BigID API/API Tutorial: Difference between revisions

From BigID Developer Portal
Line 24: Line 24:


<syntaxhighlight lang="text">
<syntaxhighlight lang="text">
test
{
    "success": true,
    "message": "Enjoy your token!",
    "auth_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX25hbWUiOiJiaWdpZCIsInR5cGUiOiJhY2Nlc3MtdG9rZW4iLCJyb2xlSWRzIjpbIjVkOTNlODYwNWJjODhlMDAxYWY4MjhjMyJdLCJpc0FkbWluIjp0cnVlLCJpYXQiOjE2MzQxNjYyNzQsImV4cCI6MTYzNDI1MjY3NH0.26w4heuqd2D48E3AggFUKdfGbG2rIYsFlhOqzOZiOec",
    "username": "bigid",
    "firstName": "BigID Admin",
    "permissions": [
        "admin",
        "permission.tasks.edit",
        "permission.tasks.read_task_list",
        "permission.dashboard.access",
        "permission.inventory.access",
        "permission.inventory.read",
        "permission.inventory.export_objects",
        "permission.inventory.export_attributes",
        "permission.inventory.investigate_attributes",
        "permission.inventory.export_entities",
        "permission.inventory.read_entities",
        "permission.correlation.access",
        "permission.correlation.read",
        "permission.correlation.manage",
        "permission.clusterAnalysis.access",
        "permission.clusterAnalysis.read",
        "permission.clusterAnalysis.edit",
        "permission.clusterAnalysis.export_objects",
        "permission.aciAnalysis.read",
        "permission.classification.access",
        "permission.classification.read",
        "permission.catalog.access",
        "permission.catalog.read",
        "permission.catalog.export",
        "permission.catalog.investigate",
        "permission.catalog.manual_fields.edit",
        "permission.catalog.manual_fields.read",
        "permission.catalog.business_attributes.edit",
        "permission.catalog.business_attributes.read",
        "permission.catalog.business_attributes.auto_populate",
        "permission.catalog.decrypt",
        "permission.catalog.manage_preview_file",
        "permission.catalog.tags.assign",
        "permission.policies.access",
        "permission.policies.read",
        "permission.policies.edit",
        "permission.policies.delete",
        "permission.policies.create",
        "permission.policies.test",
        "permission.scanResultsDetails.access",
        "permission.scanResultsDetails.read",
        "permission.scanResultsDetails.export",
        "permission.scanResultsDetails.edit",
        "permission.scanResultsDetails.edit_confidence_threshold",
        "permission.scanResultsDetails.edit_confidence_level",
        "permission.reports.access",
        "permission.reports.read_activity_highlights",
        "permission.reports.read_scan_result_summary",
        "permission.reports.export_scan_files",
        "permission.reports.export_data_custodian",
        "permission.reports.export_files_attribute_distribution",
        "permission.reports.export_failed_object",
        "permission.reports.export_labeling_propagation",
        "permission.reports.export_usage",
        "permission.dataSources.access",
        "permission.dataSources.read",
        "permission.dataSources.edit",
        "permission.dataSources.create",
        "permission.dataSources.delete",
        "permission.dataSources.export",
        "permission.dataSources.import",
        "permission.dataSources.test",
        "permission.dataSources.delete_findings",
        "permission.correlationSets.access",
        "permission.correlationSets.read",
        "permission.correlationSets.edit",
        "permission.correlationSets.delete",
        "permission.correlationSets.create",
        "permission.correlationSets.export",
        "permission.correlationSets.import",
        "permission.correlationSets.test",
        "permission.secondarySources.access",
        "permission.secondarySources.read",
        "permission.secondarySources.edit",
        "permission.secondarySources.delete",
        "permission.secondarySources.create",
        "permission.secondarySources.run",
        "permission.applicationSetup.access",
        "permission.applicationSetup.read",
        "permission.applicationSetup.edit",
        "permission.applicationSetup.create",
        "permission.applicationSetup.delete",
        "permission.classifiers.access",
        "permission.classifiers.read",
