The authentication token must be included in the Authorization field of your request header. Make sure you have obtained the authentication token from the Cloud App Security administrator console before creating your request.
Create an authentication token.
On the Add Authentication Token screen that appears, select at least one API type to which the authentication token applies.
After selecting User account under the Threat Mitigation API type, click Click here to provide your Microsoft Office 365 Global Administrator credentials to grant permission to obtain user account related data first.
Click Create Token.
The generated token is displayed on the Automation and Integration APIs screen.
You can use only one authentication token for the specified API type(s). To change the token or the API type, click Edit.
Edit the authentication token.
On the Edit Authentication Token screen that appears, select or unselect the check boxes to change the API type as necessary.
For certain API types, you also need to perform authorization.
Click Update Token.
Besides the API type, the authentication token itself will also be changed.
Select the token and click Delete.
Any subsequent API request message that contains the deleted authentication token will fail.
Select the token and click Refresh.
Typically, 10 days before the authentication token expires, Cloud App Security sends an alert email message to your mailbox.
An authentication token is valid for 365 days since being generated. After the expiration time, the token becomes invalid. Any subsequent API request message that contains the invalid authentication token will fail. You can choose to delete the current token and add a new one, or select the invalid token and refresh it.
For more information, see Understanding the Request Header.