サポート記事 WithSecure Elements Vulnerability Management

How to create WithSecure Elements Vulnerability Management API keys for authentication

Issue:

Resolution:

An API key consists of an access key (for example, PA3IAKNANLM9) and a secret key (for example, UO9mkDEHFGa1Vau6o#1AfxwRmBQW@!qV). Note that the sample requests in this documentation show access and secret keys enclosed in braces, which must be omitted when you submit requests.

Follow the steps below to create an API key:

Log in to the Elements Vulnerability Management / Elements Security Center portal (https://elements.withsecure.com).
Click the MANAGEMENT > Vulnerability Settings tab.
Click on API keys tab.
Under Configure API keys, click Add API key.
Add a new API key and store it safely.
- Apply the created API key to the HTTP header of every API request that requires authentication.
Run a simple request to check the authentication:

curl -X GET https://api.radar.f-secure.com/api/integration/authenticationcheck
-H 'Content-Type: application/json'
-H 'ApiAccessKey: {ApiAccessKey}'
-H 'ApiSecretKey: {ApiSecretKey}'

If authentication was successful, you will get a HTTP response with status code 200 Authenticated.

Reference:https://www.withsecure.com/userguides/product.html#business/radar/4.0/en/task_E974D4465373492480A62E0D65BAD5E2-4.0-en

Note:
Single quote works in Linux environment. When using CURL in Windows Operating System, recommended to use double quotes masked with backslash (\). Backslash is used to escape the inner quotes.

Example:
curl -X POST https://api.radar.f-secure.com/api/integration/assetMonitoring/withStartIndex/0/andPageSize/250 -H "Content-Type: application/json" -H "ApiAccessKey: {ApiAccessKey}" -H "ApiSecretKey: {ApiSecretKey}" -d "{\"AssetSourceType\": \"Custom\"}"

Article no: 000018219