NetWitness Community

socuser · ‎2021-12-06

Hi Team,

Is Respond-API Access Token has any expire date or something?

if it expired then how to renew it again.

Thanks & Regards,
SOC TEAM

Anonymous · ‎2021-12-10

Yes, it expires after some time.
When you authenticate you will also get a Refresh Token.

When itz expired you do a:
POST /rest/api/auth/token

using the refresh token from the initial authentication request as a parameter.
Please check the API user Guide, on page 5ff for the syntax.

socuser · ‎2021-12-19

Hi Helmut Wahrmann,

Thanks for the response, may I know the expire time frame, it not mentioned in the Document anywhere.

Anonymous · ‎2021-12-20

You are right, that's not mentioned in the documentation.
Will try to find out.

But it is at least 1 hour.
I have a service running, where i renew the login using the refresh token every 3500 seconds using a timer.
With that my session never expires.

Anonymous · ‎2021-12-22

Hi,

i got now some value for the TTL of the tokens.

Access token: 8 hours

Refresh token: 30 days

If you have some sort of batch API in form of a script, which does some requests and will terminate in a reasonable time, you should be able to do all the calls with the original access tokens.

If you have a long running service, e.g. from some kind of SOAR tool, which constantly monitors the Respond Server for new Incidents,you should renew the token using the Refresh Token.
I am doing that a bit below every 1 hour, since i wasn't aware of the 8 hours TTL myself.

regards,

Helmut

NetWitness Community

RSA Netwitness Respond API Accesstoken