Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

EDR: Collecting a User API Token From the Server

EDR: Collecting a User API Token From the Server

Environment

  • EDR: All Supported Versions

Objective

Users may need the API token for a generic account used for integrations. If using a service like OKTA, accessing the account from the UI may not be possible.

Resolution

The token can be acquired via a query to the underlying Postgres database. Substitute username with the account whose token needs to be collected.

psql cb -p 5002 -c "select auth_token from cb_user where username='username'"

Additional Notes

If console access is available then the API Token can be found here

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎11-30-2023
Views:
80
Contributors