Enhancing security in app authorization by using the App Authorization Manager

The App Authorization Manager helps to enhance the security of your app authorization by providing the capability to edit or delete existing authorization tokens.

About this task

When you install an app that requests an OAuth authorization token to access QRadar resources, an OAuth authorization token is created and a record that represents the token is added to the App Authorization Manager. The record is identified by the App Name and App ID and includes the assigned user access level that is assigned to the app to access QRadar resources.

Procedure

  1. Click Main Menu > Admin tab.
  2. Click the App Authorization Manager app icon to open the app.
  3. To change assigned users for the OAuth authorization token, click Edit, and then select any users that are available in the list. For example, if you don't want to use the Admin user and another user is available in the list, you can change to a user with the requested capabilities that are defined in the app manifest file.

    Any users that appear in the list have the capability that the app requires to run.

  4. To delete an OAuth authorization token, click Delete to remove a record. You might want to delete a token that is no longer in use or you might want to remove the app authorization.