Authenticate API user

After you Create a dedicated API user account, you need to Authenticate this user account with our Identity Provider (IDS). This will provide you with time-limited and scope-limited authentication tokens. The authentication token follows the JSON Web Token (JWT) standard.

All APIs are RESTful HTTP endpoints. All ESET APIs use standard authentication: JSON requests and responses with standard HTTP verbs.

JWT validity

The JSON Web Token (JWT) is valid for 60 minutes. After this period, ESET Connect requires the user to perform a new Authentication call to obtain a new token. After the administrator account removes the API user account, the rights for API calls this user can still communicate with the API until the token expiration ends.

For more information see the Swagger documentation for OAuth.

How to obtain JSON Web Token

1.Authenticate with the API User account credentials using the OAuth API endpoint.

2.The token returned to you is used to authorize all subsequent API calls.

To avoid connection problems, use the API based on location of your ESET PROTECT / ESET Inspect server (EU, US, JPN, CA).

It is your responsibility to store your API user credentials securely. If your API user credentials are lost or stolen, an attacker could use them to call APIs on your behalf, potentially leading to data theft or other damage.

˄˅