Infisical API Token
Service Name: Infisical
Service Description: Infisical is a developer-first secret management platform that enables teams to centrally store and manage API keys, database credentials, and other secrets across applications and infrastructure.
Service Address: https://infisical.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the organization level through Infisical's access controls.
Secret Access Scope: Grants programmatic access to Infisical's API for managing secrets, users, environments, and integrations.
Secret Revokement URL: https://infisical.com/docs/api/personal-access-tokens
Secret Example: ist.2a7b9f3e-1c23-4567-89ab-cdef01234567.a1b2c3d4e5f6g7h8i9j0
Suspicious Activity Investigation Instructions:
- Review Infisical audit logs for unusual API calls or access patterns
- Check for unauthorized secret access or modifications
- Monitor for unexpected token usage from unfamiliar IP addresses
- Verify if the token was used to create new service tokens or user accounts
- Examine any integrations that may have been added or modified
Mitigation Instructions:
- Immediately revoke the compromised API token through the Infisical dashboard
- Navigate to Settings > Personal Access Tokens and delete the affected token
-
Create a new token with appropriate scopes if still needed
-
Review and rotate any secrets that may have been exposed
- Enable additional security controls such as IP restrictions if available
- Consider implementing shorter token expiration periods for future tokens
- Review access logs to identify any potential data exposure