How to Create and Use a Spyderbat API Key
Spyderbat leverages API very heavily. To configure a variety of inbound and outbound API integrations, you will need to generate your API key. Learn how to create, maintain and manage your API keys.
Setting up your API key for a user account is necessary to be able to leverage the Spyderbat API. This document outlines how to set up your first API key and perform a basic operation against the Spyderbat API to test it.
A Note on Spyderbat RBAC
Spyderbat uses Role Based Access Control for user accounts, and an API key is bound to a particular user account. A user account may belong to one or more organizations and maps to a role within each organization. The role determines which API operations are permitted — see the Spyderbat API documentation for a full list of API operations and their required roles. Some features (such as SIEM forwarding) require specific permissions like org:ManageSiemForwarding — contact your org admin if you need access to a specific capability.
How to Create Your API Key
For the account you are using (Admin or Read Only) – you can click on the account icon in the top right corner of the UI and you will see an “API Keys” Link
Click on the “API Keys” link and you will be taken to a page where you can create your API Key(s)
This will bring up a modal box where you can give the key you want to create a name and click on save.
Once the API key has been created, copy the full API key value for use with the Spyderbat API. The key is masked in the list (****xxxx) — to retrieve the full value, click the Example Usage button (the middle icon of the three icons per row) next to the key. The full API key appears as a Bearer token in the Authorization header of the curl example. Copy the token value (starting with eyJ...).
API keys can have an expiration date. Check your key's expiration date and rotate before it lapses to avoid an unexpected loss of access.
The API key is not destroyed after navigating away — you can always retrieve the full value again from the Example Usage dialog.
Retrieving Your Organization ID
In addition to the API key, you will also need your "Organization ID" (or Org ID) to leverage the Spyderbat API. This ID is a unique identifier for your organization. To find your Org ID, navigate to an org-level page in the Spyderbat Console — for example, the Dashboard — and examine the URL in your browser. Your Org ID is the string between org/ and the next / in the path:
So the Org ID in this example is P6V31v0uIG5dtqXTHLsd.
The Example Usage dialog (opened from the middle icon next to any API key) includes an org dropdown and a Copy org ID button. If your account belongs to multiple orgs, this is often the easiest way to grab the correct org UID — and it lets you verify you're copying from the right org before you proceed.
The API Keys page (/app/user/apikey) does not include your org UID in its URL. Navigate to a different page — such as the Dashboard — to find it.
If your account has access to multiple organizations, make sure you copy the Org ID for the correct org. Using the wrong org UID produces zero results with no error message.
Copy your specific Org ID for reference.
Testing the Spyderbat API with a Basic Example
Now that you have created your API key and have your Org ID, you can query the Spyderbat API with the simple examples below (for more details on the API see the Spyderbat API documentation)
To list all the organizations that my user is part of where API_key is the API key you created above:
To list all the sources/agents in an organization, where API_key is the API key you created above and Org_id is the Org ID you retrieved for your organization:
Last updated
Was this helpful?