Zoom API Key
Service Name: Zoom Video Communications
Service Description: Zoom is a cloud-based video conferencing service that provides video and audio conferencing, chat, and webinars across mobile, desktop, and room systems.
Service Address: https://zoom.us/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level through Zoom's security settings.
Secret Access Scope: Grants programmatic access to Zoom's API endpoints, allowing management of meetings, users, accounts, and other Zoom resources.
Secret Revokement URL: https://marketplace.zoom.us/user/build
Secret Example: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdWQiOm51bGwsImlzcyI6IlpvMDFtX3NTT W15X3FaQWFBQUFBQSIsImV4cCI6MTY1MDM5MjAwMCwiaWF0IjoxNjE4ODU2MDAwfQ.8D_zXYEWG OqE8VUQKnSB-AJvaO-AjN6gxMmJhAFpU2A
Suspicious Activity Investigation Instructions:
- Review Zoom Dashboard for unusual meeting creation or user management activities
- Check API usage logs for unexpected API calls or access patterns
- Monitor for unauthorized changes to account settings or user permissions
- Review IP addresses that have accessed the API for unfamiliar locations
- Check for unusual meeting participants or unexpected webinar registrations
Mitigation Instructions:
- Log in to your Zoom account and navigate to the Zoom Marketplace
- Go to "Manage" > "Developed Apps" or "Build App"
- Select the app associated with the compromised API key
- Click on "App Credentials"
- Click "Rotate" next to the JWT Token or API Key to invalidate the current key
- Generate a new API key to replace the compromised one
- Update any applications or integrations with the new API key
- Consider implementing additional security measures such as IP restrictions
- Review and adjust the app's scopes to limit access to only necessary functions