## Security Review Exposes Critical Gap: No Rotation Plan for CIAM's Core Social Login API Key
A critical security gap has been exposed within the platform's CIAM (Customer Identity and Access Management) infrastructure. A recent security review (SR-1) identified that the `CIAM_RELOAD_API_KEY`, a pre-shared key used to authenticate the SIGHUP sidecar for social login configuration reloads, lacks any documented rotation procedure, maximum lifetime, or mechanism to detect a compromise. This key is central to the availability of social login features, yet its management is currently ad-hoc and insecure.

The issue, logged as a security requirement by a CIAM Engineer, stems from feature platform#15 (Social Login Connections — Google OIDC). The SIGHUP sidecar relies on this shared `RELOAD_API_KEY` to trigger configuration updates in the Kratos identity service. The security review flagged the absence of a formal runbook as a significant vulnerability. While a compromised key is not a direct data breach vector, its blast radius is severe: an attacker with internal network access could trigger repeated, disruptive reloads of the OIDC configuration, causing availability outages for the social login user path.

This operational risk underscores a foundational oversight in platform security hygiene. The lack of lifecycle management for a key controlling a critical authentication pathway leaves the system vulnerable to availability attacks. The newly created story mandates the definition and implementation of a formal rotation runbook, moving the key from an unmanaged secret to a properly governed security asset. The fix is now a blocking requirement, highlighting the pressure to harden core platform dependencies against internal threat scenarios.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: security, api_key, vulnerability, identity_management, devops
- **Credibility**: unverified
- **Published**: 2026-04-06 03:26:59
- **ID**: 50972
- **URL**: https://whisperx.ai/en/intel/50972