Scenario: performing token-based authorization

This scenario explains how to perform a token-based authorization in order to work with the REST API.

Prerequisites

Make sure that you have an MDR account with one of the following roles assigned:

Stages

The token-based authorization proceeds in stages:

  1. Creating a refresh token in MDR Web Console

    You need a refresh token for creating an access token. A refresh token is valid for 24 hours. You can use a refresh token only once.

  2. Creating an access token via the REST API

    You need an access token to work with the REST API. An access token is valid for 1 hour. You can use an access token multiple times during its lifetime.

    When you create an access token, the REST API generates a new refresh token and includes it in the response. When the access token expires, you can create a new access token by using the most recent API-generated refresh token.

    An API-generated refresh token is valid for 7 days.

Results

Upon completion of this scenario, you can start working with the REST API by sending requests with the access token.

See also:

Managing users

Setting access rights in Kaspersky Security Center

Page top