Skip to content

LambdaTest API Key

Service Name: LambdaTest

Service Description: LambdaTest is a cloud-based cross-browser testing platform that allows developers and QA teams to test their websites and web applications across various browsers, operating systems, and devices.

Service Address: https://www.lambdatest.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the organization level through LambdaTest's security settings.

Secret Access Scope: Grants programmatic access to LambdaTest's automation testing services, including running tests, accessing test results, and managing test configurations.

Secret Revokement URL: https://accounts.lambdatest.com/profile/api-access

Secret Example: lt_a123b456c789d012e345f678g901h234

Suspicious Activity Investigation Instructions:

  • Review the LambdaTest dashboard for unusual test executions or unauthorized access.
  • Check the API usage logs for suspicious activities or unexpected test runs.
  • Monitor for tests being run from unusual locations or at unusual times.
  • Review the test history to identify any unauthorized or unexpected test configurations.
  • Check for any changes in test environment settings or configurations.

Mitigation Instructions:

  • Log in to your LambdaTest account and navigate to the profile settings.
  • Go to the API Access section in your profile.
  • Revoke the compromised API key by clicking on the "Revoke" button.
  • Generate a new API key if needed.
  • Update all legitimate applications and CI/CD pipelines with the new API key.
  • Review and update IP restrictions if available in your plan.
  • Enable two-factor authentication for your LambdaTest account if not already enabled.
  • Review and update access permissions for team members if applicable.