Intercom Webhook Secret
Service Name: Intercom
Service Description: Intercom is a customer messaging platform that allows businesses to communicate with prospective and existing customers within their app, on their website, through social media, or via email.
Service Address: https://www.intercom.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level in Intercom's security settings.
Secret Access Scope: Webhook secrets are used to verify that webhook requests sent to your servers are genuinely from Intercom. They help secure the communication between Intercom and your application by allowing you to validate incoming webhook payloads.
Secret Revokement URL: https://app.intercom.com/a/apps/_/developer-hub/webhooks
Secret Example: whsec_8sdfy38yvb387yv387yv387yv387yv38
Suspicious Activity Investigation Instructions:
- Review your application logs for unexpected webhook calls from Intercom.
- Check for unauthorized changes to your webhook configurations in the Intercom Developer Hub.
- Monitor for any unusual data access patterns or unexpected webhook events.
- Verify that webhook payloads are being properly validated with the secret.
- Check if there are any unexpected integrations or data exports configured in your Intercom account.
Mitigation Instructions:
- Log into your Intercom account and navigate to the Developer Hub.
- Go to the Webhooks section.
- Locate the compromised webhook and click on it.
- Click "Regenerate secret" to create a new webhook secret.
- Update your application code with the new webhook secret.
- Consider implementing additional security measures such as IP restrictions.
- Review and update your webhook endpoints to ensure they properly validate incoming requests.
- Audit all webhook configurations to ensure they are necessary and properly secured.