Buy or Renew
Buy or Renew
Notice: The file download function is disabled. We apologize for the inconvenience.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
907
Views
2
Helpful
3
Replies

Umbrella API Customer creation

Go to solution
tomo-nenadovic
Level 1
Level 1

‎03-18-2025 07:32 AM

Hello

I'm testing Umbrella API capabilities for customer creation and service provisioning.

I've obtained API key from Umbrella SIG sandbox with all available Admin permissions.

Screenshot 2025-03-18 142957.png

 

 

 

 

 

 

 

 

 

 

I'm getting 403 when I try to call Create Customer for Provider

The scope in the Create Authorization Token request includes `admin.customers:write`, but that claim is not present in the generated Access token.

I assume that I need an API key for an identity higher in the Cisco hierarchy than the one available via sandbox.

Any advice on this topic?

Thank you

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
bigevilbeard
VIP
VIP

‎03-18-2025 10:16 AM

@tomo-nenadovic by no means an expert in this, but based on your info above, this does sound like hierarchical permissions issue. The Umbrella SIG sandbox environment may provide API keys with admin permissions, but these might be limited to a specific tenant/organization level rather than provider-level operations.

Ive not used this in a while, can you check your API key permission in the dashboard on this sandbox? https://docs.umbrella.com/deployment-umbrella/docs/add-keyadmin-api-keys

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

View solution in original post

3 Replies 3

Go to solution
bigevilbeard
VIP
VIP

‎03-18-2025 10:16 AM

@tomo-nenadovic by no means an expert in this, but based on your info above, this does sound like hierarchical permissions issue. The Umbrella SIG sandbox environment may provide API keys with admin permissions, but these might be limited to a specific tenant/organization level rather than provider-level operations.

Ive not used this in a while, can you check your API key permission in the dashboard on this sandbox? https://docs.umbrella.com/deployment-umbrella/docs/add-keyadmin-api-keys

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

Go to solution
tomo-nenadovic
Level 1
Level 1

‎03-19-2025 03:26 AM

@bigevilbeardThank you for your response and interest in helping me.

That workaround with creating the necessary API key via API did the trick.

Now I'm getting Bad Request due to `Invalid package provided`.

I guess this is still hierarchical issue.

Screenshot 2025-03-19 110738.png

Screenshot 2025-03-19 111004.png

0 Helpful

Go to solution
bigevilbeard
VIP
VIP
In response to tomo-nenadovic

‎03-19-2025 05:55 AM

Nice, a step forward, but another problem, yipee! Hmm yah i think you are right, from what i read on teh docs for this error, this would mean

  • Not valid for the customer's hierarchy level.
  • Not available in your Umbrella organization.
  • Not correctly specified in the API request.

I am guessing (again) some of the required package ids might be reserved for specific provider levels or could even require special licensing permissions that are not installed or available in the sandbox. On the doc i see this

> Check that your Umbrella package includes a license for the Umbrella API and its endpoints.

https://developer.cisco.com/docs/cloud-security/errors-and-troubleshooting/#troubleshooting

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io
Customers Also Viewed These Support Documents