Sanity API Token
Service Name: Sanity.io
Service Description: Sanity.io is a headless content management system (CMS) platform that provides a structured content infrastructure for digital experiences. It offers a real-time editing environment and APIs for delivering content to websites, apps, and other digital platforms.
Service Address: https://www.sanity.io/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the project level through CORS settings and API security configurations.
Secret Access Scope: Grants programmatic access to read, write, and manage content in a Sanity project. The specific permissions depend on the token type (read, write, or admin).
Secret Revokement URL: https://www.sanity.io/manage/projects
Secret Example: skQGJaXmPYOQsWEXmQLOIuODDsuIQ1JRZHlYFBMRw8j9Vn4RJpQZbN7iDgRMwXxx
Suspicious Activity Investigation Instructions:
- Review the Sanity project's audit logs for unusual content modifications or API calls.
- Check for unexpected content changes or deletions in your Sanity datasets.
- Monitor for unusual API request patterns or access from unfamiliar locations.
- Verify if there are any new users or tokens created without authorization.
- Examine the token's usage history and access patterns through Sanity's management console.
Mitigation Instructions:
- Log in to your Sanity management console at https://www.sanity.io/manage.
- Navigate to your project settings.
- Go to the "API" or "Tokens" section.
- Locate the compromised token in the list.
- Click on the "Revoke" or "Delete" button next to the token.
- Create a new token with appropriate permissions if needed.
- Update any applications or services using the old token with the new one.
- Consider implementing more restrictive CORS settings to limit access to your Sanity project.
- Review and update your token management practices to prevent future exposures.