To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

API not working

mfijulu
mfijulu Member Posts: 2 Security Scout
in Elements Endpoint Protection (EPP)

Helou!

I have created a .PS1 script that removes a workstation from WithSecure.
However, my script is not working. Could someone tell me what is wrong with my code?
I am getting an “Authentication Failed” error. What is the purpose of the Client ID and Secret? Should they be used here as well?

# Vastuuhenkilö Julle

$host.ui.RawUI.WindowTitle = "WithSecure Poisto"


# Define API basics
$apiBaseUrl = "https://eu1.psb.fsapi.com/mp/v1"
$apiKey = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"

# Fetch authentication token
$authHeaders = @{
    'x-api-key' = $apiKey
    'Content-Type' = 'application/x-www-form-urlencoded'
}

try {
    # Ask the user for the computer name
    $ComputerName = Read-Host 'Enter the computer name'

    # Fetch device details
    $headers = @{
        'x-api-key' = $apiKey
    }

    $deviceResponse = Invoke-RestMethod -Method Get -Uri "$apiBaseUrl/devices" -Headers $headers
    $device = $deviceResponse.items | Where-Object { $_.name -eq $ComputerName }

    # Report the result
    if ($device) {
        $deviceId = $device.id
        Write-Host "Computer found WithSecure: $ComputerName"

        $deleteResponse = Invoke-RestMethod -Method Delete -Uri "$apiBaseUrl/devices/$deviceId" -Headers $headers
        Write-Host "Computer $ComputerName removed from WithSecure"
    } else {
        Write-Host "Computer not found WithSecure"
    }
} catch {
    if ($_.Exception.Response.StatusCode -eq 401) {
        Write-Host "Authentication failed"
    } else {
        Write-Host "An error occurred: $_"
    }
}

Answers

  • JamesC
    JamesC Staff, Moderator Posts: 543 W/ Moderator

    Hi @mfijulu ,

    Yes you need to use the Client and Secret Key to generate a token.

    Kindly refer to https://connect.withsecure.com/getting-started/elements

  • LiselotteP
    LiselotteP Staff, Community Manager Posts: 416 Threat Terminator

    Is your issue still open? If one of the replies resolved it, please mark it as the best answer. Thanks!

  • mfijulu
    mfijulu Member Posts: 2 Security Scout

    I’m not sure what is wrong. According to the websites, this should be enough.
    I get an authentication test error: Invoke-RestMethod : The remote server returned an error: (401) Unauthorized.
    Even though the keys should be correct.

    https://community.withsecure.com/en/kb/articles/31148-how-to-create-withsecure-elements-vulnerability-management-api-keys-for-authentication

    $uri = "https://api.radar-prd.fsapi.com/api/integration/authenticationcheck"
    $headers = @{
    "Content-Type" = "application/json"
    "ApiAccessKey" = "XXX"
    "ApiSecretKey" = "YYY"
    }
    $body = @{
    AssetSourceType = "Custom"
    } | ConvertTo-Json

    $response = Invoke-RestMethod -Uri $uri -Method Post -Headers $headers -Body $body

  • JamesC
    JamesC Staff, Moderator Posts: 543 W/ Moderator

    Hi @mfijulu

    May I ask what you're trying to achieve? The link you shared is related to Vulnerability Management, but we have different APIs for various products -

    https://connect.withsecure.com/

    I suggest to submit a support case so we can assist further - https://www.withsecure.com/en/support/contact-support/email-support

Categories