Tines

Exabeam is a global cybersecurity leader and creator of New-Scale SIEM™️ that helps organizations detect threats, defend against cyberattacks, and defeat adversaries, offering a new way for security teams to approach threat detection, investigation, and response (TDIR).

Navigate to "Settings &gt; Core &gt; Admin Operations &gt; Cluster Authentication Token"

Fill out the "Token Name" an "Expiry Date", select the "Default Roles" and then click "Add token"

Enter details about the API Client, select the relevant scopes, then click "Add"

1. Navigate to "Settings &gt; Core &gt; Admin Operations &gt; Cluster Authentication Token"
2. Click on the "+" icon 
 
 
3. Fill out the "Token Name" an "Expiry Date", select the "Default Roles" and then click "Add token" 
 
 
4. Select "Add New API Client"
5. Enter details about the API Client, select the relevant scopes, then click "Add"
6. Copy the "API Client ID" and "Secret"

Lastly, Create an Exabeam credential in Tines

Navigate to the team that will be using the API and click "Credential"

Click "+ New Credential" and select "HTTP Request"

Input the values for the Exabeam credential

1. Name: Required
2. Description: Optional
3. URL: <code>https://api.us-west.exabeam.cloud/auth/v1/token/</code>
 1. The Base URL may be different depending on where you account is based.

1. Content Type: JSON
2. Method: post
3. Payload: <code>{"client_id": "API Key","client_secret": "API Key Secret","grant_type": "client_credentials"}</code>
4. Headers: <code>{"accept": "application/json"}</code>
5. Click "Run options" and double-click on the key named <code>access_token</code> in the response.
6. Location of token from response: Paste the value copied in the previous step.

1. Domains: Ensure this credential can only be used when making HTTP requests to specific domains
2. Access: What other teams can also use the API

1. Login to your Tines tenant
2. Navigate to the team that will be using the API and click "Credential"
3. Click "+ New Credential" and select "HTTP Request"
4. Input the values for the Exabeam credential
 1. Name: Required
 2. Description: Optional
 3. URL: <code>https://api.us-west.exabeam.cloud/auth/v1/token/</code>
 1. The Base URL may be different depending on where you account is based.
 1. Content Type: JSON
 2. Method: post
 3. Payload: <code>{"client_id": "API Key","client_secret": "API Key Secret","grant_type": "client_credentials"}</code>
 4. Headers: <code>{"accept": "application/json"}</code>
 5. Click "Run options" and double-click on the key named <code>access_token</code> in the response.
 6. Location of token from response: Paste the value copied in the previous step.
5. Optional
 1. Domains: Ensure this credential can only be used when making HTTP requests to specific domains
 2. Access: What other teams can also use the API

For more on creating credentials in Tines, click <a href="https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines">here</a>.

When you make an API request, include the HTTP request type credential in the <code>Authorization</code> header after "Bearer" like:

First, get your Exabeam API Key

Lastly, Create an Exabeam credential in Tines

Using the credential in an action