Guides

Authentication Details

About Authentication

OAuth2 protocol is used to authorize Refresh/Access tokens. To obtain the API, you should generate a refresh token and then request an access token using the /v1/auth/token endpoint. The refresh token will be valid for 6 months, whereas the access token will be available for 2 hours. After getting the access token, add Authorization: Bearer {accessToken} to the header to request access to the below endpoints.

📘

Authentication

/v1/auth/token endpoint is used for getting access token.

All the Picus API endpoints(except create token endpoint) are used with a single authentication.

Step 1 - Getting Refresh Token

The refresh tokens can be generated from app.picussecurity.com > Settings > Rest API Token.

  • You should click Settings button and select "Rest API Token" menu item.

  • You can see list of tokens for your account with name, creation date, created by, expiration date, scopes and status(active or expired).

  • For creating new refresh token, you can click "Generate Token" button and view Generate Token panel.

  • After opening the Generate Token panel, you must provide a unique token name, description, expiration days, and scope. Scope is used to filter the API endpoints accessible by the token.
  • When the New Token Generated dialog opens, the token is displayed only once. You should copy it for future use, as it will not be accessible anywhere else afterward.

Step 2 - Getting Access Token

You can get the access token via request to /v1/auth/token endpoint.
Check the request example below:

curl --location --request POST 'https://api.picussecurity.com/v1/auth/token' \
--header 'Content-Type: application/json' \
--data-raw '{"refresh_token":"copy to refresh token getting by settings / rest api token"}'
{
  "token":"access token will be here", //access token
  "expire_at":1654518145155 //when access token will be expired
}

Step 3 - Request Endpoints with Access Token

The Picus Rest API endpoints can be requested with access token. You should add Authorization header and put access token with Bearer prefix. You can check the example below:

curl --location --request GET 'https://api.picussecurity.com/v1/simulations' \
--header 'Authorization: Bearer access_token' \
Authorization: Bearer access_token

Updated 13 days ago