For complete details on connecting to the API, see the API documentation.
To use the API, you must have an API key associated with your account. Once you have the API Key, you will include it as a request header that uses the following format:
'Authorization': 'Bearer <api-key>'
For example, 'Authorization': 'Bearer q6kzPy7JrbAxbAer9VEL'
To create an API Key (MSV)
- Click User > User Preferences.
- Click Generate API Key (the + sign).
- Click Show Key.
You can remove or regenerate your API key. If you regenerate your API key, remember to update the request header. For more information, see the API documentation.
To create an API Key (MA-SV)
If you're a Mandiant Advantage Security Validation (MA-SV) customer, you'll need to regenerate the API token after MA-SV 5.10.2.6 is released.
- Click User > User Preferences.
- Click Generate API Key (the + sign).
- Click Copy next to the second value (the unhashed key value) and paste or record the value in a safe place.
- Click Close and the updated key (hashed value) appears in the API Key field.
- If you do not have access to the unhashed API Key, you need to regenerate the key.
- You can remove or regenerate your API key. If you regenerate your API key, remember to update the request header. For more information, see the API documentation.
JSON Web Tokens
You can also use JSON Web Tokens (JWTs) to use in place of the API key:
'Authorization': 'Bearer <JSON-Web-Token>'
For example,
'Authorization': 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IlZlcm9kaW4gVXNlciIsImlhdCI6MTUxNjIzOTAyMn0.EcyoKKCQo9UOPbdQFB7QIt-DekBlSCt3mmcE5G5dgtU'
For more information on using JSON Web Tokens, see the User Policy. For more information on using the API, see Security Validation API.