Thread Info
  • State Suggested Answer
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 7 subscribers
  • Views 2813 views
  • Users 0 members are here
Options
Suggested

Understanding authentication with Sophos Central API

Stefano Tortiello

Hi I’m trying to make some API calls to sophos central and I have a little problem in understanding the JWT Token. When I do all the steps for my tenant described here https://developer.sophos.com/getting-started-tenant I get a JWT and can make API calls. But after 60 minutes the JWT is expired so I have to repeat all the steps.

 

My goal is to implement these API calls in a monitoring software so that I can automate the calls. Should I use other authentication methods?

 

Thanks

Top Replies

  • +2 suggested

    Hi Stefano,

    No, the JWT expires as per best practice. We do provide the expiry time in the token so you know when you need to renew.

    For myself, my API calls all have a check at the beginning if the JWT expiry time has passed and (if it has) the call auto generates a new JWT and stores that for other calls.

    Jump to answer
Parents Reply Children