Netlify Git Gateway Key
Service Name: Netlify Git Gateway
Service Description: Netlify Git Gateway is a feature of Netlify that provides a secure way to connect your site's content management system (CMS) to your Git repository, allowing content editors to make changes without needing direct Git access.
Service Address: https://www.netlify.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the Netlify site level through the Netlify dashboard.
Secret Access Scope: Grants access to manage content through Netlify CMS, allowing users to make changes to Git repositories connected to a Netlify site without needing direct Git credentials.
Secret Revokement URL: https://app.netlify.com/sites/[your-site-name]/settings/identity#services
Secret Example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MjE1NjY0NDUsInN1YiI6IjEyMzQ1Njc4OTAiLCJlbWFpbCI6ImV4YW1wbGVAbmV0bGlmeS5jb20iLCJhcHBfbWV0YWRhdGEiOnsicHJvdmlkZXIiOiJnaXRodWIiLCJyZXBvIjoibmV0bGlmeS9uZXRsaWZ5LWNtcyJ9LCJ1c2VyX21ldGFkYXRhIjp7ImF2YXRhcl91cmwiOiJodHRwczovL2F2YXRhcnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3UvMTIzNDU2Nz92PTQiLCJmdWxsX25hbWUiOiJFeGFtcGxlIFVzZXIifX0.Q5R4p-ZFGdP_gTuYl2MoAHZTenP-JGghj-mCvQDYjkQ
Suspicious Activity Investigation Instructions:
- Review Git repository commit history for unauthorized changes.
- Check Netlify deploy logs for unusual deployment patterns.
- Monitor CMS activity logs for unexpected content modifications.
- Verify identity management settings in Netlify to ensure only authorized users have access.
- Review Git Gateway settings and connected services for any unauthorized changes.
Mitigation Instructions:
- Disable Git Gateway in your Netlify site settings immediately.
- Generate a new Git Gateway token by re-enabling the service.
- Review and update user access permissions in your Netlify Identity settings.
- Enable two-factor authentication for all Netlify admin accounts.
- Consider implementing branch protection rules in your Git repository to prevent direct pushes to production branches.
- Audit and update webhook settings to ensure they're properly secured.
- Review Git Gateway logs to understand the scope of any potential breach.