BigID API/API Tutorial: Difference between revisions
From BigID Developer Portal
Line 24: | Line 24: | ||
<syntaxhighlight lang="text"> | <syntaxhighlight lang="text"> | ||
test | { | ||
"success": true, | |||
"message": "Enjoy your token!", | |||
"auth_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX25hbWUiOiJiaWdpZCIsInR5cGUiOiJhY2Nlc3MtdG9rZW4iLCJyb2xlSWRzIjpbIjVkOTNlODYwNWJjODhlMDAxYWY4MjhjMyJdLCJpc0FkbWluIjp0cnVlLCJpYXQiOjE2MzQxNjYyNzQsImV4cCI6MTYzNDI1MjY3NH0.26w4heuqd2D48E3AggFUKdfGbG2rIYsFlhOqzOZiOec", | |||
"username": "bigid", | |||
"firstName": "BigID Admin", | |||
"permissions": [ | |||
"admin", | |||
"permission.tasks.edit", | |||
"permission.tasks.read_task_list", | |||
"permission.dashboard.access", | |||
"permission.inventory.access", | |||
"permission.inventory.read", | |||
"permission.inventory.export_objects", | |||
"permission.inventory.export_attributes", | |||
"permission.inventory.investigate_attributes", | |||
"permission.inventory.export_entities", | |||
"permission.inventory.read_entities", | |||
"permission.correlation.access", | |||
"permission.correlation.read", | |||
"permission.correlation.manage", | |||
"permission.clusterAnalysis.access", | |||
"permission.clusterAnalysis.read", | |||
"permission.clusterAnalysis.edit", | |||
"permission.clusterAnalysis.export_objects", | |||
"permission.aciAnalysis.read", | |||
"permission.classification.access", | |||
"permission.classification.read", | |||
"permission.catalog.access", | |||
"permission.catalog.read", | |||
"permission.catalog.export", | |||
"permission.catalog.investigate", | |||
"permission.catalog.manual_fields.edit", | |||
"permission.catalog.manual_fields.read", | |||
"permission.catalog.business_attributes.edit", | |||
"permission.catalog.business_attributes.read", | |||
"permission.catalog.business_attributes.auto_populate", | |||
"permission.catalog.decrypt", | |||
"permission.catalog.manage_preview_file", | |||
"permission.catalog.tags.assign", | |||
"permission.policies.access", | |||
"permission.policies.read", | |||
"permission.policies.edit", | |||
"permission.policies.delete", | |||
"permission.policies.create", | |||
"permission.policies.test", | |||
"permission.scanResultsDetails.access", | |||
"permission.scanResultsDetails.read", | |||
"permission.scanResultsDetails.export", | |||
"permission.scanResultsDetails.edit", | |||
"permission.scanResultsDetails.edit_confidence_threshold", | |||
"permission.scanResultsDetails.edit_confidence_level", | |||
"permission.reports.access", | |||
"permission.reports.read_activity_highlights", | |||
"permission.reports.read_scan_result_summary", | |||
"permission.reports.export_scan_files", | |||
"permission.reports.export_data_custodian", | |||
"permission.reports.export_files_attribute_distribution", | |||
"permission.reports.export_failed_object", | |||
"permission.reports.export_labeling_propagation", | |||
"permission.reports.export_usage", | |||
"permission.dataSources.access", | |||
"permission.dataSources.read", | |||
"permission.dataSources.edit", | |||
"permission.dataSources.create", | |||
"permission.dataSources.delete", | |||
"permission.dataSources.export", | |||
"permission.dataSources.import", | |||
"permission.dataSources.test", | |||
"permission.dataSources.delete_findings", | |||
"permission.correlationSets.access", | |||
"permission.correlationSets.read", | |||
"permission.correlationSets.edit", | |||
"permission.correlationSets.delete", | |||
"permission.correlationSets.create", | |||
"permission.correlationSets.export", | |||
"permission.correlationSets.import", | |||
"permission.correlationSets.test", | |||
"permission.secondarySources.access", | |||
"permission.secondarySources.read", | |||
"permission.secondarySources.edit", | |||
"permission.secondarySources.delete", | |||
"permission.secondarySources.create", | |||
"permission.secondarySources.run", | |||
"permission.applicationSetup.access", | |||
"permission.applicationSetup.read", | |||
"permission.applicationSetup.edit", | |||
"permission.applicationSetup.create", | |||
"permission.applicationSetup.delete", | |||
"permission.classifiers.access", | |||
"permission.classifiers.read", | |||
"permission.classifiers.edit", | |||
"permission.classifiers.create", | |||
"permission.classifiers.export", | |||
"permission.classifiers.import", | |||
