Intercom API Key
Service Name: Intercom
Service Description: Intercom is a customer messaging platform that allows businesses to communicate with prospective and existing customers within their app, on their website, through social media, or via email.
Service Address: https://www.intercom.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level for API access
Secret Access Scope: Grants programmatic access to Intercom's API, allowing management of conversations, users, companies, and other Intercom resources.
Secret Revokement URL: https://app.intercom.com/a/apps/_/developer-hub/api-keys
Secret Example: dG9rOjFhMmIzYzRkXzVlNmY3Zzho
Suspicious Activity Investigation Instructions:
- Review Intercom activity logs for unusual conversation access or user management.
- Check for unexpected changes to Intercom settings or configurations.
- Monitor for unusual API calls, especially those creating or modifying users or sending messages.
- Look for API calls from unfamiliar IP addresses or locations.
- Verify if there are any unauthorized integrations added to your Intercom account.
Mitigation Instructions:
-
Log in to your Intercom account at https://app.intercom.com/.
-
Navigate to Settings > API Keys in the Intercom dashboard.
- Identify the compromised API key.
- Click "Revoke" next to the compromised key.
- Generate a new API key if needed.
- Update the API key in all legitimate applications and services.
- Consider implementing IP restrictions for API access if not already in place.
- Review and update access permissions for team members who have access to
API keys.