How To
Summary
Apps use authorization service tokens to authorize access to QRadar resources.
Configure authorization parameters in the authentication section of the manifest file. The only mandatory entry is for the requested_capabilities. When an application with this authorization parameter is installed via extension management the app will not be created until authorization is completed through the Application Assistant App.
Steps
The following example shows the authentication section in the manifest file.
"authentication": {
"oauth2": {
"authorisation_flow": "CLIENT_CREDENTIALS",
"requested_capabilities": [
"SEM"
]
}
}
The authorisation_flow entry is optional. The only accepted value is CLIENT_CREDENTIALS
If the authorization is not configured as CLIENT_CREDENTIALS, the installation fails and returns the following message:
OAuth flow type X is not currently supported
The requested_capabilities must contain at least one entry. It provides the capability or permissions that the app needs to function in QRadar. The app installation fails if the requested_capabilities capability that is configured is not listed in QRadar.
The user would navigate to the Application Assistant app and select a user which has the capabilities requested by the app e.g. a user with the SEM capability from the example above.
On selecting authorization the instance will be created along with an authorized service token matching the app instance id and the selected user's role. The app will then have access to that authorized service token for making QRadar resource requests
Note: Authorized service creation requires a deploy so after an app installation the user will need to perform a deploy to enable the authorized service token
Document Location
Worldwide
Was this topic helpful?
Document Information
Modified date:
30 March 2021
UID
ibm16437491