Kaspersky Managed Detection and Response

Scenario: performing token-based authorization

11 April 2024

ID 204470

This scenario explains how to perform a token-based authorization in order to work with the REST API.


Make sure that you have an MDR account with one of the following roles assigned:

  • The MDR Administrator role
  • A custom role with the following access rights (applicable only for Kaspersky Security Center):
    • Incident Access
    • REST API access


The token-based authorization proceeds in stages:

  1. Creating a refresh token in MDR Web Console

    You need a refresh token for creating an access token. A refresh token is valid for 24 hours. You can use a refresh token only once.

  2. Creating an access token via the REST API

    You need an access token to work with the REST API. An access token is valid for 1 hour. You can use an access token multiple times during its lifetime.

    When you create an access token, the REST API generates a new refresh token and includes it in the response. When the access token expires, you can create a new access token by using the most recent API-generated refresh token.

    An API-generated refresh token is valid for 7 days.


Upon completion of this scenario, you can start working with the REST API by sending requests with the access token.

See also:

Managing users

Setting access rights in Kaspersky Security Center

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.