Hello All,
We are trying to ingest logs into chronicle via API, during which 403 permission error appears.
Do we need to add any permissions to our JSON key?
Solved
Ingest API permission 403 error
+1- Bronze 1
Best answer by cmmartin_google
The API has been enabled, Detection API is accessible but rest aren't.
Is there a way to enable them?
The Ingestion API is a different endpoint to the BackStory API. I would suggest contacting support, your account team, or partner, as this requires creating a new set of credentials, or granting new permissions to your existing credentials.
- Bronze 2
error 403 usually happens when OAuth token does not have the right scopes, the client doesn't have permission, or the API has not been enabled.
+1- Bronze 1
error 403 usually happens when OAuth token does not have the right scopes, the client doesn't have permission, or the API has not been enabled.
The API has been enabled, Detection API is accessible but rest aren't.
Is there a way to enable them?
+11The API has been enabled, Detection API is accessible but rest aren't.
Is there a way to enable them?
The Ingestion API is a different endpoint to the BackStory API. I would suggest contacting support, your account team, or partner, as this requires creating a new set of credentials, or granting new permissions to your existing credentials.
+1- Bronze 1
The Ingestion API is a different endpoint to the BackStory API. I would suggest contacting support, your account team, or partner, as this requires creating a new set of credentials, or granting new permissions to your existing credentials.
@cmmartin_google I am just curious I am also encountering this problem but I am not able to find anywhere what permissions would be required to add to the service account would you be able to point me to some documentation as it is not listed in the ingestion api and I have looked pretty thoroughly.
Thanks in advance
+10@cmmartin_google I am just curious I am also encountering this problem but I am not able to find anywhere what permissions would be required to add to the service account would you be able to point me to some documentation as it is not listed in the ingestion api and I have looked pretty thoroughly.
Thanks in advance
The Ingestion API is created/managed by Google and you need to reach out to support, so we can create and send you the API key.
https://cloud.google.com/chronicle/docs/reference/ingestion-api
+1- Bronze 1
The Ingestion API is created/managed by Google and you need to reach out to support, so we can create and send you the API key.
https://cloud.google.com/chronicle/docs/reference/ingestion-api
@Rene_Figueroa Thank you for the quick response. I was told the creds.json provided was for the ingestion API but I tested with the Search API and was successful and a 403 error for Ingestion API. I will reach out thanks again.
+10@Rene_Figueroa Thank you for the quick response. I was told the creds.json provided was for the ingestion API but I tested with the Search API and was successful and a 403 error for Ingestion API. I will reach out thanks again.
Thanks! Most likely there was some miscommunication. When you open the support case add the "client_email" in the "creds.json" file and we can confirm. Thank you!
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.