Google OAuth2 Access Token
Service Name: Google OAuth 2.0
Service Description: Google OAuth 2.0 is an authentication protocol that allows third-party applications to obtain limited access to a Google user account without exposing the user's credentials.
Service Address: https://oauth2.googleapis.com/
Validation Type: -
IP Allow list: Does not exist
Secret Access Scope: Grants access to Google APIs on behalf of a user, with permissions defined by the requested scopes during authorization.
Secret Revokement URL: https://myaccount.google.com/permissions
Secret Example: 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5o6p
Suspicious Activity Investigation Instructions:
- Check Google Admin console for unauthorized API key usage or compromised user accounts.
- Review Google Cloud Console audit logs for unusual API calls or resource access.
- Examine application logs for unexpected authentication attempts or API calls.
- Check for unusual geographic access patterns in the Google account's security settings.
- Review the OAuth consent screen settings to ensure no unauthorized changes were made.
Mitigation Instructions:
- Immediately revoke the token through Google Cloud Console or Google Account settings.
- Navigate to Google Account permissions and remove access for the compromised application.
- Generate a new OAuth token with appropriate scopes if still needed.
- Review and update the application's security settings.
- Consider implementing additional security measures like IP restrictions or more granular permissions.