        "permission.classifiers.edit",
        "permission.classifiers.create",
        "permission.classifiers.export",
        "permission.classifiers.import",
        "permission.classifiers.delete",
        "permission.credentials.access",
        "permission.credentials.read",
        "permission.credentials.edit",
        "permission.credentials.create",
        "permission.credentials.test",
        "permission.credentials.delete",
        "permission.certificates.access",
        "permission.certificates.read",
        "permission.certificates.edit",
        "permission.certificates.create",
        "permission.certificates.delete",
        "permission.tagsSavedQueries.access",
        "permission.tagsSavedQueries.read",
        "permission.tagsSavedQueries.edit",
        "permission.tagsSavedQueries.create",
        "permission.tagsSavedQueries.delete",
        "permission.tags.access",
        "permission.tags.read",
        "permission.tags.edit",
        "permission.tags.create",
        "permission.tags.delete",
        "permission.scanWindows.access",
        "permission.scanWindows.read",
        "permission.scanWindows.edit",
        "permission.scanWindows.create",
        "permission.scanWindows.delete",
        "permission.accessManagement.access",
        "permission.accessManagement.read",
        "permission.accessManagement.manage",
        "permission.accessManagement.read_on_behalf",
        "permission.accessManagement.idp.read",
        "permission.accessManagement.idp.manage",
        "permission.actionCenter.access",
        "permission.actionCenter.actions.access",
        "permission.actionCenter.actions.read",
        "permission.actionCenter.actions.create",
        "permission.actionCenter.actions.delete",
        "permission.actionCenter.actions.edit",
        "permission.actionCenter.audit.access",
        "permission.actionCenter.audit.read",
        "permission.audit.access",
        "permission.audit.read",
        "permission.audit.export",
        "permission.generalSettings.access",
        "permission.generalSettings.business_glossary.read",
        "permission.generalSettings.business_glossary.edit",
        "permission.generalSettings.business_glossary.create",
        "permission.generalSettings.business_glossary.export",
        "permission.generalSettings.business_glossary.import",
        "permission.generalSettings.business_glossary.delete",
        "permission.generalSettings.email_setup.read",
        "permission.generalSettings.email_setup.manage",
        "permission.generalSettings.ignored_lists.read",
        "permission.generalSettings.ignored_lists.edit",
        "permission.generalSettings.ignored_lists.create",
        "permission.generalSettings.ignored_lists.delete",
        "permission.generalSettings.license.read",
        "permission.generalSettings.license.edit",
        "permission.scans.access",
        "permission.scans.scan_profiles.read",
        "permission.scans.scan_profiles.edit",
        "permission.scans.scan_profiles.create",
        "permission.scans.scan_profiles.delete",
        "permission.scans.scan_profiles.run",
        "permission.scans.scan_activity.read",
        "permission.scans.scan_activity.edit",
        "permission.advancedTools.access",
        "permission.advancedTools.edit_clear_entities_cache",
        "permission.advancedTools.delete_delete_pii_data",
        "permission.advancedTools.delete_delete_findings",
        "permission.advancedTools.edit_services_logs",
        "permission.advancedTools.system_health.read",
        "permission.advancedTools.system_health.manage",
        "permission.advancedTools.system_health.run",
        "permission.advancedTools.services_configuration.edit",
        "permission.advancedTools.services_configuration.read",
        "permission.advancedTools.delete_delete_clusters_results",
        "permission.advancedTools.export_download_docvecs_result",
        "permission.advancedTools.export_scan_result",
        "permission.advancedTools.export_stream_collections",
        "permission.dataRightsFulfillment.access",
        "permission.dataRightsFulfillment.request.read",
        "permission.dataRightsFulfillment.request.export",
        "permission.dataRightsFulfillment.request.submit",
        "permission.dataRightsFulfillment.request.stop",