"permission.classifiers.delete", | |||
"permission.credentials.access", | |||
"permission.credentials.read", | |||
"permission.credentials.edit", | |||
"permission.credentials.create", | |||
"permission.credentials.test", | |||
"permission.credentials.delete", | |||
"permission.certificates.access", | |||
"permission.certificates.read", | |||
"permission.certificates.edit", | |||
"permission.certificates.create", | |||
"permission.certificates.delete", | |||
"permission.tagsSavedQueries.access", | |||
"permission.tagsSavedQueries.read", | |||
"permission.tagsSavedQueries.edit", | |||
"permission.tagsSavedQueries.create", | |||
"permission.tagsSavedQueries.delete", | |||
"permission.tags.access", | |||
"permission.tags.read", | |||
"permission.tags.edit", | |||
"permission.tags.create", | |||
"permission.tags.delete", | |||
"permission.scanWindows.access", | |||
"permission.scanWindows.read", | |||
"permission.scanWindows.edit", | |||
"permission.scanWindows.create", | |||
"permission.scanWindows.delete", | |||
"permission.accessManagement.access", | |||
"permission.accessManagement.read", | |||
"permission.accessManagement.manage", | |||
"permission.accessManagement.read_on_behalf", | |||
"permission.accessManagement.idp.read", | |||
"permission.accessManagement.idp.manage", | |||
"permission.actionCenter.access", | |||
"permission.actionCenter.actions.access", | |||
"permission.actionCenter.actions.read", | |||
"permission.actionCenter.actions.create", | |||
"permission.actionCenter.actions.delete", | |||
"permission.actionCenter.actions.edit", | |||
"permission.actionCenter.audit.access", | |||
"permission.actionCenter.audit.read", | |||
"permission.audit.access", | |||
"permission.audit.read", | |||
"permission.audit.export", | |||
"permission.generalSettings.access", | |||
"permission.generalSettings.business_glossary.read", | |||
"permission.generalSettings.business_glossary.edit", | |||
"permission.generalSettings.business_glossary.create", | |||
"permission.generalSettings.business_glossary.export", | |||
"permission.generalSettings.business_glossary.import", | |||
"permission.generalSettings.business_glossary.delete", | |||
"permission.generalSettings.email_setup.read", | |||
"permission.generalSettings.email_setup.manage", | |||
"permission.generalSettings.ignored_lists.read", | |||
"permission.generalSettings.ignored_lists.edit", | |||
"permission.generalSettings.ignored_lists.create", | |||
"permission.generalSettings.ignored_lists.delete", | |||
"permission.generalSettings.license.read", | |||
"permission.generalSettings.license.edit", | |||
"permission.scans.access", | |||
"permission.scans.scan_profiles.read", | |||
"permission.scans.scan_profiles.edit", | |||
"permission.scans.scan_profiles.create", | |||
"permission.scans.scan_profiles.delete", | |||
"permission.scans.scan_profiles.run", | |||
"permission.scans.scan_activity.read", | |||
"permission.scans.scan_activity.edit", | |||
"permission.advancedTools.access", | |||
"permission.advancedTools.edit_clear_entities_cache", | |||
"permission.advancedTools.delete_delete_pii_data", | |||
"permission.advancedTools.delete_delete_findings", | |||
"permission.advancedTools.edit_services_logs", | |||
"permission.advancedTools.system_health.read", | |||
"permission.advancedTools.system_health.manage", | |||
"permission.advancedTools.system_health.run", | |||
"permission.advancedTools.services_configuration.edit", | |||
"permission.advancedTools.services_configuration.read", | |||
"permission.advancedTools.delete_delete_clusters_results", | |||
"permission.advancedTools.export_download_docvecs_result", | |||
"permission.advancedTools.export_scan_result", | |||
"permission.advancedTools.export_stream_collections", | |||
"permission.dataRightsFulfillment.access", | |||
"permission.dataRightsFulfillment.request.read", | |||
"permission.dataRightsFulfillment.request.export", | |||
"permission.dataRightsFulfillment.request.submit", | |||
"permission.dataRightsFulfillment.request.stop", | |||
"permission.dataRightsFulfillment.request.delete", | |||
"permission.dataRightsFulfillment.request.manage", | |||
"permission.dataRightsFulfillment.deletion_validation.read", | |||
"permission.dataRightsFulfillment.deletion_validation.manage", | |||
"permission.dataRightsFulfillment.deletion_validation.stop", | |||
