Authorization grants or denies access to a system or application based on a user’s permissions. Each authorization type uses a unique process to exchange and validate credentials or tokens.
Supported Authorization Types
API Key
Basic
Digest
Oauth2
Token Based
Custom
API Key authorization uses a secret key (the API key) to identify and authorize a client when making API requests.
Example 1: Sending API Key in the header with the key Authorization
"headers": {
"Authorization": "Bearer abc123securekey"
}
}
Example 2: Sending API key in the header with a different key name
"headers": {
"x-api-key": "Bearer abcdsecret123key"
}
}
Basic Authorization is an HTTP authentication method that sends a Base64-encoded string containing the username and password in the “Authorization” header.
Example:
"headers": {
"Authorization": "Basic MTIxOWEyYjczYmExYmlLWE5YjItMzg2NjkwYmFjMjZj"
}
}
Digest Authorization is an HTTP authentication method that applies hash and nonces to the username and password to transmit credentials securely.
Example:
"headers": {
"Authorization": "Digest username=\"alice\", realm=\"example.com\", nonce=\"dcd98b7102dd2f0e8b11d0f600bfb0c093\", uri=\"/data\", response=\"6629fae49393a05397450978507c4ef1\", qop=auth, nc=00000001, cnonce=\"0a4f113b\""
}
OAuth 2.0 is an authorization framework that uses access tokens in headers and optional refresh tokens. It allows applications limited access to a user’s data without exposing their credentials.
Supported Grant Types in URAF 3.4.0
Client Credentials
Password Credentials
Example:
"headers": {
"Authorization": "Bearer ya29.a0AfH6SMCq_jJwEXAMPLE-TOKEN123456789"
}
Token-based authentication uses access tokens in headers. It allows you to access a log source without repeatedly sending credentials.
URAF sends credentials to the API’s authentication endpoint to obtain an access token:
Example:
POST https://api.example.com/auth/token
Content-Type: application/json
{
"username": "logpoint_user",
"password": "securePassword123"
}
The API returns an access token, which URAF includes in the Authorization header by default when fetching logs:
Example:
GET https://api.example.com/logs
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
If an API of a source requires an authentication method other than the supported methods, URAF supports it via lightweight applications or integrations that run along with URAF. After installing the application, you can select the vendor template in URAF to create a log source and enter the credentials. For example, Cybereason and DuoSecurity.