Zoho Creator API Key
Service Name: Zoho Creator
Service Description: Zoho Creator is a low-code application development platform that allows businesses to build custom applications without extensive coding knowledge. It enables users to create, customize, and deploy business applications through a drag-and-drop interface.
Service Address: https://www.zoho.com/creator/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level in Zoho Creator's security settings.
Secret Access Scope: Grants programmatic access to Zoho Creator applications, forms, reports, and data. Allows for CRUD operations on records, automation of workflows, and integration with other services.
Secret Revokement URL: https://accounts.zoho.com/home#security/
Secret Example: 1000.XXXXXXXXXXXXXXXXXXXXXXXXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXXX
Suspicious Activity Investigation Instructions:
- Review the API access logs in Zoho Creator admin console for unusual activity.
- Check for unexpected data modifications or exports from your Zoho Creator applications.
- Monitor for unauthorized application changes or new integrations.
- Verify if there are any new API clients or unexpected API usage patterns.
- Look for access from unusual geographic locations or IP addresses.
Mitigation Instructions:
- Log in to your Zoho account and navigate to the API Console.
- Locate the compromised API key in the list of client credentials.
- Click on the "Delete" or "Revoke" button next to the compromised key.
- Generate a new API key if needed for legitimate applications.
- Update any legitimate applications with the new API key.
- Consider implementing IP restrictions for API access in your Zoho security settings.
- Review and update access permissions for all API clients to follow the Principle of Least Privilege.
- Enable notifications for API key usage to monitor for suspicious activities.