Webflow API Token
Service Name: Webflow
Service Description: Webflow is a visual web design platform that allows users to design, build, and launch responsive websites visually, without coding. It provides a CMS, e-commerce capabilities, and hosting services.
Service Address: https://webflow.com/
Validation Type: API Auth
IP Allow list: Does not exist at the token level, but Webflow offers site password protection and custom domain security settings.
Secret Access Scope: Grants programmatic access to Webflow sites, allowing management of sites, pages, collections, items, and e-commerce functionality depending on the token's scope.
Secret Revokement URL: https://webflow.com/dashboard/account/integrations
Secret Example: d47f7c9c1e1f1e1f1e1f1e1f1e1f1e1f1e1f1e1f1e1f1e1f1e1f1e1f1e1f
Suspicious Activity Investigation Instructions:
- Review the Webflow site activity logs for unusual changes or content modifications.
- Check for unauthorized site publications or deployments.
- Monitor for unexpected changes to collections, CMS items, or e-commerce settings.
- Review API usage logs for unusual patterns or high-volume requests.
- Check for new team members or collaborators that were not authorized.
Mitigation Instructions:
- Log in to your Webflow account at https://webflow.com/dashboard.
- Navigate to Account Settings > Integrations.
- Locate the compromised API token.
- Click "Revoke" next to the token to immediately invalidate it.
- Generate a new API token with appropriate scopes if needed.
- Review site permissions and remove any unauthorized collaborators.
- Enable two-factor authentication for your Webflow account if not already enabled.
- Consider implementing site password protection for additional security.