Carbon Black App Control APIs are authenticated through an API token for the login account of the currently logged in console user. This token must be placed inside each HTTP request's X-Auth-Token
header.
For access control, the best practice is to have a separate console user for each API client, with the minimum required access controls. However, the API client must have access permissions similar to what would be required to access the same objects through the console. For example, if an API client needs to access the event object, the user associated with an API token used in the client must have View events permission. See the full API documentation on GitHub for the permissions necessary for using each object and User Role Permissions for the steps needed to add or remove permissions. See also Using the App Control API to Add a Connector if you intend to use the API to add a connector to App Control.
Create an API User and Get its API Token
Perform the following procedure to create an API user and get its API token.