API access for Nexpose when authenticating via Insight

I’d like to use the Nexpose v3 API as per InsightVM API (v3)

However my org has moved to the InsightVM Platform Login

I can access the API and JSON results via a browser once authenticated - What are the best practices in this situation?

(I know it’s unsupported, but ideally i’d be building off GitHub - rapid7/vm-console-client-python: the UNOFFICIAL (but useful) Python library for the Rapid7 InsightVM/Nexpose RESTful API )

While that Github repo is assumable old (~ 3 years old) it was designed by a member of my team and can be very useful.

For your purposes, I would just create a separate user account on your console designed specifically for use with the API. Within the InsightVM console there is no concept of API permissions, it’s just a user account that has specific permissions to do what it needs to do within the tool.

There does not seem to be a python library that supports the okta-emea type logins unfortunately

I’ve had some success with getting the cookies from a browser session and passing them on to wget to provide some basic scripting capability

I’ll see if i am able to get a service style account for API access configured - thanks