The following are step-by-step instructions on how to access the Cisco PSIRT openVuln API.

Step 1: Access the Cisco API console at: https://apiconsole.cisco.com

Step 2: Login with your CCO credentials (login is only available to registered Cisco customers and partners).

Step 3: Register your application and obtain your client credentials.

Step 4: Once you register your application and obtain your client ID and client secret, the next step is to obtain an authorization token. Authorization tokens in the Cisco PSIRT openVuln API are valid for one (1) hour. The following example demonstrates how to get the token using the curl utility.

curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST -d "client_id=<client_id>" -d "client_secret=<client_secret>" -d "grant_type=client_credentials" https://cloudsso.cisco.com/as/token.oauth2

For example:

omar@omar:~$ curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST -d "client_id=XXXXXXXX" -d "client_secret=YYYYYYYY" -d "grant_type=client_credentials" https://cloudsso.cisco.com/as/token.oauth2

{"access_token":"ytuopLCGZxBFN5O0hnL1M2QX2QVp","token_type":"Bearer","expires_in":3599}

Step 5: Make API calls to https://api.cisco.com/security/... The following example uses the curl command to retrieve CVRF files for all Cisco Security Advisories.

curl -X GET -s -k -H "Accept: application/json" -H "Authorization: Bearer uayEoKBrv0nfjrUavwix1ye8ZoNO" https://api.cisco.com/security/advisories/cvrf/all

The following example demonstrates how to obtain the latest 10 advisories:

curl -X GET -s -k -H "Accept: application/json" -H "Authorization: Bearer uayEoKB

rv0nfjrUavwix1ye8ZoNO" https://api.cisco.com/security/advisories/cvrf/latest/10

For more information about the available RESTful resource URIs and the Cisco PSIRT openVuln API visit: Cisco DevNet: PSIRT