API not working

mfijulu · 2024-08-29T12:28:19+00:00

There was an error rendering this rich post.

Helou!

I have created a .PS1 script that removes a workstation from WithSecure.
However, my script is not working. Could someone tell me what is wrong with my code?
I am getting an “Authentication Failed” error. What is the purpose of the Client ID and Secret? Should they be used here as well?

# Vastuuhenkilö Julle

$host.ui.RawUI.WindowTitle = "WithSecure Poisto"


# Define API basics
$apiBaseUrl = "https://eu1.psb.fsapi.com/mp/v1"
$apiKey = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"

# Fetch authentication token
$authHeaders = @{
    'x-api-key' = $apiKey
    'Content-Type' = 'application/x-www-form-urlencoded'
}

try {
    # Ask the user for the computer name
    $ComputerName = Read-Host 'Enter the computer name'

    # Fetch device details
    $headers = @{
        'x-api-key' = $apiKey
    }

    $deviceResponse = Invoke-RestMethod -Method Get -Uri "$apiBaseUrl/devices" -Headers $headers
    $device = $deviceResponse.items | Where-Object { $_.name -eq $ComputerName }

    # Report the result
    if ($device) {
        $deviceId = $device.id
        Write-Host "Computer found WithSecure: $ComputerName"

        $deleteResponse = Invoke-RestMethod -Method Delete -Uri "$apiBaseUrl/devices/$deviceId" -Headers $headers
        Write-Host "Computer $ComputerName removed from WithSecure"
    } else {
        Write-Host "Computer not found WithSecure"
    }
} catch {
    if ($_.Exception.Response.StatusCode -eq 401) {
        Write-Host "Authentication failed"
    } else {
        Write-Host "An error occurred: $_"
    }
}

Find more posts tagged with

Accepted answers

All comments

JamesC

Hi @mfijulu

May I ask what you're trying to achieve? The link you shared is related to Vulnerability Management, but we have different APIs for various products -

https://connect.withsecure.com/

I suggest to submit a support case so we can assist further - https://www.withsecure.com/en/support/contact-support/email-support

mfijulu

I’m not sure what is wrong. According to the websites, this should be enough.
I get an authentication test error: Invoke-RestMethod : The remote server returned an error: (401) Unauthorized.
Even though the keys should be correct.

https://community.withsecure.com/en/kb/articles/31148-how-to-create-withsecure-elements-vulnerability-management-api-keys-for-authentication

$uri = "https://api.radar-prd.fsapi.com/api/integration/authenticationcheck"
$headers = @{
"Content-Type" = "application/json"
"ApiAccessKey" = "XXX"
"ApiSecretKey" = "YYY"
}
$body = @{
AssetSourceType = "Custom"
} | ConvertTo-Json

$response = Invoke-RestMethod -Uri $uri -Method Post -Headers $headers -Body $body

LiselotteP

Is your issue still open? If one of the replies resolved it, please mark it as the best answer. Thanks!

JamesC

Hi @mfijulu ,

Yes you need to use the Client and Secret Key to generate a token.

Kindly refer to https://connect.withsecure.com/getting-started/elements