Creating an access token in Kaspersky Security Center

An access token is a unique sequence of characters (letters, digits, and special characters) that authorizes you to use the methods of the REST API.

To create an access token:

  1. In the MDR section of Kaspersky Security Center, click the API tab.

    The API connections list appears.

  2. Click a connection with a Pending activation status.

    A block containing the connection information appears.

  3. In the JWT token field, click the Refresh button.

    A refresh token appears.

  4. Select and save the value from the Client ID field.
  5. Select and save the token's sequence of characters to the clipboard.
  6. Send a POST request to the /session/confirm endpoint.

    Replace {client_id} and {refresh_token} with the values selected and saved in the previous steps.

Example (Python):

 

###################################################

# General part

###################################################

 

import time

import datetime

import requests

import jwt

 

# The certificate is required for authentication of an external resource

# You can download the certificate from https://mdr.kaspersky.com,

# save it to your disk, and add the path to it in the variable:

VERIFY_CERT_PATH = "C:\\tools\\DigiCert Global Root G2.crt"

 

# MDR REST API URL:

API_URL = "https://mdr.kaspersky.com/api/v1"

 

# Your client's ID and your tokens.

# For details about getting your ID and the tokens, refer to the help https://support.kaspersky.com/MDR/en-US/258285.htm

CLIENT_ID = "9ed43ed54sAmpleIdf349323951f" # (Paste your value)

REFRESH_TOKEN = "ReFrEsHToKeN" # (Paste your value)

ACCESS_TOKEN = "AcCeSsToKeN" # (Paste your value)

 

 

###################################################

# Get access token and a refresh token for the next access token update

###################################################

 

if REFRESH_TOKEN:

refresh_token_exp = jwt.decode(REFRESH_TOKEN, options={"verify_signature": False}).get("exp")

print(f"REFRESH_TOKEN expiration date and time: {datetime.datetime.fromtimestamp(refresh_token_exp)}")

if refresh_token_exp > time.time():

print("REFRESH_TOKEN is actual")

else:

print(

"You should update REFRESH_TOKEN. Please take it from MDR Console (https://support.kaspersky.com/MDR/en-US/258285.htm)."

)

exit()

else:

print(

"You should fill REFRESH_TOKEN value. Please take it from MDR Console (https://support.kaspersky.com/MDR/en-US/258285.htm)."

)

exit()

 

# Check the presence and validity of the access token

need_update_access_token = False

if ACCESS_TOKEN:

access_token_exp = jwt.decode(ACCESS_TOKEN, options={"verify_signature": False}).get("exp")

print(f"ACCESS_TOKEN expiration date and time: {datetime.datetime.fromtimestamp(access_token_exp)}")

if access_token_exp > time.time():

print("ACCESS_TOKEN is actual")

else:

need_update_access_token = True

else:

need_update_access_token = True

 

# If necessary, update the access token and refresh token for the next access token update

access_token = ACCESS_TOKEN

if need_update_access_token:

request_body = {"refresh_token": REFRESH_TOKEN}

result = requests.post(url=f"{API_URL}/{CLIENT_ID}/session/confirm", json=request_body, verify=VERIFY_CERT_PATH)

result_json = result.json()

 

if "error" in result_json:

print(result_json)

exit()

 

# It is necessary to save the refresh token in order to obtain next access token after the expiration of the current access token

refresh_token = result_json["refresh_token"]

print(

f'!!! Your new REFRESH_TOKEN for the next time for request ACCESS_TOKEN (please replace value of REFRESH_TOKEN with this value): "{refresh_token}"'

)

 

# A new access token is required to retrieve the data

access_token = result_json["access_token"]

print(f'!!! Your new ACCESS_TOKEN (please replace value of ACCESS_TOKEN with this value): "{access_token}"')

 

# The access token is added to the request header

headers = {"Authorization": f"Bearer {access_token}"}

 

Example (Shell):

curl -X POST https://mdr.kaspersky.com/api/v1/{client_id}/session/confirm -H "Content-Type: application/json" -d '{"refresh_token": "{refresh_token}"}'

The REST API sends a response with the access token and a new refresh token:

{

"access_token": "SamPLET346yoKEnSamPLEToK25EnSamPLEToK35EnS",

"refresh_token": "tOKenSaMPlet259OKenS123aMPle926tOKenSaMPle"

}

Now, you can send requests to the REST API by using the access token. Each request to the REST API requires an access token; a request without an access token will return an authorization error only.

You can also create an access token in MDR Web Console.

See also:

Scenario: performing token-based authorization

Working with the REST API
Page top