SES REST API call error "User is not authorized for the operation"
search cancel

SES REST API call error "User is not authorized for the operation"

book

Article ID: 260552

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Using the REST API to function using Curl to get the categories(threat intel, event stream, etc.,) results in an error { "message" : "User is not authorized for the operation."}.

Environment

Symantec Endpoint Security 

Cause

The access token provided during the API call is not valid. Either the token has expired or the token was not properly formatted when submitted.

 

Resolution

  • When the token is generated the results are returned in a JSON format that contains 3 values: access_token, token_type, & expires_in. The generated token will be valid for 1 hour. The highlighted part in yellow is access_token and what is needed for all the rest of the API calls.

    Here is an example calling the Threat-Intel related file API with the generated token.

  • Ensure proper formatting exists according to the above example
  • Generate a new token if 1 hour has passed