Sophos Central API Client Credential Validity Management

Jinto Varghese over 1 year ago

Does Sophos provide any validity management for its API credentials, after its 36 months expiry?

If possible, how can we handle this situation with a SIEM application?

Top Replies

RichardP over 1 year ago in reply to Jinto Varghese +1 suggested

The API token is managed through the UI - the SIEM token can be renewed there - click into it and select renew in the upper right. An invalid auth will just return a generic 403 - we don't want to expose…

Parents

0 RichardP over 1 year ago

Hi, can you please clarify exactly what you are wanting validated?
Ie., do you want proof that the creds can't access data post expiry?

RichardP

Program Manager, Support Readiness | CISSP | Sophos Technical Support
Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Jinto Varghese over 1 year ago in reply to RichardP

Hi RichardP,

I want to know when the clientId and secret code expired after 36 months then does Sophos provide any APIs to renew the clientId and secret code.

We are in progress in the integration of Sophos with SIEM. Also, how can we distinguish when the credentials are declined due to wrong or expired?

Thanks
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 RichardP over 1 year ago in reply to Jinto Varghese

The API token is managed through the UI - the SIEM token can be renewed there - click into it and select renew in the upper right.

An invalid auth will just return a generic 403 - we don't want to expose data through a public API like that. The Central Dashboard is the source of truth for this.

RichardP

Program Manager, Support Readiness | CISSP | Sophos Technical Support
Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Reject Answer

Cancel

Reply

0 RichardP over 1 year ago in reply to Jinto Varghese

The API token is managed through the UI - the SIEM token can be renewed there - click into it and select renew in the upper right.

An invalid auth will just return a generic 403 - we don't want to expose data through a public API like that. The Central Dashboard is the source of truth for this.

RichardP

Program Manager, Support Readiness | CISSP | Sophos Technical Support
Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Reject Answer

Cancel

Children

No Data