DBT Cloud OAuth Client Secret
Service Name: DBT Cloud
Service Description: DBT Cloud is a managed service for data transformation that helps data teams build, test, deploy, and monitor data transformations in the cloud. It's the web-based UI and API for dbt (data build tool), which enables data analysts and engineers to transform data in their warehouses using SQL.
Service Address: https://cloud.getdbt.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level for dbt Cloud Enterprise plans.
Secret Access Scope: Grants programmatic access to DBT Cloud resources and services via OAuth authentication, allowing applications to interact with the DBT Cloud API on behalf of users.
Secret Revokement URL: https://cloud.getdbt.com/settings/service-tokens
Secret Example: dbt_cloud_oauth_secret_1a2b3c4d5e6f7g8h9i0j
Suspicious Activity Investigation Instructions:
- Review DBT Cloud audit logs for unusual API calls or resource access
- Check for unexpected changes to dbt models, jobs, or environments
- Monitor for unauthorized access to sensitive data transformations
- Examine job run history for anomalous patterns or failures
- Review IP addresses that have accessed the account through the OAuth client
Mitigation Instructions:
- Log in to your DBT Cloud account and navigate to Account Settings
-
Go to the "Service Tokens" or "API Tokens" section
-
Locate the compromised OAuth client and delete/revoke it
- Create a new OAuth client with a new secret if needed
- Review and update any applications or services using the old client secret
- Consider implementing IP restrictions for your DBT Cloud account if available on
your plan
- Enable multi-factor authentication for all users with access to DBT Cloud
- Review permissions granted to the OAuth client and adjust if necessary