Skip to content

Fivetran API Key

Service Name: Fivetran

Service Description: Fivetran is a cloud-based data integration platform that automates data pipelines, enabling businesses to centralize data from various sources into a single destination for analytics and business intelligence.

Service Address: https://fivetran.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through Fivetran's security settings.

Secret Access Scope: Grants programmatic access to Fivetran's API, allowing management of connectors, destinations, and data pipelines.

Secret Revokement URL: https://fivetran.com/account/settings/api

Secret Example: 5tr4n_01234abcdefghijklmnopqrstuvwxyz

Suspicious Activity Investigation Instructions:

  • Review Fivetran logs for unusual API calls or connector modifications
  • Check for unexpected changes to data pipeline configurations
  • Monitor for new connectors or destinations created without authorization
  • Examine API usage patterns for anomalies in access times or frequency
  • Verify if there are any changes to data sync schedules or configurations

Mitigation Instructions:

  • Log in to your Fivetran account and navigate to Account Settings > API
  • Locate the compromised API key and click "Delete"
  • Generate a new API key with appropriate permissions

  • Update any legitimate applications or services using the old key

  • Review and adjust API key permissions to follow the principle of least privilege
  • Consider implementing IP restrictions for API access if not already in place
  • Enable audit logging to monitor future API key usage