FreshBooks OAuth Token
Service Name: FreshBooks
Service Description: FreshBooks is a cloud-based accounting software service designed for small businesses and freelancers. It provides tools for invoicing, expense tracking, time tracking, project management, and financial reporting.
Service Address: https://www.freshbooks.com/
Validation Type: API Auth
IP Allow list: Does not exist at the token level, but IP restrictions can be configured at the account level through account settings.
Secret Access Scope: Grants programmatic access to FreshBooks accounting data including invoices, expenses, clients, projects, and financial reports based on the OAuth scopes requested during authorization.
Secret Revokement URL: https://my.freshbooks.com/#/developer
Secret Example: 1000.abcd1234efgh5678ijkl9012mnop3456qrst7890uvwx
Suspicious Activity Investigation Instructions:
- Review the FreshBooks account activity log for unusual login attempts or actions
- Check for unexpected API calls or data access patterns in your application logs
- Verify if there are any unauthorized changes to invoices, clients, or payment information
- Monitor for unusual data export activities or bulk operations
- Check if any new API integrations have been added to the account
Mitigation Instructions:
-
Log in to your FreshBooks account and navigate to Settings > Developer Portal
-
Locate the compromised OAuth token in the list of authorized applications
- Click "Revoke Access" next to the compromised token
- Generate a new OAuth token for legitimate applications that need access
- Update your application configuration with the new token
- Consider enabling two-factor authentication for your FreshBooks account
- Review and update password policies for all users with access to the account
- Monitor account activity for any signs of continued unauthorized access