Skip to content

Eventbrite OAuth2 Keys

Service Name: Eventbrite

Service Description: Eventbrite is an event management and ticketing platform that allows users to create, promote, and sell tickets to events and manage registrations.

Service Address: https://www.eventbrite.com/

Validation Type: API Auth

IP Allow list: Does not exist

Secret Access Scope: Grants programmatic access to Eventbrite's API, allowing applications to manage events, orders, attendees, and other Eventbrite resources on behalf of users.

Secret Revokement URL: https://www.eventbrite.com/account-settings/apps

Secret Example: PERSONAL-TOKEN-ABCDEFGHIJKLMNOPQRSTUVWXYZ123456

Suspicious Activity Investigation Instructions:

  • Review the OAuth application permissions and access history in your Eventbrite account.
  • Check for unauthorized events, changes to existing events, or unexpected ticket sales.
  • Monitor for unusual API calls or data exports from your Eventbrite account.
  • Verify if there are any new webhooks or integrations that you did not authorize.
  • Review event attendee data for any unauthorized access or exports.

Mitigation Instructions:

  • Log in to your Eventbrite account and navigate to Account Settings > Apps.
  • Locate the OAuth application with suspicious activity and revoke its access.
  • Generate new API keys if necessary.

  • Change your Eventbrite account password immediately.

  • Enable two-factor authentication for your Eventbrite account if available.
  • Review and update permissions for any remaining authorized applications.
  • Contact Eventbrite support if you suspect unauthorized access to your account.