Skip to content

Ghost Admin API Key

Service Name: Ghost

Service Description: Ghost is an open-source, professional publishing platform designed for creating blogs, newsletters, and digital publications. It offers a modern, minimalist interface with powerful features for content creators and publishers.

Service Address: https://ghost.org/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the Ghost Admin level through configuration settings.

Secret Access Scope: Grants full administrative access to a Ghost site, including content management, user administration, theme customization, and site settings.

Secret Revokement URL: https://ghost.org/docs/admin-api/#authentication (Admin UI → Settings → Integrations → Custom Integrations)

Secret Example: 60f4e66daf1cd9c7c1c3d7d065:d2301dc289d33c47a4440a0953e86c3070c981b87e9a541 ac88c55894d3d090a

Suspicious Activity Investigation Instructions:

  • Review Ghost admin logs for unauthorized access or suspicious activities
  • Check for unexpected content changes, user additions, or theme modifications
  • Monitor for unusual API requests in your server logs
  • Verify if any unauthorized integrations have been added
  • Check for unexpected changes to site settings or configurations

Mitigation Instructions:

  • Log in to your Ghost Admin panel
  • Navigate to Settings → Integrations → Custom Integrations
  • Delete the compromised integration or API key
  • Create a new integration with a fresh API key
  • Update any legitimate applications using the old key
  • Consider implementing IP restrictions for admin access
  • Review and update user permissions to ensure proper access controls
  • Enable two-factor authentication for all admin accounts if available