Skip to main content

Hi there,

 

I want to use Workato to create an Automation with Netksope. Specifically the OTP feature for disabling internet security.

 

Aim:

1. User clicks Disable Internet Security

2. Launches web page to enter email address

3. Email sends OTP or next page provides OTP

Something along the lines of the above.

 

Can someone share if they have done something similar (with another Automation platform too) or can someone share what I would need for this?

@proxydeployer


I have not personally seen or developed this but it’s theoretically possible as there is an API endpoint to retrieve an OTP:

 

 You would need to obtain the device UID from the devices API, your SIEM, or the user themselves.   I’d have to look into the best way to retrieve that info but the other two required fields could be obtained from the user. 


I just started creating a script for this, so far the /api/v2/events/datasearch/clientstatus api endpoint seems to work well for retrieving the userkey and nsdeviceuid.


I just started creating a script for this, so far the /api/v2/events/datasearch/clientstatus api endpoint seems to work well for retrieving the userkey and nsdeviceuid.

Thanks ​@notskope - are you able to share your script in a private message at all?


I just started creating a script for this, so far the /api/v2/events/datasearch/clientstatus api endpoint seems to work well for retrieving the userkey and nsdeviceuid.

Thanks ​@notskope - are you able to share your script in a private message at all?

 

 

You may have figured it out already, I haven’t checked back here in a few weeks. But here you go, it’s not too complex:

#! python3
"""Fetches device OTP to disable Netskope client temporarily"""

import argparse
from time import time


from requests.sessions import session
from rich.console import Console
from rich.table import Table

NETSKOPE_TENANT = "YOUR TENANT.goskope.com"

parser = argparse.ArgumentParser()
parser.add_argument("email", help="user's email address")
args = parser.parse_args()
API_KEY = "YOUR API KEY"
time_range = time() - 86400

s = session()
r = s.get(
f"https://{NETSKOPE_TENANT}/api/v2/events/datasearch/clientstatus",
headers={"Authorization": f"Bearer {API_KEY}"},
params={
"query": f"username eq '{args.email}' and os neq 'android' and os neq 'iOS'",
"starttime": time_range,
},
)

devices = r.json().get("result")

table = Table(title=args.email)
table.add_column("Device", justify="left", style="cyan", no_wrap=True)
table.add_column("OTP", justify="left", style="green")
for device in devices:
r = s.get(
f"https://{NETSKOPE_TENANT}/api/v2/devices/v2/devices/otp",
headers={"Authorization": f"Bearer {API_KEY}"},
params={
"deviceID": device.get("host_info").get("nsdeviceuid"),
"userkey": device.get("user_info").get("userkey"),
"type": "all",
},
)
table.add_row(device["hostname"], r.json().get("client_disable_password"))
console = Console()
console.print(table)