Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
9860
Views
26
Helpful
2
Comments

Accessing the Cisco PSIRT openVuln API Using curl

Omar Santos
Cisco Employee
Cisco Employee

on ‎12-10-2015 09:10 PM

The following are step-by-step instructions on how to access the Cisco PSIRT openVuln API.

Step 1: Access the Cisco API console at: https://apiconsole.cisco.com


Step 2: Login with your CCO credentials (login is only available to registered Cisco customers and partners).


Step 3: Register your application and obtain your client credentials.


Step 4: Once you register your application and obtain your client ID and client secret, the next step is to obtain an authorization token. Authorization tokens in the Cisco PSIRT openVuln API are valid for one (1) hour. The following example demonstrates how to get the token using the curl utility.

curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST -d "client_id=<client_id>" -d "client_secret=<client_secret>" -d "grant_type=client_credentials" https://cloudsso.cisco.com/as/token.oauth2

For example:

omar@omar:~$ curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST -d "client_id=XXXXXXXX" -d "client_secret=YYYYYYYY" -d "grant_type=client_credentials" https://cloudsso.cisco.com/as/token.oauth2

{"access_token":"ytuopLCGZxBFN5O0hnL1M2QX2QVp","token_type":"Bearer","expires_in":3599}

Step 5: Make API calls to https://api.cisco.com/security/... The following example uses the curl command to retrieve CVRF files for all Cisco Security Advisories.

curl -X GET -s -k -H "Accept: application/json" -H "Authorization: Bearer uayEoKBrv0nfjrUavwix1ye8ZoNO" https://api.cisco.com/security/advisories/cvrf/all

The following example demonstrates how to obtain the latest 10 advisories:

curl -X GET -s -k -H "Accept: application/json" -H "Authorization: Bearer uayEoKB

rv0nfjrUavwix1ye8ZoNO" https://api.cisco.com/security/advisories/cvrf/latest/10


For more information about the available RESTful resource URIs and the Cisco PSIRT openVuln API visit: Cisco DevNet: PSIRT

Comments
visxu
Cisco Employee
Cisco Employee
‎08-03-2020 08:15 PM

The KEY means client_id, CLIENT SECRET means client_secret, right ?
But I got 401 response

{
    "error_description": "Invalid client or client credentials.",
    "error": "invalid_client"
}

20200804111222.png

visxu
Cisco Employee
Cisco Employee
‎08-04-2020 07:13 AM

I created a another new application and it works with the new id and secret.
In the second creation, I just choose only one Grant Type : "Client Credentials"

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links
Discussions
Customers Also Viewed These Support Documents