Authenticating to and Calling the REST API

Before calling a REST API, you must authenticate your session, which involves generating access, refresh and session tokens. The REST API client uses these tokens when you call the REST API server.

You must use the Password Method to be able to authenticate and call REST APIs.

  1. To generate access tokens for SaaS in your API client, use the POST method and the following URL:

    https://<tenant-name>.cyberresprod.com/osp/a/<tenant-name>/auth/oauth2/grant
    Your <tenant-name> is part of the URL. For example, extremelyfocused is the tenant name in the following URL: https://extremelyfocused.cyberresprod.com/osp/a/extremelyfocused/auth/oauth2/grant

    Select and specify Header and Body information as follows, where:

    Authorization

    • Authorization type as Basic

    • Client_ID:Client_Secret as base64 encoded

    • Use the client ID and secret that you created when you set up access to the REST APIs.

    Header

    • Content-Type as application/x-www-form-urlencoded
    • Accept as application/json
        

      • Authorization as Basic

    Body

    • Enter grant_type as password
    • Enter Username as User ID
    • Enter password as the password of the UserID
    The server replies with the access_token, the expires_in number of seconds for the access_token validity, and a refresh_token to generate a new access token when the access token expires. To understand how to generate a new access token using the refresh_token, see Refreshing Access Tokens.


    For example:

    Server Request -

    curl --location --request POST 'https://aa.cyberresprod.com/osp/a/extremelyfocused/auth/oauth2/grant' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Accept: application/json' \
--header 'Authorization: Basic Q2xpZW50SWQ6Q2xpZW50U2VjcmV0' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'username=samantha.landry@extremelyfocused.com' \
--data-urlencode 'password=samanthapassword'

