cves-to-patch-group
The Patch Management feature of Ivanti Neurons supports the use of the Common Vulnerabilities and Exposures (CVE) list. CVEs are vulnerability disclosures that can potentially relate to many patches and notifications.
The cves-to-patch-group endpoint enables you to specify CVE IDs that you want to convert to a patch group. You can then use that patch group in your scans and deployments.
Another option: If you have a large number of CVEs, it can be cumbersome and error prone to manually specify each individual CVE ID on a body parameter. You might prefer to import a CVE file that already contains the desired list of CVE IDs. To do this, you use a PowerShell script that will import the CVE file, parse it and then convert the contents to a patch group. See the example PowerShell scripts at the bottom of this topic for more details.
Required Header Parameters
| Name | Type | Description |
|---|---|---|
|
X-On-Behalf-Of |
String |
Provide a name or some form of information that identifies the requester. This is used for auditing purposes and will be displayed in the Ivanti Neurons user interface. A 400 status code is returned if this is not provided. |
|
Authorization |
Authheader |
Use the Bearer <access-token> value determined during the Authenticate to the Patch Management API process. |
|
X-RapidAPI-Key |
Enum |
The key that applications and developers need to invoke the API. |
|
X-RapidAPI-Host |
String |
The name that identifies which API will be used. For example: my-api-name.ivanti.rapidapi.com. |
Request Body Parameters
GET Method
Returns a collection of CVE IDs and their associated Patch IDs that exist in the provided Patch Group ID.
Requires that the caller has the patchgroup.reader, patchgroup.admin, or patchgroup.editor role.
| Name | Type | Description |
|---|---|---|
|
patchGroupId |
Guid |
Required as the route parameter for the patch group. For example, v1/cves-to-patch-group/{guid}. |
Response Output Example
{
"CVE-2006-3439": [
"0000071a-0000-0000-0000-000000000000",
"0000071b-0000-0000-0000-000000000000",
"00000722-0000-0000-0000-000000000000"
],
"CVE-2012-0002": [
"00004ee9-0000-0000-0000-000000000000",
"00004eea-0000-0000-0000-000000000000",
"00004eeb-0000-0000-0000-000000000000",
"00004ef0-0000-0000-0000-000000000000",
],
"CVE-2012-0152": [
"00004ef7-0000-0000-0000-000000000000",
],
"CVE-2008-4250": [
"00005495-0000-0000-0000-000000000000",
"00005496-0000-0000-0000-000000000000",
"00005497-0000-0000-0000-000000000000",
"00005498-0000-0000-0000-000000000000"
]
}PUT Method
Updates an existing patch group with the patches associated with the specified CVEs.
Requires that the caller has the patchgroup.admin or patchgroup.editor role.
| Name | Type | Description |
|---|---|---|
| dataUpdateErrorPolicy | String |
Determines if the call will throw an error when encountering an invalid ID.
|
|
patchGroupId |
Guid |
Specifies the ID of the patch group that is being updated. There is no default. |
| cveIds | String[] |
One or more CVEs are required. Example input:
|
|
activateAssociatedPolicies |
Boolean |
Specifies if the updated patch group will be made active to the endpoints via the associated policy group. This is equivalent to the Save and make active button that is available in the Ivanti Neurons user interface. The default is false. |
POST Method
Creates a new patch group and adds all patches associated with the specified CVEs.
Requires that the caller has the patchgroup.admin role.
| Name | Type | Description |
|---|---|---|
| dataUpdateErrorPolicy | String |
Determines if the call will throw an error when encountering an invalid ID.
|
|
patchGroupName |
String |
Specifies the name of the patch group that will be created. There is no default. |
| cveIds | String[] |
One or more CVEs are required. Example input:
|
Output Data Properties
The following set of data items represent the patch group and its related metadata that will be returned as part of a successful response.
| Name |
Type |
Description |
|---|---|---|
| patchGroupName |
String |
The name of the patch group. |
| patchGroupId | Guid | The ID of the patch group. |
| cvesToPatches | Array of Guids | Patch identifiers that address the key CVE. |
|
cvesMissingPatches |
Array of strings |
Identifiers of each CVE that did not have a corresponding patch. |
|
cvesNotFound |
Array of strings |
Identifiers of each CVE that did not appear to exist anymore. |
PowerShell Script Implementation: Create a Patch Group Using Input From a CVE File
Goal
Provide example PowerShell scripts that invoke the Ivanti Neurons for Patch Management API and perform the following tasks:
•Import a CVE file
•Parse the CVE file
•Convert the content to a patch group
•Retrieve the Bearer token
Import-CvesToPatchGroup Script
This script performs the steps necessary to import a CVE file, parse the CVE file and convert the contents of the file to a patch group. You can update an existing patch group or create a new patch group.
