The link you provided to our documentation is open to all users and doesn't require any authentication, there are no checks as to who you are.
If it is that you feel the documentation does not cover the areas you need then you can create a new thread in the community or, you can rate the page providing a thumbs up or down and provide an explanation for why you thought the page was good or bad. This feed back will route to the documentation team where I hope they can then provide more explanation for you.
Original Message:
Sent: Fri January 12, 2024 04:14 AM
From: Jasmin
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
Hi Ben,
"We don't have documentation that is only shown to clients with special access."
Yes you have.
Free content need more development.
------------------------------
Jasmin
Original Message:
Sent: Fri January 12, 2024 04:04 AM
From: BEN WILLIAMS
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
Hi Jasmin,
I don't know what you are referring to when you say you haven't got access to a "plus section." We don't have documentation that is only shown to clients with special access.
I think it would be best to start a new thread in the community with a heading that indicates what you want to know. If you have questions about the architecture of an integration server and MSSP then name the thread accordingly. I will respond and I hope others too might provide their insights.
------------------------------
BEN WILLIAMS
Original Message:
Sent: Thu January 11, 2024 04:53 PM
From: Jasmin
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
Hi,
I know this link. But there isn't in depth topics in official documents or free sections. As I don't have access to plus section :)
I appreciate for your kind help.
Best
------------------------------
Jasmin
Original Message:
Sent: Thu January 11, 2024 04:29 PM
From: BEN WILLIAMS
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
Hi Jasmin,
Yes, have a look at https://www.ibm.com/docs/en/sqsp/51?topic=architecture-soar-platform-mssp-add.
There are other pages that you might also find helpful so spend some time to explore the other pages of our product documentation.
------------------------------
BEN WILLIAMS
Original Message:
Sent: Thu January 11, 2024 04:25 PM
From: Jasmin
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
Hı Ben,
Thanks for your help. Is there any specific documentation about mssp and integration server?
Best
------------------------------
Jasmin
Original Message:
Sent: Thu January 11, 2024 04:40 AM
From: BEN WILLIAMS
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
Hi Jasmin,
Is org 206 your configuration organisation or the child organisation?
You cannot import customisations into a child organisation, they are imported into the configuration organisation and the configuration push, pushes the customisations to the child orgs. See https://www.ibm.com/docs/en/sqsp/51?topic=architecture-soar-platform-mssp-add for more information.
------------------------------
BEN WILLIAMS
Original Message:
Sent: Thu January 11, 2024 04:35 AM
From: Jasmin
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
Client access log:
172.20.21.135 - - [11/Jan/2024:09:31:29 +0000] "POST /rest/orgs/206/configurations/imports HTTP/1.1" - - - - - [-] https-jsse-nio2-443-exec-9172.20.21.135 - - [11/Jan/2024:09:31:29 +0000] "POST /rest/orgs/206/configurations/imports HTTP/1.1" 403 86 84 17 2 [50a006a4-a0e6-478b-b8e7-8cdcc7ee5759] https-jsse-nio2-443-exec-9
------------------------------
Jasmin
Original Message:
Sent: Thu January 11, 2024 04:33 AM
From: Jasmin
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
client.log
09:30:58.863 [https-jsse-nio2-443-exec-1] WARN [] c.c.w.r.OperationNotAllowedExceptionMapper - Mapping exception to REST - OperationNotAllowedException09:31:00.914 [https-jsse-nio2-443-exec-5] WARN [] c.c.w.r.OperationNotAllowedExceptionMapper - Mapping exception to REST - OperationNotAllowedException09:31:04.994 [https-jsse-nio2-443-exec-7] WARN [] c.c.w.r.OperationNotAllowedExceptionMapper - Mapping exception to REST - OperationNotAllowedException09:31:13.046 [https-jsse-nio2-443-exec-8] WARN [] c.c.w.r.OperationNotAllowedExceptionMapper - Mapping exception to REST - OperationNotAllowedException09:31:29.149 [https-jsse-nio2-443-exec-9] WARN [] c.c.w.r.OperationNotAllowedExceptionMapper - Mapping exception to REST - OperationNotAllowedException
------------------------------
Jasmin
Original Message:
Sent: Thu January 11, 2024 04:32 AM
From: Jasmin
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
I have attached logs in related support case.
(resilient) [@resilient-isnet ~]$ resilient-circuits customize/home//.pyenv/versions/3.10.13/envs/resilient/lib/python3.10/site-packages/urllib3/connection.py:463: SubjectAltNameWarning: Certificate for resilient.localdomain has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/urllib3/urllib3/issues/497 for details.) warnings.warn(Using org name: Package 'fn-rest-api 1.1.0': OK to import customizations from 'fn-rest-api 1.1.0'? (y/n):yRetryHTTPException: 'resilient' API Request FAILED:Response Code: 403Reason: Unknown Reason. {"success":false,"title":null,"message":"Forbidden","hints":[],"error_code":"generic"} in resilient.co3base.BaseClient.post.<locals>.__post, retrying in 2 seconds...RetryHTTPException: 'resilient' API Request FAILED:Response Code: 403Reason: Unknown Reason. {"success":false,"title":null,"message":"Forbidden","hints":[],"error_code":"generic"} in resilient.co3base.BaseClient.post.<locals>.__post, retrying in 4 seconds...
