Readme API Key

Bridgecrew Policy ID: BC_GIT_63
Chekov Check ID: CKV_SECRET_63
Severity: LOW

Readme API Key

Description

ReadMe offers a managed service for maintaining a documentation site. Each documentation site that you publish on ReadMe is a project. Within a project there is space for documentation, interactive API reference guides, a changelog, and many more features. Each project within your account is published separately.

Fix - Buildtime

Readme

If one of your API keys has been leaked or if you have any security concerns about a particular API key, we strongly recommend you rotate out your API keys. You can do so by taking the following steps:

  • Delete the exposed API key in your dashboard (there is a Delete option if you click the three dots on the right-hand side)
  • The "Edit" and "Delete" options that are available when you click the three dots on the right-hand side of an API key
  • Re-generate a new API key in its place
  • Replace any usage of the leaked API key with the new one