"permission.dataRightsFulfillment.audit.read", | |||
"permission.dataRightsFulfillment.audit.export", | |||
"permission.dataRightsFulfillment.profile_settings.read", | |||
"permission.dataRightsFulfillment.profile_settings.edit", | |||
"permission.dataRightsFulfillment.profile_settings.create", | |||
"permission.dataRightsFulfillment.profile_settings.delete", | |||
"permission.dataRightsFulfillment.profile_settings.export", | |||
"permission.dataRightsFulfillment.profile_settings.import", | |||
"permission.dataRightsFulfillment.privacy_portal_settings.manage", | |||
"permission.dataRightsFulfillment.personal_information.read", | |||
"permission.dataRightsFulfillment.personal_information.edit", | |||
"permission.dataRightsFulfillment.personal_information.run", | |||
"permission.dataRightsFulfillment.request.access", | |||
"permission.dataRightsFulfillment.attributes_enrichment_settings.read", | |||
"permission.dataRightsFulfillment.attributes_enrichment_settings.edit", | |||
"permission.dataRightsFulfillment.report_templates.read", | |||
"permission.dataRightsFulfillment.report_templates.edit", | |||
"permission.consentGovernance.access", | |||
"permission.consentGovernance.consent_sources.read", | |||
"permission.consentGovernance.consent_sources.edit", | |||
"permission.consentGovernance.consent_sources.create", | |||
"permission.consentGovernance.consent_sources.test", | |||
"permission.consentGovernance.consent_sources.delete", | |||
"permission.consentGovernance.reports.read", | |||
"permission.consentGovernance.reports.export", | |||
"permission.consentGovernance.agreements.read", | |||
"permission.consentGovernance.agreements.edit", | |||
"permission.consentGovernance.agreements.create", | |||
"permission.consentGovernance.agreements.delete", | |||
"permission.dataProcessingAndSharing.access", | |||
"permission.dataProcessingAndSharing.read", | |||
"permission.dataProcessingAndSharing.manage", | |||
"permission.applications.cyberark.read", | |||
"permission.applications.cyberark.edit", | |||
"permission.applications.cyberark.test", | |||
"permission.applications.cyberark.create", | |||
"permission.applications.cyberark.delete", | |||
"permission.applications.hashicorp.read", | |||
"permission.applications.hashicorp.edit", | |||
"permission.applications.hashicorp.test", | |||
"permission.applications.hashicorp.create", | |||
"permission.applications.hashicorp.delete", | |||
"permission.applications.file_labeling.read", | |||
"permission.applications.file_labeling.import", | |||
"permission.applications.file_labeling.manage", | |||
"permission.applications.file_labeling.delete", | |||
"permission.applications.risk.read", | |||
"permission.applications.risk.manage", | |||
"permission.applications.breach_response.read", | |||
"permission.applications.breach_response.edit", | |||
"permission.applications.breach_response.create", | |||
"permission.applications.breach_response.explore", | |||
"permission.applications.breach_response.delete", | |||
"permission.applications.access_intelligence.read", | |||
"permission.applications.manage_custom_apps", | |||
"permission.applications.read_custom_apps", | |||
"permission.applications.create_delete_custom_apps", | |||
"permission.dataDeletion.access", | |||
"permission.dataDeletion.read", | |||
"permission.dataDeletion.export", | |||
"permission.dataDeletion.run", | |||
"permission.dataDeletion.manage", | |||
"permission.dataDeletion.delete", | |||
"permission.dataDeletion.manage_settings", | |||
"permission.internal.manage", | |||
"permission.scanner.manage", | |||
"permission.customDashboard.access", | |||
"permission.customDashboard.read_customDashboard", | |||
"permission.customDashboard.manage_customDashboard" | |||
], | |||
"email": "", | |||
"isPasswordChangeNeeded": false | |||
} | |||
</syntaxhighlight> | </syntaxhighlight> |
Revision as of 23:04, 13 October 2021
In this article, you'll learn:
- How to get a BigID token using a REST API call
- Where to find the BigID API documentation
- How to use a BigID token to receive data from BigID
Authenticating with BigID
The BigID API allows you to perform all the actions you're used to performing via the BigID user interface programmatically. In order to communicate with BigID over its API, we first need to authenticate ourselves.
