoke".
- Generate a new API key with appropriate permissions.
- Update all legitimate applications and services with the new API key.
-
Consider implementing token-based authentication with shorter expiration times.
-
Enable IP restrictions for API access if not already configured.
- Review and update access policies for all users with API key management permissions.