Firebase API Key
Service Name: Firebase
Service Description: Firebase is a platform developed by Google for creating mobile and web applications. It provides tools for tracking analytics, reporting and fixing app crashes, creating marketing and product experiments, and more.
Service Address: https://firebase.google.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured through Firebase Console under Project Settings > Service accounts > API keys
Secret Access Scope: Grants access to Firebase services including authentication, database, storage, and other Firebase features. The level of access depends on the specific Firebase project settings.
Secret Revokement URL: https://console.firebase.google.com/project/_/settings/serviceaccounts/adminsdk
Secret Example: AIzaSyC-xVT9qqgUZGBGGHvf_XWA9lZYm9gF7Xw
Suspicious Activity Investigation Instructions:
- Review Firebase Console logs for unusual authentication attempts or data access patterns
- Check Firebase Authentication logs for unexpected user sign-ins
- Monitor Firebase Realtime Database or Firestore for unexpected data modifications
- Review Firebase Storage for unauthorized file uploads or downloads
- Check Firebase Functions logs for unexpected executions
- Examine Firebase Analytics for unusual traffic patterns or user behavior
Mitigation Instructions:
- Navigate to the Firebase Console and select your project
- Go to Project Settings > Service accounts
- Locate the compromised API key and click "Revoke"
- Generate a new API key if needed
- Update all legitimate applications with the new API key
- Consider implementing Firebase App Check to prevent abuse
- Set up Firebase Security Rules to restrict access to your Firebase resources
- Configure API key restrictions in the Google Cloud Console to limit which APIs
can be called
- Consider implementing domain restrictions to limit where your API key can be
used from