Skip to content

New Relic Admin Key

Service Name: New Relic

Service Description: New Relic is an observability platform that helps engineers plan, build, deploy, and run software. It provides application performance monitoring, infrastructure monitoring, digital experience monitoring, and applied intelligence capabilities.

Service Address: https://newrelic.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through New Relic's security settings.

Secret Access Scope: Admin API keys grant full access to New Relic's REST API endpoints, allowing users to manage account settings, users, dashboards, alerts, and access all monitoring data.

Secret Revokement URL: https://one.newrelic.com/admin-portal/api-keys

Secret Example: NRAK-3EXAMPLE7EXAMPLE2EXAMPLE1EXAMPLEKEY

Suspicious Activity Investigation Instructions:

  • Review the New Relic audit logs for unusual API calls or access patterns
  • Check for unauthorized user additions or permission changes in your New Relic account
  • Monitor for unexpected changes to alert policies, dashboards, or monitoring configurations
  • Examine API usage patterns for unusual data extraction or configuration changes
  • Review IP addresses that have been accessing your New Relic account

Mitigation Instructions:

  • Log in to your New Relic account and navigate to the API keys management

page

  • Identify the compromised API key and immediately delete it
  • Create a new API key with appropriate permissions if needed
  • Review all account users and remove any unauthorized additions
  • Enable two-factor authentication for all users if not already enabled
  • Consider implementing IP restrictions for API access
  • Review and revert any unauthorized changes to your monitoring configurations
  • Update any applications or services using the revoked key with the new key