API Access
This section includes
2. Credentials in Configuration File
If you have already set up the CBC Python SDK, skip ahead to Getting Started Out of the Box.
The Toolkit uses the CBC Python SDK to communicate with the Carbon Black Cloud via an API Key. The Toolkit will communicate with the Unified Binary Store (UBS) and Enterprise EDR Feeds, so your API Key must have access to UBS and Feeds.
This can be achieved by creating a key with a Custom (RBAC) Access Level with org.feeds , ubs.org.sha256 and ubs.org.file permissions.
Step 1. Create a Custom Access Level.
Select the following permissions:
| Dot Notation Name for Permission | Access Levels |
|---|---|
org.feeds |
READ and UPDATE
|
ubs.org.sha256 |
READ |
ubs.org.file |
READ |
Step 2. Create an API Key with a Custom (RBAC) Access Level.
Use the Custom (RBAC) Access Level created above to make a new API Key.
Settings -> API Access -> API Keys Tab -> + Add API Key -> Access Level Type Dropdown [Custom] -> Custom access level dropdown [level with Feeds and UBS permissions]
Once an API Key with the required permissions has been created, it can be used in the Toolkit.
After creating an API Key with UBS and Feeds access, you must put the key in your configuration file. The Toolkit expects an api_token, which is a concatenation of an API Key's Secret Key and Key ID. The values below can be found in your Carbon Black Cloud console, and are unique to your organization and API Key.
| Name | Example Value |
|---|---|
| Org Key | P1Q2R3S4 |
| API Secret Key | ABCDEFGH |
| API Key ID | 1234 |
api_token |
ABCDEFGH/1234 |
In this example, the carbonblackcloud section of the Toolkit configuration file would look similar to this:
carbonblackcloud:
url: https://defense-prod05.conferdeploy.net
api_token: ABCDEFGH/1234
org_key: P1Q2R3S4
ssl_verify: True
expiration_seconds: 3600
The Toolkit configuration file is covered in Getting Started Out of the Box.
For more information on API Keys, Access Level Types, and RBAC Permissions, visit the Developer Network Authentication Guide.