Authentication and authorization quickstart for Cisco Umbrella, Secure Access

Quick Start

This guide outlines the steps to create Cisco Secure Access or Umbrella API keys. With your API credentials, authenticate with the Cisco Token Authorization API and obtain an access token. Then, use your generated access token to get the Secure Access or Umbrella resources through the Secure Access API or Umbrella API. Every API operation requires a valid access token.

1. Create your API keys (Secure Access or Umbrella).
   • Create API Keys in Secure Access
   • Create API Keys in Umbrella
   • Create API Keys with the Key Admin API
2. Generate an access token with your API key credentials.
   • Generate a Secure Access API Access Token
   • Generate an Umbrella API Access Token
3. Make an API request with your access token.
   • Make a Secure Access API Request
   • Make an Umbrella API Request

Create API Keys in Secure Access

For information about creating Secure Access API keys, see Secure Access Authentication.

Create API Keys in Umbrella

For information about creating Umbrella API keys, see Umbrella Authentication.

Create API Keys with the Key Admin API

To create API keys programmatically, you can use the Secure Access or Umbrella Key Admin API.

For more information, see Secure Access Key Admin API or Umbrella Key Admin API.

Generate a Secure Access API Access Token

The Secure Access Token Authorization API endpoint is:

POST https://api.sse.cisco.com/auth/v2/token

For more information, see Getting Started with Secure Access.

Request

You can use curl to create your access token. Provide your Secure Access API key and secret.

curl --user '<key>:<secret>' --request POST --url 'https://api.sse.cisco.com/auth/v2/token' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=client_credentials'

Response

Sample response (200, OK):

{
   "token_type": "bearer",
   "access_token": "xxxxxx",
   "expires_in": 3600
}

Generate an Umbrella API Access Token

The Umbrella Token Authorization API endpoint is:

POST https://api.umbrella.com/auth/v2/token

For more information, see Getting Started with Umbrella.

Request

You can use curl to create your access token. Provide your Umbrella API key and secret.

curl --user '<key>:<secret>' --request POST --url 'https://api.umbrella.com/auth/v2/token' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=client_credentials'

Response

Sample response (200, OK):

{
   "token_type": "bearer",
   "access_token": "xxxxxx",
   "expires_in": 3600
}

Make a Secure Access API Request

To send a request to the Secure Access API, substitute your Bearer token in the HTTP Authorization header.

In this example, your API key credentials must include the deployments key scope. For more information, see Secure Access OAuth 2.0 Scopes.

curl -L --location-trusted --request GET --url 'https://api.sse.cisco.com/deployments/v2/regions' \
-H 'Authorization: Bearer %YourAcessToken%' \
-H 'Content-Type: application/json'

Make an Umbrella API Request

To send a request to the Umbrella API, substitute your Bearer token in the HTTP Authorization header.

In this example, your API key credentials must include the admin key scope. For more information, see Umbrella OAuth 2.0 Scopes.

For example:

curl -L --location-trusted --request GET --url 'https://api.umbrella.com/admin/v2/users' \
-H 'Authorization: Bearer %YourAcessToken%' \
-H 'Content-Type: application/json'