There are two ways to authenticate ourselves to BigID:
- Username and Password - This is the easiest way to authenticate to BigID. You provide a username and password to the /sessions endpoint and BigID will return a session token that is valid for any other API endpoints (given that user has permissions to access them) for 24 hours.
- User Token - A user token (generated from Administration -> Access Management by a System Administrator) allows you to access BigID by exchanging a user token for a session token at the /refresh endpoint. This means you don't have to store your username and password within an application, but user tokens are only valid for a maximum of 999 days.
In this tutorial, we're going to authenticate with BigID using Username/Password auth and retrieve a list of data sources.
Below you'll see the POST request we'll use to authenticate. The body of the request contains our username and password and we're directing the request to the sessions endpoint in our BigID Sandbox system. Press Send to get a session token.
{
"success": true,
"message": "Enjoy your token!",
"auth_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX25hbWUiOiJiaWdpZCIsInR5cGUiOiJhY2Nlc3MtdG9rZW4iLCJyb2xlSWRzIjpbIjVkOTNlODYwNWJjODhlMDAxYWY4MjhjMyJdLCJpc0FkbWluIjp0cnVlLCJpYXQiOjE2MzQxNjYyNzQsImV4cCI6MTYzNDI1MjY3NH0.26w4heuqd2D48E3AggFUKdfGbG2rIYsFlhOqzOZiOec",
"username": "bigid",
"firstName": "BigID Admin",
"permissions": [
"admin",
"permission.tasks.edit",
"permission.tasks.read_task_list",
"permission.dashboard.access",
"permission.inventory.access",
"permission.inventory.read",
"permission.inventory.export_objects",
"permission.inventory.export_attributes",
"permission.inventory.investigate_attributes",
"permission.inventory.export_entities",
"permission.inventory.read_entities",
"permission.correlation.access",
"permission.correlation.read",
"permission.correlation.manage",
"permission.clusterAnalysis.access",
"permission.clusterAnalysis.read",
"permission.clusterAnalysis.edit",
"permission.clusterAnalysis.export_objects",
"permission.aciAnalysis.read",
"permission.classification.access",
"permission.classification.read",
"permission.catalog.access",
"permission.catalog.read",
"permission.catalog.export",
"permission.catalog.investigate",
"permission.catalog.manual_fields.edit",
"permission.catalog.manual_fields.read",
"permission.catalog.business_attributes.edit",
"permission.catalog.business_attributes.read",
"permission.catalog.business_attributes.auto_populate",
"permission.catalog.decrypt",
"permission.catalog.manage_preview_file",
"permission.catalog.tags.assign",
"permission.policies.access",
"permission.policies.read",
"permission.policies.edit",
"permission.policies.delete",
"permission.policies.create",
"permission.policies.test",
"permission.scanResultsDetails.access",
"permission.scanResultsDetails.read",
"permission.scanResultsDetails.export",
"permission.scanResultsDetails.edit",
"permission.scanResultsDetails.edit_confidence_threshold",
"permission.scanResultsDetails.edit_confidence_level",
"permission.reports.access",
"permission.reports.read_activity_highlights",
"permission.reports.read_scan_result_summary",
"permission.reports.export_scan_files",
"permission.reports.export_data_custodian",
"permission.reports.export_files_attribute_distribution",
"permission.reports.export_failed_object",
"permission.reports.export_labeling_propagation",
"permission.reports.export_usage",
"permission.dataSources.access",
"permission.dataSources.read",
"permission.dataSources.edit",
"permission.dataSources.create",
"permission.dataSources.delete",
"permission.dataSources.export",
"permission.dataSources.import",
"permission.dataSources.test",
"permission.dataSources.delete_findings",
"permission.correlationSets.access",
"permission.correlationSets.read",
"permission.correlationSets.edit",
"permission.correlationSets.delete",
"permission.correlationSets.create",
