Trend Micro Apex Central™ provides access to some internal product functionalities through Apex Central Automation APIs allowing users to integrate third-party solutions. Using the APIs may potentially expose sensitive information, such as agent and endpoint information, which could result in state-changing effects such as agent isolation. To ensure that only trusted applications can use the APIs, generate an authentication JSON Web Token (JWT) that the trusted applications send with API requests. Apex Central verifies the validity of all API requests from third-party applications using the JWT information.
For more information about available APIs and supported functions, see the following topics:
Trend Micro provides demo projects to help you get started with using the Apex Central Automation APIs.
For more information, see the following topics:Perform the following steps to properly utilize the Apex Central Automation APIs:
-
Obtain an "Application ID" and "API key" by adding the integrated product solution to the Apex Central console.
For more information, see Adding an Application.
-
Create a JSON Web Token (JWT) using the "Application ID" and "API key" and send the JWT in the authorization header of the request to the intended Automation API.
Note:-
The "Application ID" is part of the JWT payload and the
-
The "API key" is the secret key used to generate the signature of the JWT.
-
The JWT is generated directly by the third-party application.
Important:Do not transmit the "API key" as part of the request.
For more information, see Authorization Token Structure.
-
-
Verify whether Apex Central accepted the API request.
For more information, see Automation API Responses.