Tines

ThreatQ improves the efficiency and effectiveness of existing security operations by fusing disparate data sources, tools, and teams to accelerate threat detection and response. 

First, get ThreatQ OAuth Client Credentials

Contact <a href="mailto:support@threatq.com" rel="nofollow noopener noreferrer" target="_blank">support@threatq.com</a> to have a ticket created to generate OAuth Client Credentials using the name “Tines"

1. Contact <a href="mailto:support@threatq.com" rel="nofollow noopener noreferrer" target="_blank">support@threatq.com</a> to have a ticket created to generate OAuth Client Credentials using the name “Tines"

Run <code>sudo php artisan threatq:oauth2-client --name "Tines"</code>

1. SSH into your ThreatQ instance
2. Run <code>cd /var/www/api</code>
3. Run <code>sudo php artisan threatq:oauth2-client --name "Tines"</code>
4. Copy the credentials to a text editor

Lastly, create a ThreatQ resource and credentials in Tines

Navigate to the team that will be using the API and click "Resource"

Input the values for the ThreatQ resource

- Name: ThreatQuotient Domain
- Description: Optional
- Builder: Your ThreatQ instance hostname, i.e. <code>tenant.threatq.online</code>

- Access: What other teams can also use the resource

1. Login to your Tines tenant
2. Navigate to the team that will be using the API and click "Resource"
3. Click "+ New Resource"
4. Input the values for the ThreatQ resource
 - Name: ThreatQuotient Domain
 - Description: Optional
 - Builder: Your ThreatQ instance hostname, i.e. <code>tenant.threatq.online</code>
5. Optional
 - Access: What other teams can also use the resource
6. Click "Save resource"

Navigate to the team that will be using the API and click "Credentials"

Click "+ New Credential" and select "Text"

Input the values for the ThreatQ credential

1. Name: ThreatQ Client Secret
2. Description: Optional
3. Value: Your ThreatQ OAuth Client Secret

1. Domains: Ensure this credential can only be used when making HTTP requests to specific domains.
2. Access: What other teams can also use the API

1. Navigate to the team that will be using the API and click "Credentials"
2. Click "+ New Credential" and select "Text"
3. Input the values for the ThreatQ credential
 1. Name: ThreatQ Client Secret
 2. Description: Optional
 3. Value: Your ThreatQ OAuth Client Secret
4. Optional
 1. Domains: Ensure this credential can only be used when making HTTP requests to specific domains.
 2. Access: What other teams can also use the API
5. Click "Save"

Click "+ New Credential" and select "HTTP Request"

1. Name: ThreatQuotient
2. Description: Optional
3. URL: <code>https://&lt;&lt;RESOURCE.threatquotient_domain&gt;&gt;/api/token?grant_type=client_credentials</code>
4. Content Type: JSON
5. Method: post
6. Headers: 
 1. <code>Accept: application/json</code>
7. Basic auth:
 1. Username: ThreatQ OAuth Client ID
 2. Password: <code>&lt;&lt;CREDENTIAL.threatq_client_secret&gt;&gt;</code>
8. Click "Run options", navigate to the <code>access_token</code> key and double click on the key
9. Location of token from response: Paste the path to the token in the value pill, <code>&lt;&lt;threatquotient.body.access_token&gt;&gt;</code>
10. TTL: 3599

1. Domains: Ensure this credential can only be used when making HTTP requests to specific domains
2. Access: What other teams can also use the API

1. Click "+ New Credential" and select "HTTP Request"
2. Input the values for the ThreatQ credential
 1. Name: ThreatQuotient
 2. Description: Optional
 3. URL: <code>https://&lt;&lt;RESOURCE.threatquotient_domain&gt;&gt;/api/token?grant_type=client_credentials</code>
 4. Content Type: JSON
 5. Method: post
 6. Headers: 
 1. <code>Accept: application/json</code>
 7. Basic auth:
 1. Username: ThreatQ OAuth Client ID
 2. Password: <code>&lt;&lt;CREDENTIAL.threatq_client_secret&gt;&gt;</code>
 8. Click "Run options", navigate to the <code>access_token</code> key and double click on the key
 9. Location of token from response: Paste the path to the token in the value pill, <code>&lt;&lt;threatquotient.body.access_token&gt;&gt;</code>
 10. TTL: 3599
3. Optional
 1. Domains: Ensure this credential can only be used when making HTTP requests to specific domains
 2. Access: What other teams can also use the API
4. Click "Save"

Your credential should look like the following:

More on creating credentials in Tines <a href="https://explained.tines.com/en/articles/6877578-what-are-credentials-in-tines">here</a>.

You can also find a selection of ThreatQ stories in the <a href="https://www.tines.com/library?view=all&amp;s=threatq" rel="nofollow noopener noreferrer" target="_blank">story library</a>.

First, get ThreatQ OAuth Client Credentials

Hosted deployment

On-Premise deployment

Lastly, create a ThreatQ resource and credentials in Tines

Resource

Text type credential

HTTP request type credential