You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm currently trying to use the API to pull down the compliance reports on some of our scans. I've followed the documentation and confirmed the pre-reqs and also verified the key has global admin permissions currently. I also used one of the Python scripts in this library and modified it slightly to do this. However when posting I'm getting a Error 403.
Is there any other requirements I should check for? GET commands seem to work fine and I can gather info that way but I'm looking to download the PDF reports.
More info below:
{"status":403,"id":"f80b81bf-ed81-4331-bc3f-38ffb7a9ac7b","code":1,"message":"Access denied","errors":["This endpoint is not accessible via API"]}
Hi,
I'm currently trying to use the API to pull down the compliance reports on some of our scans. I've followed the documentation and confirmed the pre-reqs and also verified the key has global admin permissions currently. I also used one of the Python scripts in this library and modified it slightly to do this. However when posting I'm getting a Error 403.
Is there any other requirements I should check for? GET commands seem to work fine and I can gather info that way but I'm looking to download the PDF reports.
More info below:
{"status":403,"id":"f80b81bf-ed81-4331-bc3f-38ffb7a9ac7b","code":1,"message":"Access denied","errors":["This endpoint is not accessible via API"]}
PYTHON Script:
import sys
import json
import time
import hmac
import base64
import hashlib
import requests
Obtain a CloudSploit API key and secret from the dashboard
api_key = "Key here"
secret = "Secret"
base_url = "https://api.cloudsploit.com"
method = 'POST'
path = "/v2/pdfs"
body = {
"report": "scan",
"scan_id": 123
}
body_str = json.dumps(body, separators=(',', ':'))
timestamp = str(int(time.time() * 1000))
endpoint = base_url + path
string = timestamp + method + path + body_str
secret_bytes= bytes(secret , 'latin-1')
string_bytes = bytes(string, 'latin-1')
signature = hmac.new(secret_bytes, msg=string_bytes, digestmod=hashlib.sha256).hexdigest()
hdr = {
"Accept": "application/json",
"X-API-Key": api_key,
"X-Signature": signature,
"X-Timestamp": timestamp,
"content-type": "application/json"
}
r=requests.post(endpoint, headers=hdr, data=body_str)
print (r.text)
The text was updated successfully, but these errors were encountered: