ThreatQuotient ThreatQ

introduction this guide tells you how to authenticate the threatquotient threatq connector in swimlane using oauth 2 0 password grant authentication you will enable api access in threatq, collect the required credentials, and configure the connector in swimlane prerequisites threatq access requirements you must have access to a threatquotient threatq account with permissions to access the threatq api authenticate using oauth (username/password based grant) create, read, update, and delete indicators, events, and import sessions view api version information (standard or beta) permissions are managed through threatq roles ensure the api user has sufficient privileges for the actions you intend to automate required credentials during setup, you will collect the following api base url api user email client password oauth client id api type (standard or beta) api types threatq supports different api types depending on your deployment true 330,331 unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type ensure the api type selected in swimlane matches your threatq instance threatq setup take the following steps to prepare threatq for api authentication log in to the threatq platform confirm api access is enabled for your user account identify the correct api base url for your threatq instance confirm the oauth client id assigned to your environment verify whether your instance uses the standard or beta api threatq uses oauth password grant authentication, which requires a valid api user email and password scopes and permissions threatquotient does not require explicit oauth scopes to be defined during authentication access control is enforced through threatq roles and permissions assigned to the api user ensure the api user has permissions for the following functional areas as needed indicators (read, search, create, update) events (create, list, import) imports and import sessions queries and searches for more information on threatq roles and permissions, refer to the threatquotient documentation connector configuration in swimlane take the following steps to configure the threatquotient threatq connector asset in swimlane log in to turbine from the left hand navigation pane, click orchestration , then click assets click the plus (+) icon to open the configure your connector asset window select threatquotient threatq from the asset type list fill in the asset settings and asset input as shown below configuration parameters oauth password grant true 220,220,221 unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type troubleshooting if authentication fails verify the api base url is correct confirm the api user email and password are valid ensure the correct oauth client id is used verify the selected api type matches your threatq deployment check ssl and proxy configuration settings result you have successfully authenticated the threatquotient threatq connector in swimlane and can now automate threat intelligence ingestion and management workflows sources swimlane threatquotient threatq connector documentation https //docs swimlane com/connectors/threatquotient threatq?utm source=chatgpt com