Creating an authorized service token
Before you start consuming the data over the Universal REST API endpoint, you must create an authorized service token. The token is used in the header of a request for the endpoint, and also during app configuration.
About this task
- On the QRadar Console, click .
- On the Authorized Service Management page, click Add.
Add the relevant information in the following fields:
- In the Authorized Service Label field, type a name for this authorized service. The name can be up to 255 characters in length.
- From the Security Profile list, select the security profile that you want to assign to this authorized service. The security profile determines the networks and log sources that this service can access on the QRadar Console.
- From the User Role list, select the Admin user role.
- In the Expiry Settings section, type or select a date that you want this service to expire. If an expiry date is not necessary, switch the expiry toggle to Off.
The confirmation message contains a token that you need when you add an alert data source in your IBM Security QRadar Suite SaaS product. Copy the authorized service token to a text editor for secure storage. The token cannot be made visible after you close the dialog. You use the token in step 4b of Ingesting QRadar offense alerts by creating an ingestion data source.
- Close the Authorized Service Management page.
- On the Admin tab, click Deploy Changes.