Skip to content

Ghost Content API Key

Service Name: Ghost

Service Description: Ghost is an open-source, professional publishing platform designed for creating blogs, magazines, and news sites. It offers a headless CMS with a modern admin interface and a powerful API for content management.

Service Address: https://ghost.org/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the Ghost admin level through custom integrations settings.

Secret Access Scope: Content API keys grant read-only access to published content, authors, tags, and settings. They allow external applications to fetch and display content from a Ghost site.

Secret Revokement URL: https://ghost.org/docs/admin-api/#authentication (Access can be revoked through the Ghost Admin panel under Settings > Integrations)

Secret Example: 7f62b0e4f86be02a1d2a3eb14f0c7ea5fd4c2e6b3cee9ace4536c04b1d41

Suspicious Activity Investigation Instructions:

  • Review Ghost admin logs for unusual API access patterns or high request volumes
  • Check for unauthorized content access or scraping activities
  • Monitor for unusual geographic access locations
  • Verify if the API key is being used by applications not authorized by your organization
  • Review the Ghost site's traffic analytics for unusual spikes or patterns

Mitigation Instructions:

  • Log in to your Ghost Admin panel
  • Navigate to Settings > Integrations
  • Locate the integration containing the compromised Content API key
  • Click "Regenerate" to create a new API key, which invalidates the old one
  • Update all legitimate applications with the new API key
  • Consider implementing additional security measures like rate limiting
  • Review and update your API key management policies
  • Consider implementing a custom integration with more limited permissions if needed