Skip to content

IBM Cloudant API Key

Service Name: IBM Cloudant

Service Description: IBM Cloudant is a fully managed, distributed database optimized for heavy workloads and fast-growing web and mobile applications. It's based on Apache CouchDB and provides a JSON document store with high availability, scalability, and durability.

Service Address: https://www.ibm.com/cloud/cloudant

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the service level through IBM Cloud IAM policies and network access policies.

Secret Access Scope: Grants programmatic access to IBM Cloudant databases and their associated operations including read, write, and administrative functions depending on the permissions assigned to the API key.

Secret Revokement URL: https://cloud.ibm.com/docs/Cloudant?topic=Cloudant-work-with-your-account#creating-api-keys

Secret Example: eyJraWQiOiIyMDIzMDcxMDE2NTkiLCJhbGciOiJSUzI1NiJ9.eyJpYW1faWQiOiJJQk1pZC0xMjM0NTY3ODkwIiwiaWQiOiJJQk1pZC0xMjM0NTY3ODkwIiwicmVhbG1pZCI6IklCTWlkIiwianRpIjoiYWJjZGVmMTIzNDU2Nzg5MCIsImlkZW50aWZpZXIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkNsb3VkYW50QVBJIiwic3ViIjoiY2xvdWRhbnQtYXBpIiwic3ViX3R5cGUiOiJzZXJ2aWNlSWQiLCJpYXQiOjE2MjM0NTY3ODksImV4cCI6MTYyMzQ2MDM4OX0.Signature

Suspicious Activity Investigation Instructions:

  • Review IBM Cloud Activity Tracker logs for unusual API calls or database access patterns.
  • Check for unexpected database operations, especially bulk operations or deletions.
  • Monitor for unauthorized replication attempts or changes to database permissions.
  • Examine access logs for connections from unfamiliar IP addresses or locations.
  • Review database usage metrics for unusual spikes in read/write operations.

Mitigation Instructions:

  • Log in to the IBM Cloud console.
  • Navigate to your Cloudant instance.
  • Go to Service credentials section.
  • Identify the compromised API key and delete it.
  • Create a new API key with appropriate permissions.
  • Update all legitimate applications to use the new API key.
  • Review and update IAM policies to ensure proper access controls.
  • Enable multi-factor authentication for IBM Cloud account if not already enabled.
  • Consider implementing IP allowlisting for your Cloudant instance if appropriate for your use case.