Does Sophos provide any validity management for its API credentials, after its 36 months expiry?
If possible, how can we handle this situation with a SIEM application?
Does Sophos provide any validity management for its API credentials, after its 36 months expiry?
If possible, how can we handle this situation with a SIEM application?
Hi, can you please clarify exactly what you are wanting validated?
Ie., do you want proof that the creds can't access data post expiry?
Hi RichardP,
I want to know when the clientId and secret code expired after 36 months then does Sophos provide any APIs to renew the clientId and secret code.
We are in progress in the integration of Sophos with SIEM. Also, how can we distinguish when the credentials are declined due to wrong or expired?
Thanks
Hi RichardP,
I want to know when the clientId and secret code expired after 36 months then does Sophos provide any APIs to renew the clientId and secret code.
We are in progress in the integration of Sophos with SIEM. Also, how can we distinguish when the credentials are declined due to wrong or expired?
Thanks
The API token is managed through the UI - the SIEM token can be renewed there - click into it and select renew in the upper right.
An invalid auth will just return a generic 403 - we don't want to expose data through a public API like that. The Central Dashboard is the source of truth for this.