Command Syntax
There are four different ways to invoke the script.
•ParameterSetName = AddAndGetToken: Update an existing patch group. The Get-AuthToken script will be called and will use the TenantId, ClientId and ClientSecret parameters to retrieve the Bearer token. You will be prompted for the client secret that is needed to retrieve the Bearer token.
.\Import-CvesToPatchGroup.ps1 -FilePath <string> -PatchGroupId <guid> -Activate <bool> -AuditUser <string> -RapidApiKey <string> -RapidApiHost <string> -TenantId <guid> -ClientId <string> -ClientSecret <securestring> [-ErrorPolicy <string>] [-LogFilePath <string>] [<CommonParameters>]
•ParameterSetName = AddWithToken: Update an existing patch group. You will be prompted for the Bearer token value.
.\Import-CvesToPatchGroup.ps1 -FilePath <string> -PatchGroupId <guid> -Activate <bool> -AuditUser <string> -RapidApiKey <string> -RapidApiHost <string> -Token <securestring> [-ErrorPolicy <string>] [-LogFilePath <string>] [<CommonParameters>]
•ParameterSetName = CreateAndGetToken: Create a new patch group. The Get-AuthToken script will be called and will use the TenantId, ClientId and ClientSecret parameters to retrieve the Bearer token. You will be prompted for the client secret that is needed to retrieve the Bearer token.
.\Import-CvesToPatchGroup.ps1 -FilePath <string> -PatchGroupName <string> -AuditUser <string> -RapidApiKey <string> -RapidApiHost <string> -TenantId <guid> -ClientId <string> -ClientSecret <securestring> [-ErrorPolicy <string>] [-LogFilePath <string>] [<CommonParameters>]
•ParameterSetName = CreateWithToken: Create a new patch group. You will be prompted for the Bearer token value.
.\Import-CvesToPatchGroup.ps1 -FilePath <string> -PatchGroupName <string> -AuditUser <string> -RapidApiKey <string> -RapidApiHost <string> -Token <securestring> [-ErrorPolicy <string>] [-LogFilePath <string>] [<CommonParameters>]
where:
•FilePath: File path of the file that contains the CVE IDs.
•PatchGroupId: The ID of the existing patch group to which the patches will be added. This parameter is mutually exclusive with PatchGroupName.
•PatchGroupName: The name of the patch group that will be created. This parameter is mutually exclusive with PatchGroupId.
•Activate: Specifies if patch configurations that are associated with the existing patch group will be made active.
•AuditUser: Name The name of the person responsible for making this change. For audit purposes, this name will be displayed in the Last edited by and Last saved by columns in the Ivanti Neurons for Patch Management grids.
•ErrorPolicy: Valid values are:
• Throw: This will cause the script to stop if an unexpected issue occurs.
•Omit: Means the problem area will be omitted, but the rest of the request will be completed. This is most likely to occur if a CVE is not found or if a CVE does not have any related patches. This is the default value.
•None: No error policy is specified.
•RapidApiKey: Key for Rapid API. The key will be approximately 50 alphanumeric characters.
•RapidApiHost: Host location for Rapid API.
•Token: The JWT token value of the bearer token. If you do not have the token value, you can specify the TenantId, the ClientId and the ClientSecret to retrieve the token.
•TenantId: The ID of the tenant for which the authorization will occur.
•ClientId: The API client identifier produced when you create a custom App Registration in Ivanti Neurons. This serves as your unique API client ID.
•ClientSecret: The client secret produced when you create a custom App Registration in Ivanti Neurons. The client secret is a sensitive value that must not be shared. It is essentially the application's own password and is known only to the application and the authorization server. Failure to protect this value could result in unauthorized API usage in your Ivanti Neurons for Patch Management tenant.
•LogFilePath: The log file path. The default is the current file path location.
•CommonParameters: This cmdlet supports the following common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable and OutVariable.
