You need to register an application with Symantec Endpoint Protection Manager (SEPM) for the REST API and need to generate an access token or refresh token for your application.

SEPM

To generate an access token for SEPM REST API usage, follow the steps below.

1. Open a browser and visit https://<Hostname>:8446/sepm/viewLoginRMM.do
   • Login with SEPM admin credentials.  The SEPM Domain field is required.  Use "Default" (no quotes) for the Default SEPM domain.
2. In the upper left, under Tasks, click Add an application if there isn't an existing application.
3. Take note of the client ID and client secret.  You'll need them for the following steps.  <client id> and <client secret> where noted below.
4. Go to: https://<Hostname>:8446/sepm/oauth/authorize?response_type=code&client_id=<client id>
5. Copy the code from the URL and save it.
   • Note: Make sure you proceed to the site if it gives a cert error, and login. The code will be needed in the following URL along with the client ID and client secret.
6. Go to: https://<Hostname>:8446/sepm/oauth/token?grant_type=authorization_code&client_id=<client id>&client_secret=<client secret>&code=<code>
7. This should return a JSON string with the access token and refresh token needed to set up your application.
   • Note: If you use Internet Explorer it may try to download the JSON; open it with notepad, or use another browser like Chrome / Edge Chromium / Mozilla Firefox.

For additional OAuth information, please review the Web Services Documentation included in the Tools folder of the product's Full Installation archive. (The archive may be extracted to disk with 7zip, WinRAR or similar.).

Run the index.html file from \Tools\WebServicesDocumentation\SEPM_WebService_SDK\ReferenceGuide in a preferred browser to view. Double-clicking will launch the html file in the default browser.