- Application management
- RESTful API
- User API
- Device API
- Global list API
- Policy API
- Zone API
- Threat API
- Memory protection API
- Detections API
- Package deployment API
- Detection rule API
- Detection rule sets API
- Detection exceptions API
- Device commands API
- Focus view API
- InstaQuery API
- BlackBerry Optics policy API
- Persona Desktop API
- BlackBerry Docs
- Cylance products
- Cylance User API guide
- RESTful API
- Authorization
Authorization
In response to the authentication request, the client will receive a response that contains at least the access token. The access token will contain the scopes that will dictate what can or cannot be done. This token is signed by the server and the client will merely echo it on every request as it tries to access resources.
The access token represents the identity of the requester as well as some attributes like scopes. This token will have an expiration and should be sent on every request in the authorization request header. Failing to do so will result in an HTTP/1.1 401 unauthorized response. Should the token be provided and prove to be legitimate but the server finds the action the caller is trying to attempt is not allowed (found in the scopes granted), an HTTP/1.1 403 forbidden will be returned.