Yes, I am doing it often using the Call Rest API function / workflow integration in fn_utilities.
for example, to delete a artifact, the preprocess script is :
# we do a DELETE rest action
inputs.rest_method = "DELETE"
# This should be adapted to your Resilient Domain Name from your integration server, and your ORG
# inputs.rest_url = u"https://{myresilientdomainname}/rest/orgs/{myorgnumber}/incidents/{}/artifacts/{}".format(incident.id,artifact.id)
inputs.rest_url = u"https://resilient.localdomain/rest/orgs/201/incidents/{}/artifacts/{}".format(incident.id,artifact.id)
# use a Specific API credential that is visible and create the encode version using this command in SSH: echo -n "api_key_id:api_key_secret" | base64
api_encoded_credentials = "ZjJlNGUyYTMtMTlhMS00Zxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx5NTlUYV8weVhkc01ILVZZZFNraG8="
# HTTP headers can be specified as a multi-line string
inputs.rest_headers = """
Content-Type: application/json
Authorization: Basic {}
""".format(api_encoded_credentials)
# The 'rest_verify' parameter (Boolean) indicates whether to verify SSL certificates.
# This should be True unless you need to connect to a self-signed or other invalid cert.
inputs.rest_verify = False
------------------------------
BENOIT ROSTAGNI
------------------------------
Original Message:
Sent: Thu February 27, 2020 06:26 AM
From: Gert Huisman
Subject: Authenticate to SessionREST endpoint with API key/secret
Hello,
Is it possible to authenticate against the /rest/session endpoint with an API key_id and secret?
We are using Resilient version 35.2.32
------------------------------
Kind Regards,
Gert Huisman
------------------------------