Zapier Webhook URL
Service Name: Zapier
Service Description: Zapier is a web automation platform that connects apps and services to automate workflows. Webhook URLs in Zapier allow external systems to trigger Zaps (automated workflows) by sending data to these unique URLs.
Service Address: https://zapier.com/
Validation Type: API Auth
IP Allow list: Does not exist at the webhook level, but Zapier Premium, Professional, and Teams plans offer IP restrictions at the account level.
Secret Access Scope: Grants the ability to trigger specific Zap workflows in Zapier by sending HTTP requests to the webhook URL. Anyone with the webhook URL can trigger the associated Zap.
Secret Revokement URL: https://zapier.com/app/dashboard (Navigate to the specific Zap and disable or delete the webhook trigger)
Secret Example: https://hooks.zapier.com/hooks/catch/123456/abcdef/
Suspicious Activity Investigation Instructions:
- Review Zapier task history to identify unexpected or unusual Zap executions
- Check the payload data that was sent to the webhook URL
- Examine the timing and frequency of webhook triggers
- Verify if the actions performed by the triggered Zaps align with expected behavior
- Review connected app activity for any unauthorized actions
Mitigation Instructions:
-
Immediately disable the compromised webhook in your Zapier account
-
Create a new webhook URL for the Zap if the workflow is still needed
- Update any legitimate systems that use the webhook with the new URL
- Consider implementing additional authentication mechanisms if available
- For premium plans, implement IP restrictions to limit which IP addresses can
trigger your webhooks
- Review and update security settings for all connected apps and services
- Monitor the Zap's activity for any signs of continued unauthorized access