"permission.correlationSets.export",
"permission.correlationSets.import",
"permission.correlationSets.test",
"permission.secondarySources.access",
"permission.secondarySources.read",
"permission.secondarySources.edit",
"permission.secondarySources.delete",
"permission.secondarySources.create",
"permission.secondarySources.run",
"permission.applicationSetup.access",
"permission.applicationSetup.read",
"permission.applicationSetup.edit",
"permission.applicationSetup.create",
"permission.applicationSetup.delete",
"permission.classifiers.access",
"permission.classifiers.read",
"permission.classifiers.edit",
"permission.classifiers.create",
"permission.classifiers.export",
"permission.classifiers.import",
"permission.classifiers.delete",
"permission.credentials.access",
"permission.credentials.read",
"permission.credentials.edit",
"permission.credentials.create",
"permission.credentials.test",
"permission.credentials.delete",
"permission.certificates.access",
"permission.certificates.read",
"permission.certificates.edit",
"permission.certificates.create",
"permission.certificates.delete",
"permission.tagsSavedQueries.access",
"permission.tagsSavedQueries.read",
"permission.tagsSavedQueries.edit",
"permission.tagsSavedQueries.create",
"permission.tagsSavedQueries.delete",
"permission.tags.access",
"permission.tags.read",
"permission.tags.edit",
"permission.tags.create",
"permission.tags.delete",
"permission.scanWindows.access",
"permission.scanWindows.read",
"permission.scanWindows.edit",
"permission.scanWindows.create",
"permission.scanWindows.delete",
"permission.accessManagement.access",
"permission.accessManagement.read",
"permission.accessManagement.manage",
"permission.accessManagement.read_on_behalf",
"permission.accessManagement.idp.read",
"permission.accessManagement.idp.manage",
"permission.actionCenter.access",
"permission.actionCenter.actions.access",
"permission.actionCenter.actions.read",
"permission.actionCenter.actions.create",
"permission.actionCenter.actions.delete",
"permission.actionCenter.actions.edit",
"permission.actionCenter.audit.access",
"permission.actionCenter.audit.read",
"permission.audit.access",
"permission.audit.read",
"permission.audit.export",
"permission.generalSettings.access",
"permission.generalSettings.business_glossary.read",
"permission.generalSettings.business_glossary.edit",
"permission.generalSettings.business_glossary.create",
"permission.generalSettings.business_glossary.export",
"permission.generalSettings.business_glossary.import",
"permission.generalSettings.business_glossary.delete",
"permission.generalSettings.email_setup.read",
"permission.generalSettings.email_setup.manage",
"permission.generalSettings.ignored_lists.read",
"permission.generalSettings.ignored_lists.edit",
"permission.generalSettings.ignored_lists.create",
"permission.generalSettings.ignored_lists.delete",
"permission.generalSettings.license.read",
"permission.generalSettings.license.edit",
"permission.scans.access",
"permission.scans.scan_profiles.read",
"permission.scans.scan_profiles.edit",
"permission.scans.scan_profiles.create",
"permission.scans.scan_profiles.delete",
"permission.scans.scan_profiles.run",
"permission.scans.scan_activity.read",
"permission.scans.scan_activity.edit",
"permission.advancedTools.access",
"permission.advancedTools.edit_clear_entities_cache",
"permission.advancedTools.delete_delete_pii_data",
"permission.advancedTools.delete_delete_findings",
"permission.advancedTools.edit_services_logs",
"permission.advancedTools.system_health.read",
"permission.advancedTools.system_health.manage",
"permission.advancedTools.system_health.run",
"permission.advancedTools.services_configuration.edit",
"permission.advancedTools.services_configuration.read",
"permission.advancedTools.delete_delete_clusters_results",
"permission.advancedTools.export_download_docvecs_result",
"permission.advancedTools.export_scan_result",
