Skip to content

OpenAI Service Account

Service Name: OpenAI

Service Description: OpenAI is an AI research and deployment company that develops advanced language models and AI technologies, offering APIs for natural language processing, image generation, and other AI capabilities.

Service Address: https://openai.com/

Validation Type: API Auth

IP Allow list: Does not exist

Secret Access Scope: Grants programmatic access to OpenAI's API services with service account permissions, allowing applications to make API calls to OpenAI's models and services.

Secret Revokement URL: https://platform.openai.com/account/api-keys

Secret Example: sk-svcacct-a1b2c3d4e5f6g7h8i9j0T3BlbkFJk1l2m3n4o5p6q7r8s9t0A

Suspicious Activity Investigation Instructions:

  • Review API usage logs in the OpenAI dashboard for unusual patterns or excessive requests
  • Check for unauthorized model access or usage beyond expected parameters
  • Monitor for API calls from unexpected geographic locations or IP addresses
  • Examine any unusual billing spikes that may indicate unauthorized usage
  • Review the types of requests being made to ensure they comply with OpenAI's usage policies

Mitigation Instructions:

  • Immediately revoke the compromised service account token in the OpenAI dashboard
  • Generate a new service account token with appropriate permissions
  • Update all applications and services using the old token
  • Implement proper secret management practices for the new token
  • Consider implementing IP restrictions if available in your infrastructure
  • Review and update access controls for who can view or use OpenAI service account tokens