Skip to content

Sauce Labs Access Token

Service Name: Sauce Labs

Service Description: Sauce Labs is a cloud-based testing platform that provides automated testing for web and mobile applications across various browsers, operating systems, and devices. It offers cross-browser testing, mobile app testing, and continuous integration capabilities.

Service Address: https://saucelabs.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through the Sauce Labs dashboard.

Secret Access Scope: Grants programmatic access to Sauce Labs testing infrastructure, allowing users to run automated tests, access test results, and manage testing resources.

Secret Revokement URL: https://app.saucelabs.com/user-settings

Secret Example: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Suspicious Activity Investigation Instructions:

  • Review the Sauce Labs dashboard for unusual testing activity or resource usage.
  • Check the access logs for unauthorized IP addresses or locations accessing your account.
  • Monitor for unexpected test executions or unusual patterns in test runs.
  • Review billing information for unexpected charges or resource consumption.
  • Check if any unauthorized test configurations have been created or modified.

Mitigation Instructions:

  • Log in to your Sauce Labs account at https://app.saucelabs.com/.
  • Navigate to Account > User Settings.
  • Under the "Access Key" section, click on "Reset Access Key".
  • Confirm the reset when prompted.
  • Update the access key in all legitimate applications, CI/CD pipelines, and automation scripts.
  • Review and update any IP restrictions in your account settings.
  • Enable two-factor authentication for additional security.
  • Audit team member access and remove any unnecessary user accounts.