Create an API token#

Create an API token in EclecticIQ Intelligence Center (EIQ IC) to programmatically authenticate through API requests.

API calls are processed as if carried out by the user that created the API token used to place the call. This means the token-creating user’s permissions and group memberships determine whether the API call can proceed and the token-creating user’s default source will be assigned to any Entities and Observables created.

Recommendation: service account

Create a new EclecticIQ Intelligence Center user to act as a service account to create tokens for each API service you use. Configure this user with the permissions, memberships, and defaults required for that API service and log in to that user to generate API tokens.

You can then update the service account’s permissions, memberships, and defaults if your usage of the associated API changes.

Create an API token#

To create an API token for a signed-in Intelligence Center user profile:

  1. Log in to EIQ IC as a user with the permissions and group memberships required for the API. If you created a service account, log in to that.

  2. In the side navigation bar, select the user’s avatar image.

  3. From the pop-up menu, select My profile.

  4. In the My profile view, select Edit on the bottom-right corner.

  5. In the Edit your profile view, browse to the API tokens section.

  6. Any existing API tokens are listed here.

  7. To create a new API token, select + Create API token.

  8. In the Create new API token dialog, enter a reader-friendly name to identify the API token.

  9. If you want the token to become invalid after a period of time, select the Select expiration date checkbox.

  10. From the drop-down menu select one of the predefined time intervals.

  11. Click Generate token to create a new API token with the selected settings.

Set your default source

When an API request creates entities or observables, the system will automatically assign a user group as its source. This assignment is based on the profile of the user who created the token used in the API request.

Set your default source to make sure the system chooses the correct one for requests made with your tokens.

Copy the API token#

After generating the API token, a confirmation dialog displays the token value in plain text.

This is a one-off action: after closing the confirmation dialog, you won’t be able to view the token value anymore.

Copy the token value and, if necessary, store it for reference.

View API tokens#

To view existing API tokens belonging to a signed-in Intelligence Center user profile:

  1. In the side navigation bar click the avatar image of your user profile.

  2. From the pop-up menu, click My profile.

  3. In the My profile view, click Edit on the bottom-right corner.

  4. In the Edit your profile view, browse to the API tokens section.

    Any existing API tokens are listed here.

    You can view the following token details: #. API token name. #. API token expiration date. #. The most recent date when the API token was last used.