Skip to main content
Skip table of contents

Accessing the Hyperscale Compliance API

Open a web browser and type the following in the address bar: https://<hyperscale-compliance-host-address>/hyperscale-compliance.Replace orch ip with the IP address of the Hyperscale Compliance Engine VM.

Authentication

To authenticate with the Hyperscale Compliance Engine, you must use an API key. It is done by including the key in the HTTP Authorization request header with the type apk.

An example cURL command with the API Key looks like the following:

CODE 
curl --header 'Authorization: apk 1.t8YTjLyPiMatdtnhAw9RD0gRVZr2hFsrfikp3YxVl8URdB9zuaVHcMuhXkLd1TLj'

As described in the HTTP Authorization request header documentation, the following is the typical syntax for the authorization header: Authorization: <auth-scheme> <authorisation-parameters>

For Basic Authentication, You must include the following header parameters:Authorization: Basic <credentials>

For the Bearer Authentication scheme, you must use the following:Authorization: Bearer <JWT Bearer Token>

Creating an API key

An API key is a simple encrypted string that you can use when calling Hyperscale Compliance APIs.

You must use the initial created API key to create a new secure key. It is done by creating a new API Client entity. The “name” attribute must be the desired name to uniquely identify the user of this key. For more information about initial created API key, refer to step 8 under the Generate a New Key section.

Run the following command to create a new API key.

CODE 
curl -X 'POST' \
  'https://<host-name>/api/v3.0.0/management/api-keys' \
  -H 'accept: application/json' \
  -H 'Authorization: apk 1.t8YTjLyPiMatdtnhAw9RD0gRVZr2hFsrfikp3YxVl8URdB9zuaVHcMuhXkLd1TLj' \
  -H 'Content-Type: application/json' \
  -d '{
  "name": "<name-of-key>"
}'

The above command displays a response message similar to the following:

CODE 
{
  "api_key_id": 2,
  "token": "2.ExZtmf6EN1xvFMsXpXlOyhHVYlTuFzCm2yGhpUOQQ5ID8N8oGz79d4yn8ZsPhF46"
}

Since you have created a new and secure API key, you must delete the old key for security reasons.

Run the following command to delete the old key.

CODE 
curl -X 'DELETE' \
  'https://<host-name>/api/v3.0.0/management/api-keys/1' \
  -H 'accept: */*' \
  -H 'Authorization: apk 2.ExZtmf6EN1xvFMsXpXlOyhHVYlTuFzCm2yGhpUOQQ5ID8N8oGz79d4yn8ZsPhF46'

Using the newly generated key

After you delete the old key, revert the changes performed in step 5 of the Hyperscale Compliance Installation and restart docker-compose.

You must be able to use the new key for authorization as follows:

CODE 
curl --header 'Authorization: apk 2.ExZtmf6EN1xvFMsXpXlOyhHVYlTuFzCm2yGhpUOQQ5ID8N8oGz79d4yn8ZsPhF46'
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close