SAP API Key
Service Name: SAP
Service Description: SAP is a leading enterprise software provider offering business applications for managing operations, finances, and customer relationships. API keys are used to authenticate and authorize access to SAP's various cloud services and APIs.
Service Address: https://www.sap.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the service level through SAP Cloud Platform security settings.
Secret Access Scope: Grants programmatic access to SAP APIs and services, allowing integration with SAP systems, data retrieval, and operations execution.
Secret Revokement URL: https://help.sap.com/docs/btp/sap-business-technology-platform/managing-api-keys
Secret Example: sap-api-key-8a7b6c5d4e3f2a1b0c9d8e7f6a5b4c3d
Suspicious Activity Investigation Instructions:
- Review SAP Cloud Platform audit logs for unusual API calls or access patterns
- Check for unexpected data transfers or operations performed through API endpoints
- Monitor for access from unusual geographic locations or outside business hours
- Examine API usage metrics for abnormal spikes in request volume
- Verify if the API key was used from unauthorized IP addresses
Mitigation Instructions:
- Log in to the SAP Cloud Platform cockpit
- Navigate to Security > API Keys section
- Locate the compromised API key
- Click "Delete" or "Revoke" to immediately invalidate the key
- Generate a new API key with appropriate scopes and restrictions
- Update all legitimate applications and services with the new API key
- Implement IP restrictions for the new API key if possible
- Consider implementing shorter expiration periods for API keys
- Review and adjust API access policies and permissions