SendGrid Key

Description

General

• Documentation: https://sendgrid.com/docs/API_Reference/index.html
• Summary: SendGrid is a communication platform for transactional and marketing emails. It offers a REST API to programmatically send emails and perform all sort of actions with a SendGrid account. Leaking a SendGrid API key can result in malicious individuals sending emails in the name of the concerned organization.
• IPs allowlist: IP allowlisting can be set in the web application under Settings in the IP Access Management tab. This documentation provides more thorough details on the process.
• Scopes: There are three types of API keys, these are described in the Type of API keys page of the documentation.

Revoke the secret

This can be done on the SendGrid dashboard. More information can be found in the documentation.

Check for suspicious activity

SendGrid keeps security logs during one year as mentioned here. Recent access attempts are also displayed in the web application under Settings in the IP Access Management tab. This documentation page gives more details.

Details for Sendgrid

• Family: Api

• Category: Messaging system

• Company: SendGrid

• High recall: True

• Validity check available: False

• Minimum number of matches: 1

• Occurrences found for one million commits: 20.78

• Prefixed: True

• PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - sg\.

Examples

- text: 'email.config.server.password=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'
  apikey: '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'