Self Serve app API
Use the IBM® QRadar® on Cloud Self Serve app API to programatically perform administrative tasks that are related to the provisioning and configuration of your QRadar on Cloud instance.
To access the interactive API page in the Self Serve app API, click .
You can use the Swagger API page to send requests. You can also send requests outside of the API page.
Sending requests using the Swagger API page
Important: Before you can send any
POST, PUT, or DELETE requests, you
must first send a GET /security_api/get_csrf_token request to get a valid
authorization token.To get a CSRF token and send
POST/PUT/DELETE requests, follow these steps:- On the interactive API page, in the
GET /security_api/get_csrf_tokenendpoint, click GET. - Click Try it out, then click Execute.
- Copy the token value, then click Authorize.
- Paste the token in the Value field and click Authorize.
Sending requests outside of the API page
To send an API GET/POST/PUT/DELETE request to the app endpoints outside of the
interactive API page, you must pass an authorized service token in a request header. Use the QRadar on Cloud Self Serve
app to create an authorized service token.
Example:
Calling API endpoints using external services:
Requests to these endpoints from external sources should have Authorized Service Token passed to request header e.g.
curl -X POST \
'https://< console_hostname >/console/plugins/< app_id >/app_proxy/authorizedservices_api/authorized_services?label=test1&user_role_id=3&security_profile_id=1' \
-H 'SEC: < *Auth Service Token with Security Administrator user role* > ' \
-H 'accept: application/json' Expected response:
{"security_profile_id": 1, "last_used_date": null, "created_by": "QRoC Self Serve", "tenant_id": null, "label": "test1", "id": 26, "user_role_id": 3, "creation_date": 1673373549079, "expiration_date": null, "token": "2b5547bb-f2e1-4aad......"}