Webflow API Token

Bridgecrew Policy ID: BC_GIT_75
Chekov Check ID: CKV_SECRET_75
Severity: LOW

Webflow API Token

Description

Webflow CMS API's allow developers to programmatically add, update, and delete items from Collections. Creating webhooks with the CMS API is gets Webflow to "talk" to third party applications. It lets developers programmatically add, update, and delete items from your Collections.

Fix - Buildtime

Webflow

Step 1: Revoke the token

Go to Webflow, click on your avatar
Click on the API Tokens tab
Find the token to revoke and click on the trash icon

Step 2: Monitor for abuse

Updated 4 months ago