You can view the built-in help for this script by using the Get-Help command. For example, copy the code to a file and then type the following at a PowerShell prompt:
ps C:\> Get-Help .\<scriptfilename.ps1> -detailed
#################################################################################
#
# DISCLAIMER: EXAMPLE ONLY
#
# Execute this example at your own risk. Ivanti does
# not warrant that the functions contained in this example will be
# uninterrupted or free of error. The entire risk as to the results and
# performance of this example is assumed by the person executing the example.
# Ivanti is not responsible for any damage caused by this example.
#
#################################################################################
<#
.SYNOPSIS
This script can be used to parse a file containing CVE's and convert them into a patch group.
Requires at least Powershell 5.1.
.PARAMETER FilePath
File Path of CVE file.
.PARAMETER PatchGroupId
Use a Patch Group id to add CVEs to an existing patch group. Mutually exclusive parameter from PatchGroupName.
.PARAMETER PatchGroupName
Use a Patch Group name to create a new patch group. Mutually exclusive parameter from PatchGroupId.
.PARAMETER Activate
Any patch configurations that are associated with the patch group will be automatically made active.
.PARAMETER AuditUser
Name for audit records of who is making this change.
.PARAMETER ErrorPolicy
Optional error policy specification. 'Throw' will stop at any unexpected issue; 'Omit' will continue.
Default is Omit.
.PARAMETER RapidApiKey
Key for Rapid API. It will be a about 50 alphanumeric characters.
.PARAMETER RapidApiHost
Host location for Rapid API.
.PARAMETER Token
The JWT token value of a bearer token.
Alternatively, supply the tenant id, client id, and client secret for the script to retrieve this token.
.PARAMETER TenantId
Id in GUID format of the tenant for which the authorization is to occur.
.PARAMETER ClientId
Client Id for Rapid API. It will start with something like "AppReg_" and contain a guid.
.PARAMETER ClientSecret
Client Secret for Rapid API. It will be about a 24 alphanumeric-symbolic sequence.
.PARAMETER LogFilePath
Log file path. The default log file path will be the current file path location.
.EXAMPLE
.\Import-CvesToPatchGroup.ps1 -FilePath "C:\MyCveFile.txt" -PatchGroupName "mynewpatchgroupname" -AuditUser "Jen Barber" -RapidApiHost "neurons-for-patch-management.ivanti.rapidapi.com" -RapidApiKey "d123mc0..." -TenantId "e6d802ca-fdf4-4a85-8eac-d5684267b170" -ClientId "AppReg_...." -ClientSecret (Read-Host "Enter the Client Secret" -AsSecureString)
This example creates a new patch group with CVEs. The client secret is read from user input.
.EXAMPLE
.\Import-CvesToPatchGroup.ps1 -FilePath "C:\MyCveFile.txt" -PatchGroupName "mynewpatchgroupname" -AuditUser "Jen Barber" -RapidApiHost "neurons-for-patch-management.ivanti.rapidapi.com" -RapidApiKey "d123mc0..." -Token (Read-Host "Enter the Auth Token" -AsSecureString)
This example creates a new patch group with CVEs. The authentication token is read from user input.
.EXAMPLE
.\Import-CvesToPatchGroup.ps1 -FilePath "C:\MyCveFile.txt" -PatchGroupId "fb8d219d-ed06-44a7-ba08-814888aaccfd" -Activate $True -AuditUser "Jen Barber" -RapidApiHost "neurons-for-patch-management.ivanti.rapidapi.com" -RapidApiKey "d123mc0..." -TenantId "e6d802ca-fdf4-4a85-8eac-d5684267b170" -ClientId "AppReg_...." -ClientSecret (Read-Host "Enter the Client Secret" -AsSecureString)
This example adds CVEs to an existing patch group. The client secret is read from user input.
.EXAMPLE
.\Import-CvesToPatchGroup.ps1 -FilePath "C:\MyCveFile.txt" -PatchGroupId "fb8d219d-ed06-44a7-ba08-814888aaccfd" -Activate $True -AuditUser "Jen Barber" -RapidApiHost "neurons-for-patch-management.ivanti.rapidapi.com" -RapidApiKey "d123mc0..." -Token (Read-Host "Enter the Auth Token" -AsSecureString)
This example adds CVEs to an existing patch group. The authentication token is read from user input.
