ESET Online Help

Search
Select the category
Select the topic

Authenticate API user

After you Create a dedicated API user account, you need to Authenticate this user account with our Identity Provider (IDS). This will provide you with time-limited and scope-limited authentication tokens. The authentication token follows the JSON Web Token (JWT) standard.


note

All APIs are RESTful HTTP endpoints. All ESET APIs use standard authentication: JSON requests and responses with standard HTTP verbs.

JWT validity

The JSON Web Token (JWT) is valid for 60 minutes. After this period, ESET Connect requires the user to perform a new Authentication call to obtain a new token. After the administrator account removes the API user account, the rights for API calls this user can still communicate with the API until the token expiration ends.

For more information see the Swagger documentation for OAuth.

How to obtain JSON Web Token

1.Authenticate with the API User account credentials using the OAuth API endpoint.

2.The token returned to you is used to authorize all subsequent API calls.


note

To avoid connection problems, use the API based on location of your ESET PROTECT/ESET Inspect Server (EU, DE, US, JPN, CA).


warning

It is your responsibility to store your API user credentials securely. If your API user credentials are lost or stolen, an attacker could use them to call APIs on your behalf, potentially leading to data theft or other damage.