        "permission.dataRightsFulfillment.request.delete",
        "permission.dataRightsFulfillment.request.manage",
        "permission.dataRightsFulfillment.deletion_validation.read",
        "permission.dataRightsFulfillment.deletion_validation.manage",
        "permission.dataRightsFulfillment.deletion_validation.stop",
        "permission.dataRightsFulfillment.audit.read",
        "permission.dataRightsFulfillment.audit.export",
        "permission.dataRightsFulfillment.profile_settings.read",
        "permission.dataRightsFulfillment.profile_settings.edit",
        "permission.dataRightsFulfillment.profile_settings.create",
        "permission.dataRightsFulfillment.profile_settings.delete",
        "permission.dataRightsFulfillment.profile_settings.export",
        "permission.dataRightsFulfillment.profile_settings.import",
        "permission.dataRightsFulfillment.privacy_portal_settings.manage",
        "permission.dataRightsFulfillment.personal_information.read",
        "permission.dataRightsFulfillment.personal_information.edit",
        "permission.dataRightsFulfillment.personal_information.run",
        "permission.dataRightsFulfillment.request.access",
        "permission.dataRightsFulfillment.attributes_enrichment_settings.read",
        "permission.dataRightsFulfillment.attributes_enrichment_settings.edit",
        "permission.dataRightsFulfillment.report_templates.read",
        "permission.dataRightsFulfillment.report_templates.edit",
        "permission.consentGovernance.access",
        "permission.consentGovernance.consent_sources.read",
        "permission.consentGovernance.consent_sources.edit",
        "permission.consentGovernance.consent_sources.create",
        "permission.consentGovernance.consent_sources.test",
        "permission.consentGovernance.consent_sources.delete",
        "permission.consentGovernance.reports.read",
        "permission.consentGovernance.reports.export",
        "permission.consentGovernance.agreements.read",
        "permission.consentGovernance.agreements.edit",
        "permission.consentGovernance.agreements.create",
        "permission.consentGovernance.agreements.delete",
        "permission.dataProcessingAndSharing.access",
        "permission.dataProcessingAndSharing.read",
        "permission.dataProcessingAndSharing.manage",
        "permission.applications.cyberark.read",
        "permission.applications.cyberark.edit",
        "permission.applications.cyberark.test",
        "permission.applications.cyberark.create",
        "permission.applications.cyberark.delete",
        "permission.applications.hashicorp.read",
        "permission.applications.hashicorp.edit",
        "permission.applications.hashicorp.test",
        "permission.applications.hashicorp.create",
        "permission.applications.hashicorp.delete",
        "permission.applications.file_labeling.read",
        "permission.applications.file_labeling.import",
        "permission.applications.file_labeling.manage",
        "permission.applications.file_labeling.delete",
        "permission.applications.risk.read",
        "permission.applications.risk.manage",
        "permission.applications.breach_response.read",
        "permission.applications.breach_response.edit",
        "permission.applications.breach_response.create",
        "permission.applications.breach_response.explore",
        "permission.applications.breach_response.delete",
        "permission.applications.access_intelligence.read",
        "permission.applications.manage_custom_apps",
        "permission.applications.read_custom_apps",
        "permission.applications.create_delete_custom_apps",
        "permission.dataDeletion.access",
        "permission.dataDeletion.read",
        "permission.dataDeletion.export",
        "permission.dataDeletion.run",
        "permission.dataDeletion.manage",
        "permission.dataDeletion.delete",
        "permission.dataDeletion.manage_settings",
        "permission.internal.manage",
        "permission.scanner.manage",
        "permission.customDashboard.access",
        "permission.customDashboard.read_customDashboard",
        "permission.customDashboard.manage_customDashboard"
    ],
    "email": "",
    "isPasswordChangeNeeded": false
}
</syntaxhighlight>
</syntaxhighlight>

