API - Cylance

sudo apt-get install build-essential libssl-dev libffi-dev python-dev virtualenv
virtualenv cylance_api && cd cylance_api
source ./bin/activate
pip install jwt
pip install PyJWT==1.5.3
pip install requests
pip install uuid
pip install datetime
pip install pandas
cat <<EOF >jwt.cy
import jwt # PyJWT version 1.5.3 as of the time of authoring.
import uuid
import requests # requests version 2.18.4 as of the time of authoring.
import json
from datetime import datetime, timedelta
# 30 minutes from now
timeout = 1800
now = datetime.utcnow()
timeout_datetime = now + timedelta(seconds=timeout)
epoch_time = int((now - datetime(1970, 1, 1)).total_seconds())
epoch_timeout = int((timeout_datetime - datetime(1970, 1, 1)).total_seconds())
jti_val = str(uuid.uuid4())
tid_val = "e9154fcc-ac30-48d6-a617-79e2f8589d1a" # The tenant's unique identifier.
app_id = "091975be-da3e-443a-9f5c-5340424cc21e" # The application's unique identifier.
app_secret = "8d0410c7-e230-4f70-8e02-756787568592" # The application's secret to sign the auth token with.
AUTH_URL = "https://protectapi-euc1.cylance.com/auth/v2/token"
claims = {
 "exp": epoch_timeout,
 "iat": epoch_time,
 "iss": "http://cylance.com",
 "sub": app_id,
 "tid": tid_val,
 "jti": jti_val
 # The following is optional and is being noted here as an example on how one can restrict
 # the list of scopes being requested
 # "scp": "policy:create, policy:list, policy:read, policy:update"
}
headers = {"Content-Type": "application/json; charset=utf-8"}
encoded = jwt.encode(claims, app_secret, algorithm='HS256', headers=headers).decode('utf-8')
print "auth_token:\n" + encoded + "\n"
payload = {"auth_token": encoded}
resp = requests.post(AUTH_URL, headers=headers, data=json.dumps(payload))
print "http_status_code: " + str(resp.status_code)
print "access_token:\n" + json.loads(resp.text)['access_token'] + "\n"
EOF

Sources:

  • https://support.cylance.com/s/article/CylancePROTECT-User-API-Guide