Skip to main content
WatchGuard Authentication Guide

How to authenticate WatchGuard for use with Tines

Daniel Stoeski avatar
Written by Daniel Stoeski
Updated over a week ago

WatchGuard provides network and endpoint security, secure-WIFI, multi-factor authentication, and network intelligence products and services.

First, get your WatchGuard API Key

  1. Log in to your WatchGuard Cloud account

  2. Select "Administration" and then "Managed Access"

  3. Click "Enable API Access".

  4. Specify the "readwrite" and "readonly" passwords to use as your API access credentials, then check the check box and click "Save"

  5. Once enabled, you will see the following information. Take note of

    1. "Access ID (Read-write)

    2. "Authentication API URL"

    3. "API Key"

    Screen shot of RESTful API Access enabled

Lastly, Create WatchGuard credentials in Tines

HTTP request type to obtain access token

  1. Login to your Tines tenant

  2. Navigate to the team that will be using the API and click "Credential"

  3. Click "+ New Credential" and select "HTTP Request"

  4. Input the values for the WatchGuard credential

    1. Name: Required

    2. Description: Optional

    3. URL: The "Authentication API URL, i.e. https://api.usa.cloud.watchguard.com/oauth/token.

      1. Depending on your WatchGuard Cloud account data storage region, this may different.

    4. Content Type: Form

    5. Method: post

    6. Payload: {"grant_type": "client_credentials", "scope": "api-access"}

    7. Headers:

      1. {"accept": "application/json"}

      2. {"Authorization": "Basic dXNlcm5hbWU6N3loVHI1RHNkLWg2YTktODVnZS1nNjc4OTNoNmUwdGQ"}

        1. read-write access ID:read-write password encoded into base64

    8. Click "Run options" and double click on the key named access_token in the response.

    9. Location of token from response: Paste the value copied in the previous step.

  5. Optional

    1. Domains: Ensure this credential can only be used when making HTTP requests to specific domains

    2. Access: What other teams can also use the API

Text type for API Key

  1. Login to your Tines tenant

  2. Navigate to the team that will be using the API and click "Credential"

  3. Click "+ New Credential" and select "Text"

  4. Input the values for the WatchGuard credential

    1. Name: Required

    2. Description: Optional

    3. Value: "API Key"

  5. Optional

    1. Domains: Ensure this credential can only be used when making HTTP requests to specific domains

    2. Access: What other teams can also use the API

For more on creating credentials in Tines, click here.

Using the credential in an action

When you make an API request, include the HTTP request type credential in the Authorization header after "Bearer" like:

Bearer <<CREDENTIAL.watchguard_token>>​

and the text type credential in the WatchGuard-API-Key header like:

​<<CREDENTIAL.watchguard_api_key>>


An example action you can copy and paste onto your storyboard:

{"standardLibVersion":"29","actionRuntimeVersion":"4","agents":[{"disabled":false,"name":"Get account information","description":"Created from cURL command","options":"{\"url\":\"https://api.usa.cloud.watchguard.com/rest/platform/accounts/v1/accounts/<<account_id>>\",\"method\":\"get\",\"payload\":{\"fields\":\"contacts,addresses\"},\"headers\":{\"Authorization\":\"Bearer <<CREDENTIAL.watchguard_token>>\",\"Content-Type\":\"application/json\",\"WatchGuard-API-Key\":\"<<CREDENTIAL.watchguard_api_key>>\"}}","position":{"x":1065,"y":-810},"type":"httpRequest","timeSavedUnit":"minutes","timeSavedValue":0,"monitorAllEvents":false,"monitorFailures":false,"monitorNoEventsEmitted":null,"recordType":null,"recordWriters":[],"form":null,"cardIconName":null,"createdFromTemplateGuid":null,"createdFromTemplateVersion":null}],"links":[],"diagramNotes":[]}
Did this answer your question?