"permission.advancedTools.export_stream_collections",
"permission.dataRightsFulfillment.access",
"permission.dataRightsFulfillment.request.read",
"permission.dataRightsFulfillment.request.export",
"permission.dataRightsFulfillment.request.submit",
"permission.dataRightsFulfillment.request.stop",
"permission.dataRightsFulfillment.request.delete",
"permission.dataRightsFulfillment.request.manage",
"permission.dataRightsFulfillment.deletion_validation.read",
"permission.dataRightsFulfillment.deletion_validation.manage",
"permission.dataRightsFulfillment.deletion_validation.stop",
"permission.dataRightsFulfillment.audit.read",
"permission.dataRightsFulfillment.audit.export",
"permission.dataRightsFulfillment.profile_settings.read",
"permission.dataRightsFulfillment.profile_settings.edit",
"permission.dataRightsFulfillment.profile_settings.create",
"permission.dataRightsFulfillment.profile_settings.delete",
"permission.dataRightsFulfillment.profile_settings.export",
"permission.dataRightsFulfillment.profile_settings.import",
"permission.dataRightsFulfillment.privacy_portal_settings.manage",
"permission.dataRightsFulfillment.personal_information.read",
"permission.dataRightsFulfillment.personal_information.edit",
"permission.dataRightsFulfillment.personal_information.run",
"permission.dataRightsFulfillment.request.access",
"permission.dataRightsFulfillment.attributes_enrichment_settings.read",
"permission.dataRightsFulfillment.attributes_enrichment_settings.edit",
"permission.dataRightsFulfillment.report_templates.read",
"permission.dataRightsFulfillment.report_templates.edit",
"permission.consentGovernance.access",
"permission.consentGovernance.consent_sources.read",
"permission.consentGovernance.consent_sources.edit",
"permission.consentGovernance.consent_sources.create",
"permission.consentGovernance.consent_sources.test",
"permission.consentGovernance.consent_sources.delete",
"permission.consentGovernance.reports.read",
"permission.consentGovernance.reports.export",
"permission.consentGovernance.agreements.read",
"permission.consentGovernance.agreements.edit",
"permission.consentGovernance.agreements.create",
"permission.consentGovernance.agreements.delete",
"permission.dataProcessingAndSharing.access",
"permission.dataProcessingAndSharing.read",
"permission.dataProcessingAndSharing.manage",
"permission.applications.cyberark.read",
"permission.applications.cyberark.edit",
"permission.applications.cyberark.test",
"permission.applications.cyberark.create",
"permission.applications.cyberark.delete",
"permission.applications.hashicorp.read",
"permission.applications.hashicorp.edit",
"permission.applications.hashicorp.test",
"permission.applications.hashicorp.create",
"permission.applications.hashicorp.delete",
"permission.applications.file_labeling.read",
"permission.applications.file_labeling.import",
"permission.applications.file_labeling.manage",
"permission.applications.file_labeling.delete",
"permission.applications.risk.read",
"permission.applications.risk.manage",
"permission.applications.breach_response.read",
"permission.applications.breach_response.edit",
"permission.applications.breach_response.create",
"permission.applications.breach_response.explore",
"permission.applications.breach_response.delete",
"permission.applications.access_intelligence.read",
"permission.applications.manage_custom_apps",
"permission.applications.read_custom_apps",
"permission.applications.create_delete_custom_apps",
"permission.dataDeletion.access",
"permission.dataDeletion.read",
"permission.dataDeletion.export",
"permission.dataDeletion.run",
"permission.dataDeletion.manage",
"permission.dataDeletion.delete",
"permission.dataDeletion.manage_settings",
"permission.internal.manage",
"permission.scanner.manage",
"permission.customDashboard.access",
"permission.customDashboard.read_customDashboard",
"permission.customDashboard.manage_customDashboard"
],
"email": "",
"isPasswordChangeNeeded": false
}