    Server Response - 

    {
"access_token":"eyJ0eXAiOiJhdCtqd3QiLCJhbGciOiJSUzI1NiIsImtpZCI6IkhCb2JINGNtS012Tld1TC1hZWNtSWNJajNFTSJ9.eyJpc3MiOiJodHRwczovL2FhLm1maWNzaWVkZXYuY29tL29zcC9hL1NFQ09QU1ROMDEvYXV0aC9vYXV0aDIiLCJleHA
iOjE2OTcwMzIwODUsIm5iZiI6MTY5NzAyODQ4NSwiaWF0IjoxNjk3MDI4NDg1LCJqdGkiOiJpeGZUQUZEWlJILXdsbTUzcUQwMWlnIiwiY2xpZW50X2lkIjoiYXV0b21hdGlvbi1vYXV0aC1jbGllbnQiLCJzdWIiOiJhc1xcLWFhLTg0NTNlMmY3MWQ0N2RkNDl
mOThlZmJhMzdkMjhjY2ZkIiwidHhuIjoid3NvOTF6Z21TWlMxYm50WldWMnVVdyIsImVtYWlsIjoiaWdhZG1pbkBzZWNvcHN0bjAxLmNvbSIsImZpcnN0X25hbWUiOiJpZ2FkbWluIiwibGFzdF9uYW1lIjoiY3VzdG9tZXIiLCJhdXRoX3NyY19pZCI6IlNFQ09
QU19MT0NBTFVTRVJTIiwiYXVkIjpbImF1dG9tYXRpb24tb2F1dGgtY2xpZW50IiwiZnVtci1HSzJabktGVzNhIiwiaWQtVkRUYzd0eVlONTBLVjM1cTFLWGtDRXpHdW82WUpMOXIiLCJyZXN0LW9hdXRoLWNsaWVudCJdLCJhdXRoX3RpbWUiOjE2OTcwMjg0ODU
sImFtciI6WyJwd2QiXSwiX3B2dCI6IkFOQUJCUUxEQUluRHVnRWdPRFExTTJVeVpqY3haRFEzWkdRME9XWTVPR1ZtWW1Fek4yUXlPR05qWm1RV2FXZGhaRzFwYmtCelpXTnZjSE4wYmpBeExtTnZiUWRKUjBGRVRVbE9FVk5GUTA5UVUxOU1UME5CVEZWVFJWSlR
DQWNXYVdkaFpHMXBia0J6WldOdmNITjBiakF4TG1OdmJSQXNOamsyTnpZeE5qUTJaRFk1Tm1VME1EY3pOalUyTXpabU56QTNNemMwTm1Vek1ETXhNbVUyTXpabU5tUUVJRGcwTlRObE1tWTNNV1EwTjJSa05EbG1PVGhsWm1KaE16ZGtNamhqWTJaa0VTQmhWMlJ
vV2tjeGNHSnJRbnBhVjA1MlkwaE9NR0pxUVhoTWJVNTJZbEU5UFFBSFNVZEJSRTFKVGdJUlUwVkRUMUJUWDB4UFEwRk1WVk5GVWxOdUFDa0F1d0EifQ.ZjbTFtoNTiWMeW-yGoo629krVXG-0vp6TFa73x4yz8zMRcx3HkuDO4tZhGktTyj2w9pOU8yrbTjWpx-S
BB2kfJ-mjZ-bhcm80MM1-KLYNL3LXipEatWx8Drr_j9a0U-M88wnqZiEq65ZmfqZoTfUTVk7YZ446aWbjovtKV2A-YoM83sI5F2ow4OlAAD8IyjJDkyH5pJXVXyKS1jPs9Kazvw8JbtOZrkzliqqpyeJ-hH5b3RrKEiAA2g4pgt50J3nC8iQkGAWY7fNRqHqLtNe
3JkJfyudQpMPYpo4GKhF55PuQpfMJYeoOwzg2oNOVCFVJdlHqZp2hcNlX7Gppt56Ug",
"token_type":"Bearer",
"expires_in":3600,
"refresh_token":"eHwAIA3qCBH_1ooIojuM4PeL4nD5kk8FGdbgB-1Mov9xkO4OO6pRaW6qLBHuTjTWkTgUXoPzzac-mic-5XYpPOCWtMhts7wjM9cl92KlHX3NPnPn9C4yUIVJnHIHWoYIj-r_8eDVdrHDs4jfb_diqHG2mJYMOHqFriV8qFtHQUJRHWmkN__
dzSgQIX_ILRw-0PPx8qaczf8TscE9ABdeGxTA_OgXPdjXeyj3N6cU4_91bQGASZ7JeCTtix0ibTrwmkKWe6tW-MLXTFYiNfdqGFCC6N8ih8OrH40FxFnbYvWzX0488ITzcPsBMsvbtb_BNg_IaMUf15QzPXLXjagbJx8HgkDJJi2KITQf8uX_x-TDUr2eWXzJTNT
7oAmF3LLE5m1gRp8jlUQvv0aABl_JpvmbFl-ptSu8WO5THhaGBWj-foxGzv_YLs8V4vhxv3TpVdnn_ZTpUyRFdA7k-EEE4ssDjZI4uQmY7R1k-k7OsioRy0Av4MH5ss7jBrJQGDeFl7Hlr-YKx5t2-bIy4C0doXzrqCSuKQKJABcbHlOeNlN5XxwCDMCMlfUb4qb
D5tmrYdUxOgIAh5nVu7k7HQXWWxtylvcilng7hvlRdTit02bIohN3Qsz9llABzcY0bVPfBYC-Zm_l84NkTrTrkNO6rgDkzKT-930AXVpNUsDyGPWHgLWe1rqxFGH5Tu7fvRXTmmfOTzclVE-tBJQA0leaw04XJvkiMF7n3COAScDPhzQNRAXwfWvAcqi3yLhCRxC
kRIFu_ND2im-MTpviqa4-ZM4UBw_XqLP9o1DjLsbZJCnAMbf8"
}

  2. To generate a session token using the access token in your API client, use the method GET and the following URL:

    https://<arcsight-saas>​​​/mgmt/api/users/me/details

    where <arcsight-saas>​​​​ represents your ArcSight SaaS product

    For example:

    https://extremelyfocused.mp.cyberresprod.com​​/mgmt/api/users/me/details

    Select and specify Header information as follows:

    Authorization

    • Authorization type as Bearer

    • Use the Access token generated in step 1

    For example:

    curl -v --location --request GET 'https://extremelyfocused.mp.cyberresprod.com/mgmt/api/users/me/details' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG
4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c'

  3. Review the documentation for REST API endpoints.

  4. Access your REST API endpoint with the session token generated in step 2 as a cookie.

    For example, to search all the dashboards owned by the logged in user ID, and the dashboards that are being shared with the logged in user ID’s role, you might use the following content:

    curl --location --request GET 'https://extremelyfocused.mp.cyberresprod.com/metadata/api/v1/dashboards' \
--header 'Cookie: SESSIONTOKEN=1E4C45F0B8DC821FF251EC17558B1ABF'