Skip to content

Crazy Egg API Key

Service Name: Crazy Egg

Service Description: Crazy Egg is a website optimization and analytics tool that provides heatmaps, scrollmaps, and other visual analytics to help understand user behavior on websites. It allows website owners to see how users interact with their pages through visual representations of clicks, scrolls, and movements.

Service Address: https://www.crazyegg.com/

Validation Type: API Auth

IP Allow list: Does not exist

Secret Access Scope: Grants programmatic access to Crazy Egg's API, allowing retrieval of heatmap data, snapshots, and other analytics information from your Crazy Egg account.

Secret Revokement URL: https://app.crazyegg.com/account-settings

Secret Example: ce1_7a8b9c0d1e2f3g4h5i6j7k8l9m0n1o2p

Suspicious Activity Investigation Instructions:

  • Review Crazy Egg account activity logs for unauthorized snapshot creations or modifications
  • Check for unexpected changes to tracking settings or heatmap configurations
  • Monitor for unusual data export activities or API calls
  • Verify if there are any new users or permissions added to your account
  • Look for changes in billing or subscription details that you did not authorize

Mitigation Instructions:

  • Log in to your Crazy Egg account at https://app.crazyegg.com/
  • Navigate to Account Settings

  • Revoke the compromised API key by generating a new one

  • Delete any unauthorized snapshots or heatmaps that may have been created
  • Review and update account password and enable two-factor authentication if

available

  • Check for and remove any unauthorized user access that may have been

granted

  • Contact Crazy Egg support if you notice any suspicious activity that you cannot

resolve