Skip to main content

Adobe API Keys

Description#

General#

  • Documentation: https://www.adobe.io/apis/experienceplatform/console/docs.html
  • Summary: Adobe is a company specialized in creative software as well as marketing management software. They offer APIs to access their products programmatically. This detector aims at catching client_id/client_secret couples used by most of Adobe's APIs for authentication.
  • IPs allowlist: As of the time of writing this documentation, this feature is not available.
  • Scopes: Credentials are linked to a specific API.

Revoke the secret#

Credentials can be revoked via Adobe developer console, on the project's dashboard, by selecting the credentials and clicking on "Delete credential".

Check for suspicious activity#

Insights are available on the project's dashboard, they only give access to the number of API calls over time.

Details for Adobe api keys#

  • Family: Api

  • Category: Other

  • Company: Adobe

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 0.01

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions: []  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: true  ban_markup: true- type: ContentWhitelistPreValidator  patterns:  - adobelogin  - adobe\.io- type: ContentWhitelistPreValidator  patterns:  - (id|key)- type: ContentWhitelistPreValidator  patterns:  - secret

Examples#

- text: >    POST https://ims-na1.adobelogin.com/ims/exchange/jwt    api_key: "a4123cbde48947d4a06192428326d847",    client_secret: "ef123aec-8268-40ce-8c83-ab69f9564546",  client_id: a4123cbde48947d4a06192428326d847  client_secret: ef123aec-8268-40ce-8c83-ab69f9564546  # Pattern observed in historical data
- text: >    adobe.io    body: client_id=3681437dddf44013b893300cc34ecf12&client_secret=4FS-bbbEnJaXB4Cg6eaHzUBWebZUxBciaZ_O  client_id: 3681437dddf44013b893300cc34ecf12  client_secret: 4FS-bbbEnJaXB4Cg6eaHzUBWebZUxBciaZ_O  # Pattern observed when creating new credentials