Urban Airship Master Secret
Service Name: Urban Airship (now Airship)
Service Description: Airship (formerly Urban Airship) is a customer engagement platform that helps brands create personalized mobile app experiences through push notifications, in-app messaging, SMS, email, and other channels.
Service Address: https://www.airship.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level through Airship's security settings.
Secret Access Scope: The master secret grants administrative access to an Airship application, allowing management of push notifications, audience segments, message templates, and analytics data.
Secret Revokement URL: https://docs.airship.com/api/ua/#operation/api_keys_create
Secret Example: uams_AbCdEfGhIjKlMnOpQrStUvWxYz0123456789
Suspicious Activity Investigation Instructions:
- Review the Airship dashboard for unusual push notification campaigns or message sends
- Check for unexpected changes to audience segments or message templates
- Monitor API usage logs for unusual patterns or high volumes of requests
- Verify if any new API keys or access tokens have been created
- Examine notification delivery statistics for anomalies in delivery patterns
Mitigation Instructions:
-
Log in to the Airship dashboard and navigate to Settings > API & Integrations
-
Locate the compromised master secret and click "Revoke"
- Generate a new master secret through the dashboard
- Update all legitimate applications and services with the new master secret
- Review and update IP restrictions for API access if available
- Enable two-factor authentication for all administrator accounts
- Audit all user accounts with access to the Airship dashboard and remove
unnecessary access
- Monitor for any continued unauthorized activity using the new credentials