#>
[CmdletBinding(DefaultParameterSetName = 'AddAndGetToken')]
param
(
# File Path of CVE file.
[Parameter(Mandatory = $true)]
[ValidateScript( { Test-Path $_ -PathType Leaf })]
[String]$FilePath,
# Use a Patch Group id to add CVEs to an existing patch group.
[Parameter(Mandatory = $true, ParameterSetName = 'AddAndGetToken')]
[Parameter(Mandatory = $true, ParameterSetName = 'AddWithToken')]
[Guid]$PatchGroupId,
# Use a Patch Group name to create a new patch group.
[Parameter(Mandatory = $true, ParameterSetName = 'CreateAndGetToken')]
[Parameter(Mandatory = $true, ParameterSetName = 'CreateWithToken')]
[ValidateNotNullOrEmpty()]
[String]$PatchGroupName,
# Any patch configurations that are associated with the patch group will be automatically made active.
[Parameter(Mandatory = $true, ParameterSetName = 'AddAndGetToken')]
[Parameter(Mandatory = $true, ParameterSetName = 'AddWithToken')]
[Bool]$Activate,
# Name for audit records of who is making this change.
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[String]$AuditUser,
# Optional error policy specification. 'Throw' will stop at any unexpected issue; 'Omit' will continue.
# Default is Omit.
[Parameter(Mandatory = $false, HelpMessage = 'Valid error policy values are [None|Omit|Throw]')]
[String]$ErrorPolicy = 'Omit',
# Key for Rapid API. It will be a about 50 alphanumeric characters.
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[String]$RapidApiKey,
# Host location for Rapid API.
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[String]$RapidApiHost,
# The JWT token value of a bearer token.
[Parameter(Mandatory = $true, ParameterSetName = 'AddWithToken')]
[Parameter(Mandatory = $true, ParameterSetName = 'CreateWithToken')]
[ValidateNotNullOrEmpty()]
[Security.SecureString]$Token,
# Id in GUID format of the tenant for which the authorization is to occur.
[Parameter(Mandatory = $true, ParameterSetName = 'AddAndGetToken')]
[Parameter(Mandatory = $true, ParameterSetName = 'CreateAndGetToken')]
[Guid]$TenantId,
# Client Id for Rapid API. It will start with something like "AppReg_" and contain a guid.
[Parameter(Mandatory = $true, ParameterSetName = 'AddAndGetToken')]
[Parameter(Mandatory = $true, ParameterSetName = 'CreateAndGetToken')]
[ValidateNotNullOrEmpty()]
[String]$ClientId,
# Client Secret for Rapid API. It will be about a 24 alphanumeric-symbolic sequence.
[Parameter(Mandatory = $true, ParameterSetName = 'AddAndGetToken')]
[Parameter(Mandatory = $true, ParameterSetName = 'CreateAndGetToken')]
[ValidateNotNullOrEmpty()]
[Security.SecureString]$ClientSecret,
# Log file path. The default log file path will be the current file path location.
[Parameter(Mandatory = $false)]
[ValidateScript( { Test-Path $_ -PathType Leaf })]
[String]$LogFilePath = '.\Import-CvesToPatchGroup.log'
)
function Read-CvesToHashSetFromFile
{
param
(
[String]$filePath
)
$cveHashSet = [System.Collections.Generic.HashSet[String]]@()
$options = [Text.RegularExpressions.RegexOptions]::IgnoreCase -bor [Text.RegularExpressions.RegexOptions]::Multiline -bor [Text.RegularExpressions.RegexOptions]::Compiled
$regex = '(CVE|CAN)-(1999|2\d{3})-(0\d{3}(?!\d)|[1-9]\d{3,})'
foreach ($line in Get-Content $filePath)
{
$matches = [regex]::Matches($line, $regex, $options)
if ($matches.Success -eq $true)
{
foreach($match in $matches)
{
$cveHashSet.Add($match.Value.ToUpper()) | Out-Null
}
}
}
if ($cveHashSet.Count -gt 0)
{
Write-Information "$($cveHashSet.Count) CVE(s) were successfully parsed from given file path."
}
else
{
Write-Information "No CVE's were found in given file path."