Revision as of 23:04, 13 October 2021

In this article, you'll learn:

  • How to get a BigID token using a REST API call
  • Where to find the BigID API documentation
  • How to use a BigID token to receive data from BigID

Authenticating with BigID

The BigID API allows you to perform all the actions you're used to performing via the BigID user interface programmatically. In order to communicate with BigID over its API, we first need to authenticate ourselves.

There are two ways to authenticate ourselves to BigID:

  • Username and Password - This is the easiest way to authenticate to BigID. You provide a username and password to the /sessions endpoint and BigID will return a session token that is valid for any other API endpoints (given that user has permissions to access them) for 24 hours.
  • User Token - A user token (generated from Administration -> Access Management by a System Administrator) allows you to access BigID by exchanging a user token for a session token at the /refresh endpoint. This means you don't have to store your username and password within an application, but user tokens are only valid for a maximum of 999 days.

In this tutorial, we're going to authenticate with BigID using Username/Password auth and retrieve a list of data sources.

Below you'll see the POST request we'll use to authenticate. The body of the request contains our username and password and we're directing the request to the sessions endpoint in our BigID Sandbox system. Press Send to get a session token.

{
    "success": true,
    "message": "Enjoy your token!",
    "auth_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX25hbWUiOiJiaWdpZCIsInR5cGUiOiJhY2Nlc3MtdG9rZW4iLCJyb2xlSWRzIjpbIjVkOTNlODYwNWJjODhlMDAxYWY4MjhjMyJdLCJpc0FkbWluIjp0cnVlLCJpYXQiOjE2MzQxNjYyNzQsImV4cCI6MTYzNDI1MjY3NH0.26w4heuqd2D48E3AggFUKdfGbG2rIYsFlhOqzOZiOec",
    "username": "bigid",
    "firstName": "BigID Admin",
    "permissions": [
        "admin",
        "permission.tasks.edit",
        "permission.tasks.read_task_list",
        "permission.dashboard.access",
        "permission.inventory.access",
        "permission.inventory.read",
        "permission.inventory.export_objects",
        "permission.inventory.export_attributes",
        "permission.inventory.investigate_attributes",
        "permission.inventory.export_entities",
        "permission.inventory.read_entities",
        "permission.correlation.access",
        "permission.correlation.read",
        "permission.correlation.manage",
        "permission.clusterAnalysis.access",
        "permission.clusterAnalysis.read",
        "permission.clusterAnalysis.edit",
        "permission.clusterAnalysis.export_objects",
        "permission.aciAnalysis.read",
        "permission.classification.access",
        "permission.classification.read",
        "permission.catalog.access",
        "permission.catalog.read",
        "permission.catalog.export",
        "permission.catalog.investigate",
        "permission.catalog.manual_fields.edit",
        "permission.catalog.manual_fields.read",
        "permission.catalog.business_attributes.edit",
        "permission.catalog.business_attributes.read",
        "permission.catalog.business_attributes.auto_populate",
        "permission.catalog.decrypt",
        "permission.catalog.manage_preview_file",
        "permission.catalog.tags.assign",
        "permission.policies.access",
        "permission.policies.read",
        "permission.policies.edit",
        "permission.policies.delete",
        "permission.policies.create",
        "permission.policies.test",
        "permission.scanResultsDetails.access",
        "permission.scanResultsDetails.read",
        "permission.scanResultsDetails.export",
        "permission.scanResultsDetails.edit",
        "permission.scanResultsDetails.edit_confidence_threshold",
        "permission.scanResultsDetails.edit_confidence_level",
        "permission.reports.access",
        "permission.reports.read_activity_highlights",
        "permission.reports.read_scan_result_summary",
        "permission.reports.export_scan_files",
        "permission.reports.export_data_custodian",
        "permission.reports.export_files_attribute_distribution",
        "permission.reports.export_failed_object",
        "permission.reports.export_labeling_propagation",
        "permission.reports.export_usage",
        "permission.dataSources.access",
        "permission.dataSources.read",
        "permission.dataSources.edit",
        "permission.dataSources.create",
        "permission.dataSources.delete",
        "permission.dataSources.export",
        "permission.dataSources.import",
        "permission.dataSources.test",
        "permission.dataSources.delete_findings",
