API Clients

Note: Only users with an Administrator role can add and manage API clients.

The API Clients page allows you to view and manage the clients you have configured for integration with Cisco XDR.

Cisco XDR is built upon a collection of APIs which can be used to integrate your Cisco and third-party security products, automate the incident response process, and manage threat intelligence and security context data in a single location. For information on using the Cisco XDR APIs, see the interactive Cisco XDR API Documentation on Cisco Developer.

You can generate credentials to access the APIs programmatically for the following types of clients:

  • API Client Credentials - (Client Credentials Grant Client) are specific to the user, and you do not need to own a website.

  • OAuth Code Client Credentials - (Authorization Code Grant Client) are used to ask other users to trust your application, and you need a website to host your application.

    OAuth Code Client credentials are often used by Cisco to integrate on-premises devices or by advanced users who are building an integration with Cisco XDR.

    API Clients

  1. Choose Administration > API Clients in the navigation menu and click Generate API Client.

    Add New Client Form

  2. Enter a Client Name and optionally, choose a Client Preset from the drop-down list.

    Note: If you choose a Client Preset, all of the scopes are pre-configured for a particular function.

  3. If you did not choose a Client Preset, check the check boxes for the scopes for which you want to grant privileges to the client. You can also click Select All to grant all scopes to the client.

  4. Optionally, enter a description in the Description field and click Add New Client.

    The Client Id and Client Password are generated and are displayed in the Add New Client dialog box.

    Client Id and Password

    Note: The Client Password cannot be recovered after you close the window. Be sure to securely store it where you have access to it later, if needed. If you lose or disclose the client password, you must delete the API client and create a new one.

    The API Client is tied to your user identity. If your user identity loses privileges, then your API Client will also lose those privileges. All actions taken by the API Client will be done in your name, and recorded as your actions. If your access to the application is revoked, then your API Client will no longer be valid.

Note: When creating an OAuth Code Client, there is an auto-approve feature if all criteria is met. If some criteria is not met, the client is created but disabled until it has been approved by an Admin.

  1. Choose Administration > API Clients in the navigation menu and click Generate API Client.

    Add New Client Form

  2. Click the OAuth Code Clients tab.

  3. Enter a Client Name and optionally, choose a Client Preset from the drop-down list.

    Note: If you choose a Client Preset, all of the scopes are pre-configured for a particular function.

  4. If you did not choose a Client Preset, check the check boxes for the scopes for which you want to grant privileges to the client. You can also click Select All to grant all scopes to the client.

  5. Enter the Redirect URL that the authorization server uses to redirect back to the application.

    Note: The URL must start with https:// and should not contain the asterisk (*) character.

    Click Add another Redirect URL to enter multiple URLs.

  6. Choose the Availability from the drop-down list. You can make the client available to User or Organization.

    If you choose Organization (recommended), only members of your organization have the ability to approve the client.

    Note: If you do not select an Availability option, it is set to Organization by default.

  7. Optionally, enter a description in the Description field and click Add New Client.

    The Client Id and Client Password are generated and are displayed in the Add New Client dialog box.

    Client Id and Password

    Note: The Client Password cannot be recovered after you close the window. Be sure to securely store it where you have access to it later, if needed. If you lose or disclose the client password, you must delete the API client and create a new one.

    The API Client is tied to your user identity. If your user identity loses privileges, then your API Client will also lose those privileges. All actions taken by the API Client will be done in your name, and recorded as your actions. If your access to the application is revoked, then your API Client will no longer be valid.