Generating an Authentication Token

The authentication token must be included in the Authorization field of your request header. Make sure you have obtained the authentication token from the Cloud App Security administrator console before creating your request.

  1. Log on to the Cloud App Security administrator console.
  2. Go to Administration > Automation and Integration APIs.
  3. Perform one of the following:
    • Create an authentication token.

      1. Click Add.

      2. On the Add Authentication Token screen that appears, select at least one API type to which the authentication token applies.

        After selecting User account under the Threat Mitigation API type, click Click here to provide your Microsoft Office 365 Global Administrator credentials to grant permission to obtain user account related data first.

      3. Click Create Token.

        The generated token is displayed on the Automation and Integration APIs screen.

      Note:

      You can use only one authentication token for the specified API type(s). To change the token or the API type, delete the existing one and then add a new token.

    • Select a token and click Delete.

      Any subsequent API request message that contains the deleted authentication token will fail.

    • Select a token and click Refresh.

      Typically, 10 days before the authentication token expires, Cloud App Security sends an alert email message to your mailbox.

      An authentication token is valid for 365 days since being generated. After the expiration time, the token becomes invalid. Any subsequent API request message that contains the invalid authentication token will fail. You can choose to delete the current token and add a new one, or select the invalid token and refresh it.

  4. Fill the authentication token in the Authorization field of the API request header in the following format: Bearer <authentication token>.

    For more information, see Understanding the Request Header.