------------------------------
Jasmin
Original Message:
Sent: Thu January 11, 2024 04:17 AM
From: BEN WILLIAMS
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
Hi Jasmin,
You haven't shared the error in the client.log nor the lines in the client_access*.log.
------------------------------
BEN WILLIAMS
Original Message:
Sent: Thu January 11, 2024 04:12 AM
From: Jasmin
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
H Ben,
There is another issue similar to my problem:
https://community.ibm.com/community/user/security/discussion/401-client-error-unauthorized-for-url-rest-api-fn-utilities-pagerduty?ReturnUrl=%2fcommunity%2fuser%2fsecurity%2fcommunities%2fcommunity-home%2fdigestviewer%3fListKey%3d4eb3e4ce-6f5f-401d-a00b-73aa5ebab0af
------------------------------
Jasmin
Original Message:
Sent: Thu January 11, 2024 04:04 AM
From: BEN WILLIAMS
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
Hi Jasmin,
Have a look at /usr/share/co3/logs/client.log at the time the API key authenticates. Also the client_access*<TODAYS DATE>.log in the same directory might be of use to identify the API key being reported as being used. If you are using MSSP ensure the API key has access to the organisation and you have performed a configuration push.
------------------------------
BEN WILLIAMS
Original Message:
Sent: Wed January 10, 2024 04:39 PM
From: Jasmin
Subject: An app using an API key cannot connect to IBM Security QRadar SOAR
(resilient) [xxx@resilient-isnet ~]$ resilient-circuits customize/home/xxx/.pyenv/versions/3.10.13/envs/resilient/lib/python3.10/site-packages/urllib3/connection.py:463: SubjectAltNameWarning: Certificate for resilient.localdomain has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/urllib3/urllib3/issues/497 for details.) warnings.warn(Using org name: xxxPackage 'fn-utilities 2.1.3': OK to import customizations from 'fn-utilities 2.1.3'? (y/n):yRetryHTTPException: 'resilient' API Request FAILED:Response Code: 403Reason: Unknown Reason. {"success":false,"title":null,"message":"Forbidden","hints":[],"error_code":"generic"} in resilient.co3base.BaseClient.post.<locals>.__post, retrying in 2 seconds...RetryHTTPException: 'resilient' API Request FAILED:Response Code: 403Reason: Unknown Reason. {"success":false,"title":null,"message":"Forbidden","hints":[],"error_code":"generic"} in resilient.co3base.BaseClient.post.<locals>.__post, retrying in 4 seconds...RetryHTTPException: 'resilient' API Request FAILED:Response Code: 403Reason: Unknown Reason. {"success":false,"title":null,"message":"Forbidden","hints":[],"error_code":"generic"} in resilient.co3base.BaseClient.post.<locals>.__post, retrying in 8 seconds...RetryHTTPException: 'resilient' API Request FAILED:Response Code: 403Reason: Unknown Reason. {"success":false,"title":null,"message":"Forbidden","hints":[],"error_code":"generic"} in resilient.co3base.BaseClient.post.<locals>.__post, retrying in 16 seconds...Failed, importing customizations from 'fn-utilities 2.1.3'Traceback (most recent call last): File "/home/xxx/.pyenv/versions/3.10.13/envs/resilient/lib/python3.10/site-packages/resilient/co3.py", line 474, in post response = super(SimpleClient, self).post(uri, payload, co3_context_token, timeout, headers=headers, skip_retry=skip_retry, **kwargs) File "/home/xxx/.pyenv/versions/3.10.13/envs/resilient/lib/python3.10/site-packages/resilient/co3base.py", line 605, in post response = retry_call(__post, File "/home/xxx/.pyenv/versions/3.10.13/envs/resilient/lib/python3.10/site-packages/retry/api.py", line 120, in retry_call return __retry_internal(partial(f, *args, **kwargs), exceptions, tries, delay, max_delay, backoff, jitter, logger, File "/home/xxx/.pyenv/versions/3.10.13/envs/resilient/lib/python3.10/site-packages/retry/api.py", line 35, in __retry_internal return f() File "/home/xxx/.pyenv/versions/3.10.13/envs/resilient/lib/python3.10/site-packages/resilient/co3base.py", line 602, in __post RetryHTTPException.raise_if_error(r, skip_retry=skip_retry) File "/home/xxx/.pyenv/versions/3.10.13/envs/resilient/lib/python3.10/site-packages/resilient/co3base.py", line 110, in raise_if_error raise RetryHTTPException(response)
Hi,
You have a document as below:
https://www.ibm.com/support/pages/app-using-api-key-cannot-connect-ibm-security-qradar-soar
I have created API KEY 3 times. The API key is right. But I have this error as well. any advice would be appreciated.
------------------------------
Jasmin
------------------------------