https://community.cisco.com/t5/services-discussions/openvulnquery-authorization-issues/m-p/4813206#M980 Hello<BR /> Changes to OpenVulnQuery were submitted and accepted to main branch; to support the new API changes.<BR /><BR />Thanks.<BR /> Wed, 12 Apr 2023 22:25:27 GMT PR Oxman 2023-04-12T22:25:27Z https://community.cisco.com/t5/services-discussions/openvulnquery-authorization-issues/m-p/4809299#M968 <P>Hi team,</P> <P>I've followed the instructions and still get authorization errors while using openVulnQuery. So, I've registered an app on apiconsole.cisco.com with app type Service and grant type Client Credentials for <SPAN>Cisco PSIRT openVuln API</SPAN>. Unfortunately, the provided client id and secret don't seem to work.</P> <P>Using the credentials with Postman, I can get the Bearer token but subsequent queries fail with "<SPAN>Not Authorized".</SPAN></P> <P><SPAN>Using openVulnQuery, I get the following error messages:</SPAN></P> <P>requests.exceptions.HTTPError: 401 Client Error: Unauthorized for url: <A href="https://cloudsso.cisco.com/as/token.oauth2?client_id=p3bfx...&amp;client_secret=WRCD.." target="_blank" rel="noopener">https://cloudsso.cisco.com/as/token.oauth2?client_id=p3bfx...&amp;client_secret=WRCD..</A>.</P> <P>What's wrong here? Any help would be appreciated.</P> <P>cheers<BR />rene</P> Thu, 06 Apr 2023 07:17:43 GMT https://community.cisco.com/t5/services-discussions/openvulnquery-authorization-issues/m-p/4809299#M968 rstraube 2023-04-06T07:17:43Z https://community.cisco.com/t5/services-discussions/openvulnquery-authorization-issues/m-p/4811532#M973 <P>Hello Rene,</P> <P>Application registered before March 1,2023 will be using URL <A href="https://cloudsso.cisco.com/as/token.oauth2" target="_blank" rel="noopener">https://cloudsso.cisco.com/as/token.oauth2</A> (being deprecated). For Application created beginning March 1, 2023 you will use <A href="https://id.cisco.com/oauth2/default/v1/token" target="_blank" rel="noopener">https://id.cisco.com/oauth2/default/v1/token</A>.</P> <P>See <A href="https://raw.githubusercontent.com/api-at-cisco/Images/master/Whats_New_Doc.pdf" target="_blank">https://raw.githubusercontent.com/api-at-cisco/Images/master/Whats_New_Doc.pdf</A> for more information.</P> <P>HTH</P> Tue, 11 Apr 2023 02:34:15 GMT https://community.cisco.com/t5/services-discussions/openvulnquery-authorization-issues/m-p/4811532#M973 PR Oxman 2023-04-11T02:34:15Z https://community.cisco.com/t5/services-discussions/openvulnquery-authorization-issues/m-p/4811626#M978 <P>Thanks Paul, great information. I did not recognize the new domain for the API endpoint. It helped to get my Postman queries working now.</P> <P>openVulnQuery (<A href="https://github.com/CiscoPSIRT/openVulnQuery" target="_blank">https://github.com/CiscoPSIRT/openVulnQuery</A>) still does not work with old token generation URL.</P> <P>cheers<BR />rene</P> Tue, 11 Apr 2023 07:36:57 GMT https://community.cisco.com/t5/services-discussions/openvulnquery-authorization-issues/m-p/4811626#M978 rstraube 2023-04-11T07:36:57Z https://community.cisco.com/t5/services-discussions/openvulnquery-authorization-issues/m-p/4811635#M979 Thanks Rene,<BR /> I will check the OpenVulnQuery code. It will need to be updated.<BR /><BR /> Will try to get to that this week. Or at least prior to May 1st.<BR /><BR />Regards<BR /><BR /> Tue, 11 Apr 2023 07:45:27 GMT https://community.cisco.com/t5/services-discussions/openvulnquery-authorization-issues/m-p/4811635#M979 PR Oxman 2023-04-11T07:45:27Z https://community.cisco.com/t5/services-discussions/openvulnquery-authorization-issues/m-p/4813206#M980 Hello<BR /> Changes to OpenVulnQuery were submitted and accepted to main branch; to support the new API changes.<BR /><BR />Thanks.<BR /> Wed, 12 Apr 2023 22:25:27 GMT https://community.cisco.com/t5/services-discussions/openvulnquery-authorization-issues/m-p/4813206#M980 PR Oxman 2023-04-12T22:25:27Z