Using REST API
REST API is typically used to automate certain tasks through carefully crafted URLs. JSON Web Tokens (JWTs) are used to ensure that such requests are secure and authorized.
Details on how to use JWTs are not covered in this document.
To create your own Access Token for REST API requests:
- Go to Settings and scroll down to the API Access section.
- Enter a name for your token and click Add.
- Copy the token and store it in a safe place. Tokens created by a particular user allow for administration of the Broker up to the limits of that user's rights. This means that if the token was created by a Superadministrator, all actions performed using it will be executed with Superadministrator privileges. Once you copy the Access Token and close the pop-up, there will be no way to view this token again, so it is crucial to store it securely. If you lose the token, you will need to regenerate it
You can use this Access Token in requests, for example CURL:
curl -X GET --url https://<Secfense URL>:8002/<location> --header "ACCESS_TOKEN: <access token>"
To regenerate a token:
- Go to API Access in the Settings menu.
- Click Regenerate in the row that contains the token you are interested in. You can only regenerate your own tokens.
To delete a token:
- Go to API Access in the Settings menu.
- Click Delete in the row that contains the token you want to remove.
NOTE: unlike regeneration, you can delete any token if you are a Superadmin. This means you can remove tokens you no longer wish to be used (e.g., those created by a former employee).