Setting up your API key for a user account is necessary to be able to leverage the Spyderbat API. This document outlines how to set up your first API key and perform a basic operation against the Spyderbat API to test it.
A Note on Spyderbat RBAC
Spyderbat leverages Role Based Access Control for user accounts, and an API key is bound to a particular user account. A user account may belong to one or more organizations and maps to a particular role in a given organization. Spyderbat currently supports two roles: “Admin” and “Read Only” – an Admin account can perform any operation against the API, and a “Read Only” account is restricted to specific operations including read operations from the API and viewing elements in the UI – see here for full dynamically generated API docs that also list API call by supported role.
How to Create Your API Key
For the account you are using (Admin or Read Only) – you can click on the account icon in the top right corner of the UI and you will see an “API Keys” Link
Click on the “API Keys” link and you will be taken to a page where you can create your API Key(s)
This will bring up a modal box where you can give the key you want to create a name and click on save.
Once the API key has been created, you can copy the API key from the UI for use with the Spyderbat API (see basic example below).
Retrieving Your Organization ID
In addition to the API key, you will also need your “Organization ID” (or Org ID) to leverage the Spyderbat API. This ID is a unique identifier for your organization. One way to find this is to navigate to the dashboard and examine the URL in your browser:
Your Org ID is the string between “org/” and “/dashboard”. The URL above is:
So our Org ID in this example is P6V31v0uIG5dtqXTHLsd
Copy your specific Org ID to the notepad for handy reference.
Testing the Spyderbat API with a Basic Example
Now that you have created your API key and have your Org ID, you can query the Spyderbat API with the simple examples below (for more details on the API see here)
To list all the organizations that my user is part of where API_key is the API key you created above:
curl https://api.prod.spyderbat.com/api/v1/org/ -H "Authorization: Bearer API_key"
To list all the sources/agents in an organization, where API_key is the API key you created above and Org_id is the Org ID you retrieved for your organization:
curl https://api.prod.spyderbat.com/api/v1/org/Org_id/source/ -H "Authorization: Bearer API_key"