        "permission.correlationSets.access",
        "permission.correlationSets.read",
        "permission.correlationSets.edit",
        "permission.correlationSets.delete",
        "permission.correlationSets.create",
        "permission.correlationSets.export",
        "permission.correlationSets.import",
        "permission.correlationSets.test",
        "permission.secondarySources.access",
        "permission.secondarySources.read",
        "permission.secondarySources.edit",
        "permission.secondarySources.delete",
        "permission.secondarySources.create",
        "permission.secondarySources.run",
        "permission.applicationSetup.access",
        "permission.applicationSetup.read",
        "permission.applicationSetup.edit",
        "permission.applicationSetup.create",
        "permission.applicationSetup.delete",
        "permission.classifiers.access",
        "permission.classifiers.read",
        "permission.classifiers.edit",
        "permission.classifiers.create",
        "permission.classifiers.export",
        "permission.classifiers.import",
        "permission.classifiers.delete",
        "permission.credentials.access",
        "permission.credentials.read",
        "permission.credentials.edit",
        "permission.credentials.create",
        "permission.credentials.test",
        "permission.credentials.delete",
        "permission.certificates.access",
        "permission.certificates.read",
        "permission.certificates.edit",
        "permission.certificates.create",
        "permission.certificates.delete",
        "permission.tagsSavedQueries.access",
        "permission.tagsSavedQueries.read",
        "permission.tagsSavedQueries.edit",
        "permission.tagsSavedQueries.create",
        "permission.tagsSavedQueries.delete",
        "permission.tags.access",
        "permission.tags.read",
        "permission.tags.edit",
        "permission.tags.create",
        "permission.tags.delete",
        "permission.scanWindows.access",
        "permission.scanWindows.read",
        "permission.scanWindows.edit",
        "permission.scanWindows.create",
        "permission.scanWindows.delete",
        "permission.accessManagement.access",
        "permission.accessManagement.read",
        "permission.accessManagement.manage",
        "permission.accessManagement.read_on_behalf",
        "permission.accessManagement.idp.read",
        "permission.accessManagement.idp.manage",
        "permission.actionCenter.access",
        "permission.actionCenter.actions.access",
        "permission.actionCenter.actions.read",
        "permission.actionCenter.actions.create",
        "permission.actionCenter.actions.delete",
        "permission.actionCenter.actions.edit",
        "permission.actionCenter.audit.access",
        "permission.actionCenter.audit.read",
        "permission.audit.access",
        "permission.audit.read",
        "permission.audit.export",
        "permission.generalSettings.access",
        "permission.generalSettings.business_glossary.read",
        "permission.generalSettings.business_glossary.edit",
        "permission.generalSettings.business_glossary.create",
        "permission.generalSettings.business_glossary.export",
        "permission.generalSettings.business_glossary.import",
        "permission.generalSettings.business_glossary.delete",
        "permission.generalSettings.email_setup.read",
        "permission.generalSettings.email_setup.manage",
        "permission.generalSettings.ignored_lists.read",
        "permission.generalSettings.ignored_lists.edit",
        "permission.generalSettings.ignored_lists.create",
        "permission.generalSettings.ignored_lists.delete",
        "permission.generalSettings.license.read",
        "permission.generalSettings.license.edit",
        "permission.scans.access",
        "permission.scans.scan_profiles.read",
        "permission.scans.scan_profiles.edit",
        "permission.scans.scan_profiles.create",
        "permission.scans.scan_profiles.delete",
        "permission.scans.scan_profiles.run",
        "permission.scans.scan_activity.read",
        "permission.scans.scan_activity.edit",
        "permission.advancedTools.access",
        "permission.advancedTools.edit_clear_entities_cache",
        "permission.advancedTools.delete_delete_pii_data",
        "permission.advancedTools.delete_delete_findings",
        "permission.advancedTools.edit_services_logs",
        "permission.advancedTools.system_health.read",
        "permission.advancedTools.system_health.manage",
        "permission.advancedTools.system_health.run",
        "permission.advancedTools.services_configuration.edit",
        "permission.advancedTools.services_configuration.read",
