topic Re: Cisco Umbrella Reporting v2 API Unauthorized Access Python in Cloud Edge

Cisco Umbrella Reporting v2 API Unauthorized Access Python

igarcia012 — Sun, 09 Jan 2022 23:42:02 GMT

Hi,

I've been trying to fetch our Cisco Umbrella logs using the Reporting v2 API but unsuccessful to do so, I always get a b'{"meta":{},"data":{"error":"unauthorized"}}' error message.

I have been successful in getting our data using Cisco Devnet's online GUI-based test tool (Which can be found here: https://developer.cisco.com/docs/cloud-security/?_ga=2.225835218.917962487.1641766486-616012252.1641766486#!activity-all) so I don't think it's an issue with the client and secret token or bearer.

For the code, I used the Python template provided in the knowledge base in the link above.

Additional notes is that using the tool above, fetching the data only works if "Proxy" mode is enabled (Configuration - Use Proxy)

Re: Cisco Umbrella Reporting v2 API Unauthorized Access Python

Brian Sak — Sun, 16 Jan 2022 16:35:07 GMT

I was able to get this to work using the code samples provided here. I used my Reporting API credentials which in turn created a bearer token that is used in the header of the request. My API call to the reporting API is provided below.

import requests
url = "https://reports.api.umbrella.com/v2/organizations/{org id}/activity?from=-14days&to=now&limit=1&offset=0"

payload={}
headers = {
  'Authorization': 'Bearer {token}'
}

response = requests.request("GET", url, headers=headers, data=payload)

print(response.text)

Re: Cisco Umbrella Reporting v2 API Unauthorized Access Python

fittedsheet — Thu, 26 May 2022 19:20:31 GMT

This code did not work for me in Python . I've tried the both 'bearer' and 'basic' in the authorization header. It also failed in the Cisco DevNet environment. Both instances return the b'{"meta":{},"data":{"error":"unauthorized"}}' error message. Is there a setting in Umbrella itself that has to be configured to allow API calls?

Thanks.

Re: Cisco Umbrella Reporting v2 API Unauthorized Access Python

fittedsheet — Fri, 27 May 2022 15:12:50 GMT

Please disregard this question. I was trying to pass the API key in place of the token. User error on my part.

Re: Cisco Umbrella Reporting v2 API Unauthorized Access Python

Brian Sak — Fri, 27 May 2022 16:54:40 GMT

Your timing is good, I had just pulled all of the code in to run it against my lab environment to hopefully find the issue. Glad you're up and running.