Accessing the Guardium Insights API and making API key requests

After you generate an application programming interface (API) key from the Guardium Insights settings page, you can use the key to access the API user interface and to sign requests.

Accessing the Guardium InsightsSwagger user interface

After you install and start Guardium Insights, you can find its public API at https://<hostname>/docs/vX, where:

  • vX refers to the Guardium Insights API version number (for example, v1, v2, or v3).
  • <hostname> is the hostname or IP address of the machine on which Guardium Insights is installed - if applicable, the hostname might include a port number).

To use the API, you must first create a key from within the Guardium Insights settings. You can then use the API key and key secret - or the encoded token - to sign in to https://<hostname>/docs/vX. After opening API URL, click Authorize to open the Available authorizations dialog box, and then sign in using one of these methods,

  • To sign in with the encoded token, enter it in the Value field in the ApiKeyAuth (apiKey) section of the dialog box.
  • Enter the API key in the Username field in the Basic authorization section - and enter the key secret in the Password field.

After signing in, the icon on Authorize appears as a closed lock (when not authorized, the icon appears as an open lock).

When you access the API, you can see all of the query parameters (including examples). If you authenticate to the API, you can run the API commands directly from the API user interface. To run the commands, click Try it out in the API that you are interested in and then, after completing any parameters, click Execute. The response includes the following information:

  • The cURL command that was used to get the response.
  • The request URL.
  • The response body (in JSON format) that you can retrieve by clicking Download.
  • The response header.

Creating a token header

To use the API from a command line, Guardium Insights requires a token header that includes Authorization.

  • Using the encoded token - Guardium Insights produces an encoded token that you use by adding the word Basic followed by a space ('Basic ') before the token and then you can use the token for the Authorization header.
  • Using the API key and secret - If you misplace the encoded token, you can use the API key and secret to sign requests, but you must first convert them to a Base64-encoded token. After you convert the keys, add the word Basic followed by a space ('Basic ') before you use the token for the Authorization header.

Using the token header

The Guardium Insights APIs are called from https://<hostname>/docs/vX

Guardium Insights token headers are used to create cURL requests in this manner:

curl -X GET 
"https://<hostname>/docs/vX/<api>/<parameter>" 
-H "accept: application/json" -H "Authorization: Basic <token_header>"

Where:

  • <api> is the API that you are calling.
  • <parameter> is one or more parameters as described in the API user interface (https://<hostname>/docs/vX). Examples are also provided in the user interface.
    Note: Some APIs do not include associated parameters.
  • Basic <token_header> is the token header.
Tip: If you run an API command, as described in the above section, the cURL request for that API command is included as a returned response.