SparkPost API Key
Service Name: SparkPost
Service Description: SparkPost is an email delivery service that provides email sending, receiving, and analytics capabilities. It offers a cloud-based email delivery platform for transactional and marketing emails with features for tracking, analytics, and deliverability optimization.
Service Address: https://www.sparkpost.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured in the SparkPost account settings to limit which IP addresses can use your API keys.
Secret Access Scope: Grants programmatic access to SparkPost's email delivery services, including sending emails, retrieving analytics data, managing templates, and configuring account settings based on the permissions assigned to the key.
Secret Revokement URL: https://app.sparkpost.com/account/api-keys
Secret Example: d3ce4dce8bf7a2f68d2196157da24841b5216802
Suspicious Activity Investigation Instructions:
- Review the SparkPost dashboard for unusual email sending patterns or volume spikes.
- Check the API usage logs for unauthorized API calls or unusual endpoints being accessed.
- Monitor for unexpected changes to templates, sending domains, or webhook configurations.
- Examine recipient engagement metrics for signs of spam complaints or unusual bounce rates.
- Review IP reputation scores for any degradation that might indicate abuse.
Mitigation Instructions:
- Log in to your SparkPost account at https://app.sparkpost.com/.
- Navigate to Account → API Keys.
- Locate the compromised API key in the list.
- Click the "Delete" button next to the key to immediately revoke it.
- Create a new API key with appropriate permissions to replace the compromised one.
- Update your applications with the new API key.
- Review your account for any unauthorized changes or configurations that may have been made.
- Consider enabling two-factor authentication for your SparkPost account if not already enabled.