        "permission.advancedTools.delete_delete_clusters_results",
        "permission.advancedTools.export_download_docvecs_result",
        "permission.advancedTools.export_scan_result",
        "permission.advancedTools.export_stream_collections",
        "permission.dataRightsFulfillment.access",
        "permission.dataRightsFulfillment.request.read",
        "permission.dataRightsFulfillment.request.export",
        "permission.dataRightsFulfillment.request.submit",
        "permission.dataRightsFulfillment.request.stop",
        "permission.dataRightsFulfillment.request.delete",
        "permission.dataRightsFulfillment.request.manage",
        "permission.dataRightsFulfillment.deletion_validation.read",
        "permission.dataRightsFulfillment.deletion_validation.manage",
        "permission.dataRightsFulfillment.deletion_validation.stop",
        "permission.dataRightsFulfillment.audit.read",
        "permission.dataRightsFulfillment.audit.export",
        "permission.dataRightsFulfillment.profile_settings.read",
        "permission.dataRightsFulfillment.profile_settings.edit",
        "permission.dataRightsFulfillment.profile_settings.create",
        "permission.dataRightsFulfillment.profile_settings.delete",
        "permission.dataRightsFulfillment.profile_settings.export",
        "permission.dataRightsFulfillment.profile_settings.import",
        "permission.dataRightsFulfillment.privacy_portal_settings.manage",
        "permission.dataRightsFulfillment.personal_information.read",
        "permission.dataRightsFulfillment.personal_information.edit",
        "permission.dataRightsFulfillment.personal_information.run",
        "permission.dataRightsFulfillment.request.access",
        "permission.dataRightsFulfillment.attributes_enrichment_settings.read",
        "permission.dataRightsFulfillment.attributes_enrichment_settings.edit",
        "permission.dataRightsFulfillment.report_templates.read",
        "permission.dataRightsFulfillment.report_templates.edit",
        "permission.consentGovernance.access",
        "permission.consentGovernance.consent_sources.read",
        "permission.consentGovernance.consent_sources.edit",
        "permission.consentGovernance.consent_sources.create",
        "permission.consentGovernance.consent_sources.test",
        "permission.consentGovernance.consent_sources.delete",
        "permission.consentGovernance.reports.read",
        "permission.consentGovernance.reports.export",
        "permission.consentGovernance.agreements.read",
        "permission.consentGovernance.agreements.edit",
        "permission.consentGovernance.agreements.create",
        "permission.consentGovernance.agreements.delete",
        "permission.dataProcessingAndSharing.access",
        "permission.dataProcessingAndSharing.read",
        "permission.dataProcessingAndSharing.manage",
        "permission.applications.cyberark.read",
        "permission.applications.cyberark.edit",
        "permission.applications.cyberark.test",
        "permission.applications.cyberark.create",
        "permission.applications.cyberark.delete",
        "permission.applications.hashicorp.read",
        "permission.applications.hashicorp.edit",
        "permission.applications.hashicorp.test",
        "permission.applications.hashicorp.create",
        "permission.applications.hashicorp.delete",
        "permission.applications.file_labeling.read",
        "permission.applications.file_labeling.import",
        "permission.applications.file_labeling.manage",
        "permission.applications.file_labeling.delete",
        "permission.applications.risk.read",
        "permission.applications.risk.manage",
        "permission.applications.breach_response.read",
        "permission.applications.breach_response.edit",
        "permission.applications.breach_response.create",
        "permission.applications.breach_response.explore",
        "permission.applications.breach_response.delete",
        "permission.applications.access_intelligence.read",
        "permission.applications.manage_custom_apps",
        "permission.applications.read_custom_apps",
        "permission.applications.create_delete_custom_apps",
        "permission.dataDeletion.access",
        "permission.dataDeletion.read",
        "permission.dataDeletion.export",
        "permission.dataDeletion.run",
        "permission.dataDeletion.manage",
        "permission.dataDeletion.delete",
        "permission.dataDeletion.manage_settings",
        "permission.internal.manage",
        "permission.scanner.manage",
        "permission.customDashboard.access",
        "permission.customDashboard.read_customDashboard",
        "permission.customDashboard.manage_customDashboard"
    ],
    "email": "",
    "isPasswordChangeNeeded": false
}