GitBook API Key
Service Name: GitBook
Service Description: GitBook is a modern documentation platform where teams can document everything from products to internal knowledge bases and APIs.
Service Address: https://www.gitbook.com/
Validation Type: API Auth
IP Allow list: Does not exist
Secret Access Scope: Grants access to GitBook API, allowing management of spaces, content, and user information.
Secret Revokement URL: Does not exist
Secret Example: gb_api_1a2b3c4d5e6f7g8h9i0j1k2l3m4n5o6p7q8r9s0t
Suspicious Activity Investigation Instructions:
- Check GitBook audit logs for unauthorized access or content modifications
- Review API usage patterns for unusual activities or high volume requests
- Verify if any unauthorized spaces or content have been created or modified
- Check for any changes to user permissions or team memberships
Mitigation Instructions:
- Immediately revoke the compromised API key from your GitBook account settings
- Generate a new API key with appropriate permissions
- Update all applications or services using the old key with the new one
- Review and adjust API key permissions to follow the principle of least privilege
- Enable notifications for API key usage if available