Skip to content

Examples

Here is an example of how to generate a new access token.

Generate New Access Token

Request using the ‘curl’ command:

curl -X GET \
-H "Token:eda4d4d4703937d6bb479n296a0d6c21d215b81d" \
-H "Accept:application/json" \
"https://secure.cigital.com/api/public/v3/targets?\
limit=2"

curl -X POST \
https://secure.cigital.com/api/public/v3/access-tokens/ \
-H "Accept: */*" \
-H "Cache-Control: no-cache" \
-H "Content-Type: application/json" \
-d "{    "userName": "cedar_ops",
         "password": "password"
    }"

Request using the ‘curl’ command when specifying a custom duration and an allowed range of IP addresses:

curl -X POST \
https://secure.cigital.com/api/public/v3/access-tokens/ \
-H "Accept: */*" \
-H "Cache-Control: no-cache" \
-H "Content-Type: application/json" \
-d "{    "userName": "cedar_ops",
         "password": "password" ,
         "duration" : "PT15M",
         "allowedIpRange: "1.2.0.0/11,100.0.2.45/30'"
    }"

Note: xexpiryTime is in ISO 8601 duration format. No fractional value or negative values are allowed for any of the fields. The accepted format is "PnYnMnDTnHnMnS". The default duration is 30M.

The allowedIpRange field is optional. You can specify multiple IP addresses, separating them with commas. You can also use Classless Inter-Domain Routing (CIDR) notation, such as using a slash (/) to specify a range of address values.

Request using Java source code:

public void createAccessToken( String applicationName,
                               String username,
                               String password,
                               String duration ) {

    Client client = ClientBuilder.newClient();
    WebTarget target =
        client.target( MSP_URL )
              .path( "/api/public/v3.1/access-tokens" );
    String json = String.format( "{\"applicationName\":\"%s\",
                                 \"userName\":\"%s\",
                                 \"password\": \"%s\",
                                 \"duration\" : \"%s\"}",
                                 applicationName,
                                 username,
                                 password,
                                 duration);
    Response response =
        target.request()
              .post( Entity.json( json ), Response.class );

    if ( response.getStatus() == 200 ) {
        System.out.println( response.readEntity( String.class ) );
    } else {
        System.out.println( response.readEntity( String.class ) );
    }
    client.close();
}

Response:

Status: 200

Response Body:

{
    "id": "TOKEN_1894617838",
    "token": "0f1b78d1d8296c985e18acebdc8cba9284aca340",
    "expiresAt": "2019-05-17T05:56:39Z",
    "allowedIpRange": "11.2.0.0/11,100.0.2.45/30"
}

Parent topic:Generate a New Access Token