Creating authorized service tokens
You must create authorized service tokens to authenticate the background services that the QRadar® Advisor with Watson™ app uses to request data from your local instance of IBM® QRadar.
Before you begin
QRadar on Cloud administrators can learn how to add and manage authorized service tokens by reading https://www.ibm.com/support/knowledgecenter/SSKMKU/com.ibm.qradar.doc/c_qrocss_manageauthservices.html.
If you’re a QRadar on Cloud customer, contact Customer Support to create an authorized service token for you.
About this task
IBM QRadar requires that you use authentication tokens to authenticate the API calls that the app makes. Use the Manage Authorized Services window to create authentication tokens.
- The admin token must be assigned to a role with admin permissions.
- In order for the limited access user to use QRadar Advisor with Watson to analyze
offenses, the limited access token must be assigned a user role with the following permissions:
- Network Activity
- Log Activity
- QRadar Advisor with Watson
- Define Network Hierarchy under Delegated Administration
- View VA Data under Assets
- View Custom Rules under Offenses
- On the navigation menu ( ), click Admin.
- In the Apps section, under QRadar Advisor with Watson, click Configuration.
- Click Authorized Service Token in the QRadar Advisor with Watson Configuration wizard.
- Click the Manage Authorized Services link.
- On the Manage Authorized Services window, click Add Authorized Service.
Add the relevant information in the following fields and click Create
Service for each service (Admin and Limited) you want to create:
- In the Service Name field, type a name for this authorized service. The name can be up to 255 characters in length.
- From the User Role list, select the appropriate role for the user type.
- From the Security Profile list, select the security profile that you want to assign to this authorized service. The security profile determines the networks and log sources that this service can access on the QRadar user interface.
- In the Expiry Date list, type or select a date that you want this service to expire. If an expiry date is not necessary, select No Expiry.
- Click the row that contains the service you created, select and copy the token string from the Selected Token field in the menu bar, and close the Manage Authorized Services window.
- Deploy changes for the new authorized service tokens to take effect.
- Return to the Authorized Service Token section of the QRadar Advisor with Watson Configuration Wizard.
- Paste the Admin token string into the Admin Token field.
Paste the Limited token string into the Limited Access Token
- Click Submit.