Care to share more information from your side? What ticketing system you’re using and how it works?
We have JIRA with SSO enabled but InsightVM doesn’t support it for remediation project integration.
For anyone looking at this thread wondering about the IPIMs authentication component, but just want to see what data is provided here. You can simply log into the platform, go to IVM, go to dashboards, and paste the URIs mentioned by @SCO
@SCO if you’re still out there. Would love to hear about how you setup the authentication.
Hi @rpulvera Ambot, @zack_jones and others,
My unofficial homebrew solution below.
I created an auth function using soup(bs4). I tried mirroring the SSO dance you get when you login manually, and it still works as of may 2024.
There are variables you must change, but use postman or chrome dev tools to get them (the cloud part of r7 uses the same hidden api, so you can see the structure from web requests).
I have also provided an example of a function that uses the hidden api after sucessful authing.
Please note this is in no way official or anything and can probably break at any time. Hope it helps though!! 
from bs4 import BeautifulSoup
from requests.auth import HTTPBasicAuth
from requests.sessions import session
username = "abc"
password = "cba"
def login(username, password):
session = requests.Session()
auth_payload = {
"username": username,
"password": password,
"options": {
"warnBeforePasswordExpired": True,
"multiOptionalFactorEnroll": True
}
}
auth_url = 'https://rapid7ipimseu.okta-emea.com/api/v1/authn'
step1 = session.post(auth_url, json=auth_payload)
if not step1.ok:
print("Authentication failed")
return None
session_token = step1.json()['sessionToken']
step2_url = f"https://rapid7ipimseu.okta-emea.com/login/sessionCookieRedirect?token={session_token}&redirectUrl= GET THE REDIR URL FROM DEV TOOLS OR POSTMAN"
step2_response = session.get(step2_url)
if not step2_response.ok:
print("Second step authentication failed")
return None
soup = BeautifulSoup(step2_response.text, 'html.parser')
saml_response = soup.find('input', {'name': 'SAMLResponse'})['value']
relay_state = soup.find('input', {'name': 'RelayState'})['value']
saml_payload = {'SAMLResponse': saml_response, 'RelayState': relay_state}
saml_endpoint = "https://insight.rapid7.com/saml/SSO"
saml_response = session.post(saml_endpoint, data=saml_payload, verify=False)
if not saml_response.ok:
print("SAML authentication failed.")
return None
cookies = session.cookies.get_dict()
session.cookies.set('IPIMS_PRODUCT_TOKEN',"!!!!Get_this_from_a_browser_dev_menu!!!")
#print("COOKI:")
#print(cookies)
return session
#cloud call. returns an overview
def get_project_summary(session):
url = 'https://eu.exposure-analytics.insight.rapid7.com/ea/ra/api/2/project/_summary'
cookies = session.cookies.get_dict()
#print(cookies)
response = session.get(url, verify=False)
# Check if the request was successful
if response.ok:
print("API call 1 successful.")
#return response.json()
else:
print("API call failed")
return None
# auth
session = login(username, password)
# see if auth wokred
get_project_summary(session)
1 Like
Trying to understand this better to automate our remediation projects and am a total noob when it comes to API stuff, could you suggest where to look in devtools for the redirectURL