Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
61
Views
1
Helpful
1
Replies

How to use get access token for using xdr apis

rekha09
Cisco Employee
Cisco Employee

‎11-21-2025 01:37 AM

Hello

I am new to Cisco Xdr. We need to use xdr api for judgment https://developer.cisco.com/docs/cisco-xdr/global-intel-api-guide/#sample-code

. We are not sure how to get access token ( or api client/secret) for authentication. https://developer.cisco.com/docs/cisco-xdr/authentication/#authentication

Can someone guide in this. 

Labels:
1 Reply 1

ben.greenbaum
Cisco Employee
Cisco Employee

‎11-21-2025 04:56 AM - edited ‎11-21-2025 04:58 AM

Hi Rekha,

While it's possible to use the Global Intel API to fetch judgements, it may not be the best approach, as it leaves out all of your other XDR modules. Is there a specific reason that you only want results from that source? The better, more complete option would be to use the XDR "deliberate" API

As for getting the access token, you linked to the documentation page for it so I'm not sure what specific questions you may have. In a recent python project, I used the following:

def get_xdr_access_token(client_id, client_secret):
    """
    Obtains an OAuth2 access token from the Cisco XDR API using client credentials flow.

    Args:
        client_id (str): The XDR API client ID.
        client_secret (str): The XDR API client secret.

    Returns:
        str: The access token if successful, None otherwise.
    """
    token_url = f"{XDR_API_BASE_URL}/{XDR_TOKEN_URL_PATH}"
    headers = {
        "Content-Type": "application/x-www-form-urlencoded",
        "Accept": "application/json"
    }
    data = {
        "grant_type": "client_credentials",
        "client_id": client_id,
        "client_secret": client_secret
    }

    try:
        response = requests.post(token_url, headers=headers, data=data)
        response.raise_for_status()  # Raise an exception for HTTP errors (4xx or 5xx)

        token_data = response.json()
        access_token = token_data.get("access_token")
        if access_token:
            return access_token
        else:
            print("Error: Access token not found in the API response.")
            print(f"Full response: {json.dumps(token_data, indent=2)}")
            return None
    except requests.exceptions.HTTPError as e:
        print(f"HTTP error during token acquisition: {e}")
        print(f"Response content: {response.text}")
        return None
    except requests.exceptions.ConnectionError as e:
        print(f"Network connection error during token acquisition: {e}")
        return None
    except json.JSONDecodeError:
        print(f"Error decoding JSON response from token endpoint. Response: {response.text}")
        return None
    except Exception as e:
        print(f"An unexpected error occurred while getting the access token: {e}")
        return None

There are also code examples in github at https://github.com/CiscoSecurity/tr-01-authentication

Hope that helps! If not please describe the exact issues you are running into. 

0 Helpful
Customers Also Viewed These Support Documents