Authorization

To successfully send requests to Cygna Auditor and retrieve data, you must authorize yourself with the system. Authorization is a two-step process:

  1. Receive a temporary token and user CID.

  2. Authorize each request with a token and sessionI D.

Receiving Token and User CID

Send a POST request to api/v{version}/auth/login.

METHOD ENDPOINT
POST api/v1/auth/login

With a header and body containing your Cygna credentials. Consider using a dedicated user account for making API calls.

HEADER

Content-Type: application/json

BODY

{

"user": "Example\\User",

"password": "Password123",

"userDomain": "Example",

"userAccount": "Example\\User"

}

Review an abstract of the response and copy Token and UserCid.

BODY

{

User": null,

"Password": null,

"DisplayName": "Example user",

"UserDomain": "Example",

"UserAccount": "User",

"UserSid": "S-1-5-21-....-1407802119-0000",

"UserGuid": "00000000-....-9c88-c5a98c9457a8",

"UserCid": "00000000-....-9996-91cb94678f00",

"Token": "eyJhbGci....0000000",

...

}

Authenticating and Authorizing with Token and Session ID

With any request, provide authorization token and user CID (as session ID) in the header. For example:

METHOD

GET

ENDPOINT

/api/v1/collectors/filesystem

HEADER

Authorization: Bearer eyJhbGci....0000000

Session-Id: 00000000-....-9996-91cb94678f00