exit
}
return $cveHashSet
}
function New-CvesToPatchGroup
{
param
(
[String]$patchGroupName,
[System.Collections.Generic.HashSet[String]]$cveHashSet,
[string]$errorPolicy,
[string]$auditUser,
[string]$apiVersion,
[string]$apiKey,
[string]$apiHost,
[Security.SecureString]$token
)
$cveBody = @{ DataUpdateErrorPolicy = $errorPolicy; CveIds = @($cveHashSet); PatchGroupName = $patchGroupName; }
Invoke-RestCall -method 'POST' -body $cveBody -auditUser $auditUser -apiVersion $apiVersion -apiKey $apiKey -apiHost $apiHost -token $token
}
function Add-CvesToPatchGroup
{
param
(
[Guid]$patchGroupId,
[System.Collections.Generic.HashSet[String]]$cveHashSet,
[Bool] $activateAssociatedPolicies,
[string]$errorPolicy,
[string]$auditUser,
[string]$apiVersion,
[string]$apiKey,
[string]$apiHost,
[Security.SecureString]$token
)
$cveBody = @{ DataUpdateErrorPolicy = $errorPolicy; CveIds = @($cveHashSet); PatchGroupId = $patchGroupId; ActivateAssociatedPolicies = $activateAssociatedPolicies }
Invoke-RestCall -method 'PUT' -body $cveBody -auditUser $auditUser -apiVersion $apiVersion -apiKey $apiKey -apiHost $apiHost -token $token
}
function Invoke-RestCall
{
param
(
[Microsoft.PowerShell.Commands.WebRequestMethod]$method,
[object]$body,
[string]$auditUser,
[string]$apiVersion,
[string]$apiKey,
[string]$apiHost,
[Security.SecureString]$token
)
if (-not ($null -eq $body))
{
$body = ConvertTo-JSon $body -Depth 99
}
$uri = "https://neurons-for-patch-management.p.rapidapi.com/v1/cves-to-patch-group"
$headers = @{
"X-RapidAPI-Key" = $apiKey
"X-RapidAPI-Host" = $apiHost
"X-On-Behalf-Of" = $auditUser
"Authorization" = "Bearer " + [System.Net.NetworkCredential]::new('', $token).Password
"Content-Type" = "application/json"
}
Invoke-RestMethod -Uri $uri -Method $method -Headers $headers -ContentType 'application/json' -Body $body | ConvertTo-Json
}
function Read-ErrorDetails
{
param
(
[System.Net.WebException]$exception
)
if ($exception -eq $null)
{
return [string]::Empty
}
$streamReader = [System.IO.StreamReader]::new($exception.Response.GetResponseStream())
$ErrResp = $streamReader.ReadToEnd() | ConvertFrom-Json
$streamReader.Close()
$ErrResp
}
Start-Transcript -Append "$LogFilePath" | Out-Null
try
{
if ([System.String]::IsNullOrWhiteSpace($AuditUser))
{
Write-Information "The audit user cannot be empty. Terminating script."
return
}
$cveHashSet = Read-CvesToHashSetFromFile -filePath $FilePath
if ($token.Length -eq 0)
{
$token = .\Get-AuthToken.ps1 -TenantId $TenantId -ClientId $ClientId -ClientSecret $ClientSecret -RapidApiHost $RapidApiHost -RapidApiKey $RapidApiKey -LogFilePath $LogFilePath
}
if ($PatchGroupId -ne $null)
{
Write-Information "Adding to the existing patch group: $PatchGroupId"
Add-CvesToPatchGroup -patchGroupId $PatchGroupId -cveHashSet $cveHashSet -errorPolicy $ErrorPolicy -auditUser $AuditUser -apiVersion $ApiVersion -activateAssociatedPolicies $Activate -apiKey $RapidApiKey -apiHost $RapidApiHost -token $Token
}
elseif (!([string]::IsNullOrEmpty($PatchGroupName)))
{
Write-Information "Create a new patch group with the name $PatchGroupName"
New-CvesToPatchGroup -patchGroupName $PatchGroupName -cveHashSet $cveHashSet -errorPolicy $ErrorPolicy -auditUser $AuditUser -apiVersion $ApiVersion -apiKey $RapidApiKey -apiHost $RapidApiHost -token $Token
}
else
{
Write-Information "A patch group id, or a patch group name, must be supplied. Terminating script."
}
}
catch [Exception]
{
$private:e = $_.Exception
if ($private:e.Response.StatusCode -eq "BadRequest")
{
$errorDetails = Read-ErrorDetails -exception $private:e
$msg = $errorDetails.title + ": " + $errorDetails.detail
Write-Error -Message $msg
}
elseif ($private:e.Response.StatusCode -eq "Unauthorized")
{
Write-Error -Exception $private:e -Category AuthenticationError
Write-Information "Validate that the combination of token, tenantid, host, and key are correct."
}
else
{
Write-Error -Exception $private:e
}
}
finally
{
Stop-Transcript | Out-Null
}This script returns the Bearer token and is called by the Import-CvesToPatchGroup script. This script can also be invoked on its own if for some reason you need to retrieve the Bearer token.
