topic Re: Cisco PSIRT openVuln APl Not Authorized in Services Discussions

Cisco PSIRT openVuln APl Not Authorized

PortStuck — Thu, 13 Apr 2023 06:36:25 GMT

Hi,
I am using Postman to generate my oauth2 token for us with openVuln API, however once my token is generated and I try to call any API all my responses receive the Not Authorized.

I use https://id.cisco.com/oauth2/default/v1/token to generate my oauth2 token without issues. I have followed the advice in these threads

PSIRT - openVuln API Authorization Error

Cisco PSIRT openVuln API oauth2 Token "Not Authorized"

Copy of my postman is below

I have tried in Curl instead of Postman, as well as re-registered my app several times, but continue to get the same response. Any advice on how to proceed?

Re: Cisco PSIRT openVuln APl Not Authorized

PR Oxman — Thu, 13 Apr 2023 06:58:32 GMT

Hello,

From the postman screen shot you are calling:

https://api.cisco.com/security/advisories/v2/all

and not:

https://apix.cisco.com/security/advisories/v2/all

Change the base url; and retry.

Please ensure you have followed as per: https://raw.githubusercontent.com/api-at-cisco/Images/master/Whats_New_Doc.pdf

HTH

Re: Cisco PSIRT openVuln APl Not Authorized

PortStuck — Thu, 13 Apr 2023 07:19:24 GMT

Thanks PR Oxman, it's working now.

I was using the one listed here
https://developer.cisco.com/docs/psirt/#!api-reference/api-reference
is that the incorrect page?

Re: Cisco PSIRT openVuln APl Not Authorized

PR Oxman — Thu, 13 Apr 2023 07:22:27 GMT

Hello,
It’s not; that is the official page. But there is a transition at the moment in the Cisco APIs. The cut over is due to be completed by 1st of May.

We shall get that documentation updated before then.

HTH

Re: Cisco PSIRT openVuln APl Not Authorized

Anand Rajasekaran — Fri, 02 Jun 2023 04:23:00 GMT

<h1>Developer Inactive</h1> getting this

Re: Cisco PSIRT openVuln APl Not Authorized

PR Oxman — Fri, 02 Jun 2023 04:45:01 GMT

Hello Anand,

Please start a new thread for a new issue.

Can you please provide details of what you are attempting to do when you get that message. Ideally showing your request (without credentials) and the full response.

Thanks.

Re: Cisco PSIRT openVuln APl Not Authorized

Anand Rajasekaran — Fri, 02 Jun 2023 04:54:53 GMT

Hi Oxman,

good day

iam trying to access cisco software reserach api to check the recommened and suggested release

https://apix.cisco.com/software/suggestion/v2/suggestions/software/productIds/C9200-24P?pageIndex=1

i created application using service and client credentials

token is getting generated

but my response is

Developer inactive

Re: Cisco PSIRT openVuln APl Not Authorized

PR Oxman — Fri, 02 Jun 2023 05:08:29 GMT

Hello Anand,

This thread is for the Cisco PSIRT OpenVuln API. You are using the Support APIs - Cisco Software Suggestion API.

Please post your questions above to https://community.cisco.com/t5/smart-net-total-care-portal-and-collector-discussions/bd-p/4891-discussions-smart-net-total-care

But from https://developer.cisco.com/docs/support-apis/#!software-suggestion/error-codes it appears "The API key you are using to access the APIx proxy has not been approved or has been disabled. "

Thanks.