Skip to content

Segment Write Key

Service Name: Segment

Service Description: Segment is a customer data platform (CDP) that helps businesses collect, clean, and control their customer data. It allows companies to send data to analytics tools, marketing platforms, CRMs, and other destinations with a single API.

Service Address: https://segment.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the workspace level in Segment's Access Management settings.

Secret Access Scope: Grants write access to send data to a specific Segment source. Write keys allow applications to send events, user traits, and other data to Segment for processing and distribution to connected destinations.

Secret Revokement URL: https://app.segment.com/workspaces/[workspace-id]/sources/[source-id]/settings

Secret Example: wOVEBgAkSCgzT8WDyQ9uQKxGRSdJ8kLk

Suspicious Activity Investigation Instructions:

  • Review the Segment debugger to identify unusual event patterns or unexpected data being sent.
  • Check the source's event volume in Segment to identify spikes or anomalies.
  • Examine connected destinations to see if unauthorized data is being forwarded.
  • Review IP addresses that have been using the write key in the Segment logs.
  • Check for unauthorized integrations or destinations that may have been added.

Mitigation Instructions:

  • Log in to your Segment workspace at app.segment.com.
  • Navigate to the specific source that uses the compromised write key.
  • Go to the source settings page.
  • Click on "API Keys" or "Settings" section.
  • Click "Reset Write Key" to invalidate the current key and generate a new one.
  • Update all legitimate applications with the new write key.
  • Review and update any IP restrictions in Access Management settings.
  • Audit connected destinations and remove any unauthorized integrations.