Sentry Organization Auth Token
Service Name: Sentry
Service Description: Sentry is an application monitoring and error tracking software that helps developers identify and fix crashes in real-time. It provides detailed error reports and helps teams prioritize fixes based on user impact.
Service Address: https://sentry.io/
Validation Type: API Auth
IP Allow list: Does not exist
Secret Access Scope: Grants access to Sentry organization resources, including projects, teams, and members within the organization.
Secret Revokement URL: https://sentry.io/settings/account/api/auth-tokens/
Secret Example: sntrys_eyJpYXQiOjE2MTIzNDU2Nzg5MCwiZXhwIjoxNjEyMzQ1Njc4OTAsInNjb3BlcyI6WyJwcm9qZWN0OndyaXRlIiwib3JnOnJlYWQiXX0=_ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345
Suspicious Activity Investigation Instructions:
- Check Sentry audit logs for unauthorized access or changes to organization settings.
- Review project activity for unusual error reporting patterns or data access.
- Verify if any new team members or integrations were added without authorization.
- Check for unusual API calls or data exports from the organization.
- Monitor for changes to notification settings or webhooks.
Mitigation Instructions:
- Immediately revoke the compromised token in the Sentry dashboard.
- Navigate to Sentry Auth Tokens.
- Find the compromised token and select Revoke.
- Create a new token with appropriate scopes if needed.
- Review organization audit logs for any unauthorized actions taken with the compromised token.
- Update any applications or services using the token with the new token value.
- Consider implementing IP restrictions for API access if available.