You can view the built-in help for this script by using the Get-Help command. For example, copy the code to a file and then type the following at a PowerShell prompt:
ps C:\> Get-Help .\<scriptfilename.ps1> -detailed
#################################################################################
#
# DISCLAIMER: EXAMPLE ONLY
#
# Execute this example at your own risk. Ivanti does
# not warrant that the functions contained in this example will be
# uninterrupted or free of error. The entire risk as to the results and
# performance of this example is assumed by the person executing the example.
# Ivanti is not responsible for any damage caused by this example.
#
#################################################################################
<#
.SYNOPSIS
Retrieve an authorization token for calling APIs in Ivanti's public Rapid APIs.
Requires at least Powershell 5.1.
.PARAMETER TenantId
Id in GUID format of the tenant for which the authorization is to occur.
.PARAMETER ClientId
Client Id for Rapid API. It will start with something like "AppReg_" and contain a guid.
.PARAMETER ClientSecret
Client Secret for Rapid API. It will be about a 24 alphanumeric-symbolic sequence.
.PARAMETER RapidApiKey
Key for Rapid API. It will be a ~50-character alphanumeric string
.PARAMETER RapidApiHost
Host location for Rapid API.
.PARAMETER ApiVersion
Optional version of the Authentication API.
.PARAMETER LogFilePath
Log file path. The default log file path will be the current file path location.
.EXAMPLE
.\Get-AuthToken.ps1 -TenantId "28742dc0-9e49-4a21-9f8b-b6ba3b631575" -ClientId "AppReg_..." -ClientSecret (Read-Host -AsSecureString) -RapidApiHost "neurons-for-patch-management.ivanti.rapidapi.com" -RapidApiKey "d123mc0..."
This example retrieves a bearer access token as a SecureString. The client id parameter is read from user input.
#>
param
(
# Id in GUID format of the tenant for which the authorization is to occur.
[Parameter(Mandatory = $true)]
[Guid]$TenantId,
# Client Id for Rapid API. It will start with something like "AppReg_" and contain a guid.
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[String]$ClientId,
# Client Secret for Rapid API. It will be about a 24 alphanumeric-symbolic sequence.
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[Security.SecureString]$ClientSecret,
# Key for Rapid API. It will be a about 50 alphanumeric characters.
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[String]$RapidApiKey,
# Host location for Rapid API.
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[String]$RapidApiHost,
# Log file path. The default log file path will be the current file path location.
[Parameter(Mandatory = $false)]
[ValidateScript( { Test-Path $_ -PathType Leaf })]
[String]$LogFilePath = '.\Get-AuthToken.log'
)
function Invoke-RestCall
{
param
(
[Guid]$tenantId,
[Security.SecureString]$clientSecret,
[string]$clientId,
[string]$apiKey,
[string]$apiHost,
[string]$apiVersion
)
$uri = "https://neurons-for-patch-management.p.rapidapi.com/v1/authentication"
$requestParams = @{
Method = 'GET'
Uri = $uri
Headers = @{
"X-TenantId" = $tenantId
"X-ClientSecret" = [System.Net.NetworkCredential]::new('', $clientSecret).Password
"X-ClientId" = $clientId
"X-RapidAPI-Key" = $apiKey
"X-RapidAPI-Host" = $apiHost
}
}
# Returned Json structure returns with an 'expires_in' and 'token_type' properties also.
# The token_type is expected to always be of type "Bearer".
(Invoke-RestMethod @requestParams).access_token | ConvertTo-SecureString -AsPlainText -Force
}
function Read-ErrorDetails
{
param
(
[System.Net.WebException]$exception
)
if ($exception -eq $null)
{
return [string]::Empty
}
$streamReader = [System.IO.StreamReader]::new($exception.Response.GetResponseStream())
$ErrResp = $streamReader.ReadToEnd() | ConvertFrom-Json
$streamReader.Close()
$ErrResp
}
Start-Transcript -Append "$LogFilePath" | Out-Null
try
{
return Invoke-RestCall -tenantId $TenantId -clientId $ClientId -clientSecret $ClientSecret -apiKey $RapidApiKey -apiHost $RapidApiHost -apiVersion $ApiVersion
}
catch [Exception]
{
$private:e = $_.Exception
if ($private:e.Response.StatusCode -eq "Unauthorized")
{
Write-Error -Exception $private:e -Category AuthenticationError
Write-Information "Validate that the combination of tenant id, client id, client secret, rapid api key and rapid api host are correct."
}
else
{
Write-Error -Exception $private:e
}
}
finally
{
Stop-Transcript | Out-Null
}