Create an API token#
Create an API token in EclecticIQ Intelligence Center to programmatically authenticate through API requests.
API calls are processed as if carried out by the user that created the API token used to place the call. This means the token-creating user’s permissions and group memberships determine whether the API call can proceed and the token-creating user’s default source will be assigned to any Entities and Observables created.
Recommendation: service account
Create a new EclecticIQ Intelligence Center user to act as a service account to create tokens for each API service you use. Configure this user with the permissions, memberships, and defaults required for that API service and log in to that user to generate API tokens.
You can then update the service account’s permissions, memberships, and defaults if your usage of the associated API changes.
Create an API token#
Log in to EclecticIQ Intelligence Center (EIQ IC) as a user with the permissions and group memberships required for the API.
If you created a service account, log in to that.In the side navigation bar, select the user’s avatar image.
From the pop-up menu, select My profile.
In the My profile view, select Edit on the bottom-right corner.
In the Edit your profile view, browse to the API tokens section.
Any existing API tokens are listed here.
To create a new API token, select + Create API token.
In the Create new API token dialog, enter a reader-friendly name to identify the API token.
If you want the token to become invalid after a period of time, select the Select expiration date checkbox.
From the drop-down menu select one of the predefined time intervals.
Click Generate token to create a new API token with the selected settings.
Set your default source
When an API request creates entities
or observables, the system will automatically
assign a user group as its source. This assignment
is based on the profile of the user who created
the token used in the API request.
Select the default source for the user account you generated a token with to make sure the system chooses the correct source for requests made the token.
Copy the API token#
After generating the API token, a confirmation dialog displays the token value in plain text.
This is a one-off action: after closing the confirmation dialog, you won’t be able to view the token value anymore.
Copy the token value and, if necessary, store it for reference.
View API tokens#
To view existing API tokens belonging to a signed-in Intelligence Center user profile:
In the side navigation bar click the avatar image of your user profile.
From the pop-up menu, click My profile.
In the My profile view, click Edit on the bottom-right corner.
In the Edit your profile view, browse to the API tokens section.
Any existing API tokens are listed here.
You can view the following token details: #. API token name. #. API token expiration date. #. The most recent date when the API token was last used.