We have updated our Terms of Service, Code of Conduct, and Addendum.

Using Discover in Rest collector to populate a collect header

OK so I am trying to pull from the Microsoft Graph API. To do that, I must first POST to get a bearer token. I assume I can use discover type of HTTP Request to get it. A JSON response will be returned with the field access_token containing what I need.

How do I use the data from access_token as a collect header for Authorization? This is a first for me so I need some hand holding here.

Thanks!

Answers

  • Brendan Dalpe
    Brendan Dalpe Posts: 201 mod
    edited July 2023

    Hi @rolltidega, Id recommend following this guide from Microsoft to setup an App that can obtain an access token using the client_credentials OAuth2 flow as Cribl Stream does not support the OAuth2 authorization_code flow.

    Get access without a user - Microsoft Graph

    Some apps call Microsoft Graph with their own identity and not on behalf of a user. In many cases, these apps are background services or daemons that run on a server without the presence of a signed-in user.

    Once thats done, you can use the Authentication section of the collector to obtain the Bearer token. The token will the be automatically added in the Authorization header to the discovery collection calls.