Skip to content

WorkOS API Key

Service Name: WorkOS

Service Description: WorkOS is a developer platform that provides authentication, user identity, and other enterprise features that help developers quickly build enterprise-ready applications with features like Single Sign-On (SSO), Multi-Factor Authentication (MFA), Directory Sync, and more.

Service Address: https://workos.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the organization level through WorkOS Dashboard.

Secret Access Scope: Grants programmatic access to WorkOS API endpoints, allowing management of authentication, user identity, and enterprise features.

Secret Revokement URL: https://dashboard.workos.com/api-keys

Secret Example: sk_test_a1b2c3d4e5f6g7h8i9j0

Suspicious Activity Investigation Instructions:

  • Review WorkOS audit logs for unusual API calls or authentication attempts.
  • Check for unexpected changes to SSO configurations or directory connections.
  • Monitor for unusual patterns in user authentication or organization management.
  • Review API usage metrics for abnormal spikes in activity.
  • Check for unauthorized webhooks or callback configurations.

Mitigation Instructions:

  • Log in to the WorkOS Dashboard at https://dashboard.workos.com/.
  • Navigate to the API Keys section.

  • Identify the compromised API key.

  • Click on the "Revoke" or "Delete" button next to the key.
  • Generate a new API key to replace the compromised one.
  • Update all legitimate applications and services with the new API key.
  • Review and update any IP allowlists or other security configurations.
  • Consider implementing additional security measures like webhook signatures.