All Collections
Authentication guides
ThreatQ Authentication Guide
ThreatQ Authentication Guide

How to authenticate ThreatQ for use with Tines

Daniel Stoeski avatar
Written by Daniel Stoeski
Updated over a week ago

ThreatQ improves the efficiency and effectiveness of existing security operations by fusing disparate data sources, tools, and teams to accelerate threat detection and response.

First, get ThreatQ OAuth Client Credentials

Hosted deployment

  1. Contact support@threatq.com to have a ticket created to generate OAuth Client Credentials using the name “Tines"

On-Premise deployment

  1. SSH into your ThreatQ instance

  2. Run cd /var/www/api

  3. Run sudo php artisan threatq:oauth2-client --name "Tines"

  4. Copy the credentials to a text editor

Lastly, create a ThreatQ resource and credentials in Tines

Resource

  1. Login to your Tines tenant

  2. Navigate to the team that will be using the API and click "Resource"

  3. Click "+ New Resource"

  4. Input the values for the ThreatQ resource

    • Name: ThreatQuotient Domain

    • Description: Optional

    • Builder: Your ThreatQ instance hostname, i.e. tenant.threatq.online

  5. Optional

    • Access: What other teams can also use the resource

  6. Click "Save resource"

Text type credential

  1. Navigate to the team that will be using the API and click "Credentials"

  2. Click "+ New Credential" and select "Text"

  3. Input the values for the ThreatQ credential

    1. Name: ThreatQ Client Secret

    2. Description: Optional

    3. Value: Your ThreatQ OAuth Client Secret

  4. Optional

    1. Domains: Ensure this credential can only be used when making HTTP requests to specific domains.

    2. Access: What other teams can also use the API

  5. Click "Save"

HTTP request type credential

  1. Click "+ New Credential" and select "HTTP Request"

  2. Input the values for the ThreatQ credential

    1. Name: ThreatQuotient

    2. Description: Optional

    3. URL: https://<<RESOURCE.threatquotient_domain>>/api/token?grant_type=client_credentials

    4. Content Type: JSON

    5. Method: post

    6. Headers:

      1. Accept: application/json

    7. Basic auth:

      1. Username: ThreatQ OAuth Client ID

      2. Password: <<CREDENTIAL.threatq_client_secret>>

    8. Click "Run options", navigate to the access_token key and double click on the key

    9. Location of token from response: Paste the path to the token in the value pill, <<threatquotient.body.access_token>>

    10. TTL: 3599

  3. Optional

    1. Domains: Ensure this credential can only be used when making HTTP requests to specific domains

    2. Access: What other teams can also use the API

  4. Click "Save"

Your credential should look like the following:

More on creating credentials in Tines here.

You can also find a selection of ThreatQ stories in the story library.

Did this answer your question?