Using the REST API to function using Curl to get the categories(threat intel, event stream, etc.,) results in an error { "message" : "User is not authorized for the operation."}.
Symantec Endpoint Security
The access token provided during the API call is not valid. Either the token has expired or the token was not properly formatted when submitted.
When the token is generated the results are returned in a JSON format that contains 3 values: access_token, token_type, & expires_in. The generated token will be valid for 1 hour. The highlighted part in yellow is access_token and what is needed for all the rest of the API calls.
Here is an example calling the Threat-Intel related file API with the generated token.