Video Screencast Help

SEPM12.1 RU2 WebServices - Refresh Token

Created: 29 Nov 2012 • Updated: 02 Jan 2013 | 1 comment
Yoann WYFFELS's picture
+1 1 Vote
Login to vote

Hi everybody,

Here you'll find a Powershell script which use the "Refresh Token" to generate a new "Access Token" from the SEPM (See the Remote Management Integration Guide for more informations about what is the "refresh token" and why used it).

In order to use this script, you need to add an entry in the Config.xml file (located in the powershell example scripts):

Into <SepmWS>....</SepmWS> simply add this line:

<RefreshToken>my_refresh_token</RefreshToken>

Your config.xml file must now look like this:

<?xml version="1.0" encoding="UTF-8"?>
<!--This file contains general settings for the PowerShell web service test scripts.
Modify these values to match your server settings.-->
<SepmWS>
  <!--Ip address of the server-->
  <HostIpAddress>localhost</HostIpAddress>
  <!--Name of the Symantec Endpoint Protection Manager server-->
  <ServerName>.......</ServerName>
  <!--Web services port, default: 8446-->
  <PortNo>8446</PortNo>
  <!--Directory containing static WSDL files. These scripts do not support dynamic WSDLs-->
  <wsdlDir>WSDL</wsdlDir>
  <!--Client Id of registered web services client-->
  <ClientId>..........</ClientId>
  <!--Client secret of registered web services client-->
  <ClientSecret>..............</ClientSecret>
  <!--Access token obtained from server. Run Write-TokenToConfig.ps1 to obtain, or call Get-SepmRmmWsAccessToken-->
  <AccessToken>..........</AccessToken>
  <RefreshToken>my_refresh_token</RefreshToken>
</SepmWS>

 

where "my_refresh_token" is the refresh token generated by the powershell example script "Write-TokenToConfig.ps1".

Here an output example of Write-TokenToConfig.ps1 execution:

C:\PowerShell>powershell -STA .\Write-TokenToConfig.ps1
OAuth 2.0 Access Token Information for localhost
---------------------------------------------------------------------
token_type:    bearer
access_token:  25a34522-39f9-40c1-868a-698cdb674960
refresh_token: 55729ab1-739d-4667-84b4-f38013f9bb2e
expires_in:    43199 seconds, which equals 12,00 hours
---------------------------------------------------------------------

In this example, you'll need to manually copy/paste this refresh_token into the config.xml "<RefreshToken>" section: 55729ab1-739d-4667-84b4-f38013f9bb2e

 

Now, you're ready to use the RefreshToken PowerShell script, and beforce your access_token expire, run it to get a new one and continue to use SEPM webservices without having to re-authenticate.

Here an output example of RefreshToken.ps1:

OAuth 2.0 Refresh Token Informations
---------------------------------------------------------------------
token_type:    bearer
access_token:  684d220b-d096-4a7e-b32e-7c9afe98782b
refresh_token: 55729ab1-739d-4667-84b4-f38013f9bb2e
expires_in:    43199 seconds, which equals 12,00 hours
---------------------------------------------------------------------

The new access_token is writted to the Config.xml file.

Comments 1 CommentJump to latest comment

Yoann WYFFELS's picture

As a user report, some dependencies scripts aren't included in download.

It's because this script (and many others), are provided by Symantec on the "SEP12 RUx part2 - Tools" download in which you'll find Documentations and PowerShell scripts examples about SEP WebServices.

My script need to be installed into the top directory of PowerShell sample scripts provided by Symantec.

They are located in "Integration\SEPM_WebService_SDK\Sample_Code\PowerShell" in the "SEP12 RUx part2 - Tools" CD.

 

Don't hesitate to contact me if you have questions about webservices

0
Login to vote