Accepted Solutions
UPDATE: SOLVED
With the help of Cisco's Jason Smith, I was able to issue a valid request via both Postman and Curl. The missing piece was to take the access_token (as produced via Omar's method) as well as the token_type and set them as an 'Authorization' header field as well as providing an 'Accept' header.
More explicitly:
Postman:
1. Get access_token following the steps Omar laid out.
2. Do not click 'Use Token' instead go to the 'Headers' Tab in Postman and set the following:
Key: Authorization Value: Bearer <access_token>
Key: Accept Value: application/json
3. Hit 'Send' and watch the magic happen 
Curl:
The issue I was having with getting the token had to do with my proxy settings. Ensure you are first doing:
$ export https_proxy=<https_host>:<port>
Then you can issue your access token request:
$ curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST -d "client_id=<client_id>" -d "client_secret=<client_secret>" -d "grant_type=client_credentials" https://cloudsso.cisco.com/as/token.oauth2
Then when you get the response, you should have an access token and a token type so using these do:
$ curl -X GET -s -k -H "Accept: application/json" -H "Authorization: <token_type> <access_token>" https://api.cisco.com/security/advisories/cvrf/all
Thank you again to Jason Smith for this solution!
Hi Lukas,
The following are my settings in Postman:
Then you should see the new token, as shown below:
I have the sample curl and others at:
https://github.com/CiscoPSIRT/openVulnAPI/tree/master/example_code
It does seem that you have the correct URL. If this doest not work, try to register "another application" and try the new client credentials. Please let me know if you don't get it to work and glad to help you more.
Cheers,
Omar
Hi Omar,
Thank you for your prompt and informative response! Unfortunately, my issue persists. I went ahead and registered "another application" and documented the procedure I followed below:
Registering Application:
Validating Existence:
Postman Access Token Settings:
Postman Execution/Response:
I additionally looked at your Git and followed the Curl example and received no response:
I would greatly appreciate any more help you are able to offer! Please let me know if you need any additional information.
Thank you for your time.
Best,
Lukas
UPDATE: SOLVED
With the help of Cisco's Jason Smith, I was able to issue a valid request via both Postman and Curl. The missing piece was to take the access_token (as produced via Omar's method) as well as the token_type and set them as an 'Authorization' header field as well as providing an 'Accept' header.
More explicitly:
Postman:
1. Get access_token following the steps Omar laid out.
2. Do not click 'Use Token' instead go to the 'Headers' Tab in Postman and set the following:
Key: Authorization Value: Bearer <access_token>
Key: Accept Value: application/json
3. Hit 'Send' and watch the magic happen
Curl:
The issue I was having with getting the token had to do with my proxy settings. Ensure you are first doing:
$ export https_proxy=<https_host>:<port>
Then you can issue your access token request:
$ curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST -d "client_id=<client_id>" -d "client_secret=<client_secret>" -d "grant_type=client_credentials" https://cloudsso.cisco.com/as/token.oauth2
Then when you get the response, you should have an access token and a token type so using these do:
$ curl -X GET -s -k -H "Accept: application/json" -H "Authorization: <token_type> <access_token>" https://api.cisco.com/security/advisories/cvrf/all
Thank you again to Jason Smith for this solution!
I have done the above steps, getting the token, but still getting the error not authorized
