Skip to content

SendGrid API Key

Service Name: SendGrid

Service Description: SendGrid is a cloud-based email delivery service that assists businesses with email delivery, primarily for marketing and transactional emails. It provides reliable email delivery, scalability, and real-time analytics.

Service Address: https://sendgrid.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through SendGrid's IP Access Management feature.

Secret Access Scope: Grants programmatic access to SendGrid's email delivery services, including sending emails, managing templates, and accessing analytics.

Secret Revokement URL: https://app.sendgrid.com/settings/api_keys

Secret Example: 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

Suspicious Activity Investigation Instructions:

  • Review the SendGrid Activity Feed for unusual email sending patterns or volumes.
  • Check for unauthorized template modifications or new templates created.
  • Monitor for changes in email delivery statistics or unusual bounce rates.
  • Review API request logs for unauthorized access or unusual API calls.
  • Check for any changes to sender authentication settings.

Mitigation Instructions:

  • Log in to your SendGrid account at https://app.sendgrid.com/.
  • Navigate to Settings > API Keys in the left sidebar.
  • Locate the compromised API key in the list.
  • Click the trash icon next to the key to delete it.
  • Create a new API key with appropriate permissions to replace the compromised one.
  • Update all legitimate applications and services to use the new API key.
  • Consider implementing IP access restrictions for your new API key.
  • Review and update your security practices for storing and handling API keys.