Trello Token
Service Name: Trello
Service Description: Trello is a web-based, Kanban-style, list-making application that is used for project management, task management, and collaboration. It allows users to create boards, lists, and cards to organize and prioritize projects.
Service Address: https://trello.com/
Validation Type: API Auth
IP Allow list: Does not exist at the token level, but Trello Enterprise offers IP restriction capabilities at the organization level.
Secret Access Scope: Grants programmatic access to Trello boards, lists, cards, and other resources associated with the user account. Depending on the token permissions, it can allow reading, writing, and administration of Trello resources.
Secret Revokement URL: https://trello.com/app-key
Secret Example: 7a366b0eb5b8e7ce375448a99000dbf115f69eb71be88e57e289f47a20d5f892
Suspicious Activity Investigation Instructions:
- Review the Trello account activity log for unusual actions or board modifications
- Check for unauthorized board access or unexpected team members
- Monitor for creation of new boards, cards, or lists that weren't authorized
- Examine API usage logs for unusual patterns or high-volume requests
- Verify if any integrations or power-ups were added without authorization
Mitigation Instructions:
- Log in to your Trello account and navigate to https://trello.com/app-key
-
Scroll down to the "Token" section
-
Click "Revoke" next to the compromised token
- Generate a new token with appropriate permissions if needed
- Review all boards and check for any unauthorized changes
- Consider enabling two-factor authentication for your Trello account
- For Enterprise users, implement IP restrictions if available
- Review and audit all third-party applications connected to your Trello account