Creating an access token in Kaspersky Security Center

Managing the solution through the REST API > Creating an access token in Kaspersky Security Center

Creating an access token in Kaspersky Security Center

An access token is a unique sequence of characters (letters, digits, and special characters) that authorizes you to use the methods of the REST API.

To create an access token:

In the MDR section of Kaspersky Security Center, click the API tab.
The API connections list appears.
Click a connection with a Pending activation status.
A block containing the connection information appears.
In the JWT token field, click the Refresh button.
A refresh token appears.
Select and save the value from the Client ID field.
Select and save the token's sequence of characters to the clipboard.
Send a POST request to the /session/confirm endpoint.
Replace {client_id} and {refresh_token} with the values selected and saved in the previous steps.

Example (Python):

###################################################
# General part
###################################################
 
import time
import datetime
import requests
import jwt
 
# The certificate is required for authentication of an external resource
# You can download the certificate from https://mdr.kaspersky.com,
# save it to your disk, and add the path to it in the variable:
VERIFY_CERT_PATH = "C:\\tools\\DigiCert Global Root G2.crt"
 
# MDR REST API URL:
API_URL = "https://mdr.kaspersky.com/api/v1"
 
# Your client's ID and your tokens.
# For details about getting your ID and the tokens, refer to the help  https://support.kaspersky.com/MDR/en-US/258285.htm
CLIENT_ID = "9ed43ed54sAmpleIdf349323951f"  # (Paste your value)
REFRESH_TOKEN = "ReFrEsHToKeN"  # (Paste your value)
ACCESS_TOKEN = "AcCeSsToKeN"  # (Paste your value)
 
 
###################################################
# Get access token and a refresh token for the next access token update
###################################################
 
if REFRESH_TOKEN:
    refresh_token_exp = jwt.decode(REFRESH_TOKEN, options={"verify_signature": False}).get("exp")
    print(f"REFRESH_TOKEN expiration date and time: {datetime.datetime.fromtimestamp(refresh_token_exp)}")
    if refresh_token_exp > time.time():
        print("REFRESH_TOKEN is actual")
    else:
        print(
            "You should update REFRESH_TOKEN. Please take it from MDR Console (https://support.kaspersky.com/MDR/en-US/258285.htm)."
        )
        exit()
else:
    print(
        "You should fill REFRESH_TOKEN value. Please take it from MDR Console (https://support.kaspersky.com/MDR/en-US/258285.htm)."
    )
    exit()
 
# Check the presence and validity of the access token
need_update_access_token = False
if ACCESS_TOKEN:
    access_token_exp = jwt.decode(ACCESS_TOKEN, options={"verify_signature": False}).get("exp")
    print(f"ACCESS_TOKEN expiration date and time: {datetime.datetime.fromtimestamp(access_token_exp)}")
    if access_token_exp > time.time():
        print("ACCESS_TOKEN is actual")
    else:
        need_update_access_token = True
else:
    need_update_access_token = True
 
# If necessary, update the access token and refresh token for the next access token update
access_token = ACCESS_TOKEN
if need_update_access_token:
    request_body = {"refresh_token": REFRESH_TOKEN}
    result = requests.post(url=f"{API_URL}/{CLIENT_ID}/session/confirm", json=request_body, verify=VERIFY_CERT_PATH)
    result_json = result.json()
 
    if "error" in result_json:
        print(result_json)
        exit()
 
    # It is necessary to save the refresh token in order to obtain next access token after the expiration of the current access token
    refresh_token = result_json["refresh_token"]
    print(
        f'!!! Your new REFRESH_TOKEN for the next time for request ACCESS_TOKEN (please replace value of REFRESH_TOKEN with this value): "{refresh_token}"'
    )
 
    # A new access token is required to retrieve the data
    access_token = result_json["access_token"]
    print(f'!!! Your new ACCESS_TOKEN (please replace value of ACCESS_TOKEN with this value): "{access_token}"')
 
# The access token is added to the request header
headers = {"Authorization": f"Bearer {access_token}"}

Example (Shell):

curl -X POST https://mdr.kaspersky.com/api/v1/{client_id}/session/confirm -H "Content-Type: application/json" -d '{"refresh_token": "{refresh_token}"}'

The REST API sends a response with the access token and a new refresh token:

{
"access_token": "SamPLET346yoKEnSamPLEToK25EnSamPLEToK35EnS",
"refresh_token": "tOKenSaMPlet259OKenS123aMPle926tOKenSaMPle"
}

Now, you can send requests to the REST API by using the access token. Each request to the REST API requires an access token; a request without an access token will return an authorization error only.

You can also create an access token in MDR Web Console.