Using the Public API through the Power BI Desktop Connector

How to integrate Delve's results directly in Power BI as a data source in order to run your own data analytics on vulnerabilties and assets.

If you need to extract Delve's data through its Public API through the Delve Power BI Connector, this quick howto will guide you through the steps necessary to configure Power BI Desktop to access Delve's data through OAUTH2 authentication mechanism.

Step-by-step guide

Create a Public API Client in Delve

Follow the appropriate User Guide Section on Creating Public API Clients.

For Power BI, do use https://oauth.powerbi.com/views/oauthredirect.html as a redirect URI.

Authorize Power BI Desktop to use Third-Party Connectors

After having opened Power BI Desktop, go into File → Options and Settings → Options.

In the menu that appears, select "Security" in the left side, and in the "Data Extensions" section, chose "Allow any extension to load without validation or warning".

 

586350616

 

Then close Power BI Desktop to save the changes.

Install Delve's OpenAPI Connector

Directly use a provided .MEZ file

If you were provided with a .mez file, you have to put the file in the right Power BI Desktop folder, namely: C:\Users\<YOURUSER>\Documents\Power BI Desktop\Custom Connectors\

Power BI Desktop will load .mez files automatically at boot and provide you with the connector listed in your "Data Sources". If it does not appear in the "Data Sources", check that you have successfully authorized third-party connectors and that the file is in the right folder.

⚠️ The .MEZ file contains sensitive information such as your Client ID, your Client Secret and your instance URL. Handle this file with care.

Compile your own .MEZ file

You can follow the instructions on our GitHub page where Delve's Data Connector is hosted.

Connect to Delve's OpenAPI through OAUTH2

After Opening Power BI Desktop, open the connector by using the "Get Data" function of Power BI Desktop.

You will be presented with the "Get Data" menu, in which you will see all the available connectors. Search for "Warden" in the upper left corner in order to find Delve's Public API connector.

 

586416191

 

Use the "Connect" button to start the OAUTH2 connection mechanism, you will then be presented with a new menu to Sign in Delve, where you should press the "Sign in" button.

 

586252311

 

You will then be presented with the regular OAUTH2 login screen of Delve, in which you should use your pre-defined applicative's Username/Password to authorize this Client ID to get a Token for a predetermined period of time (choose the one you think is best).

⚠️ The authorization level must be equal or lower than your Client ID's scopes as defined in Delve when you created it.

 

 

586219565

PowerBI will cache the access in the Data Source parameters, it is possible that you may need to clear them manually if you want to re-initialize the authentication.

Once the connectivity is established, you should see a window that indicates that you are currently signed in.

 

586252311

 

After the authorization has been setup you can click on the "Connect" button to browse the different requests in the Navigator.

Using the OpenAPI GET Queries to Fetch the Vulnerability Groups Data

Once in the Navigator, Power BI Desktop will show you all the available GET requests in Delve's public API, as functions that you can call with different parameters.

At the moment, Power BI Desktop does not allow you to do any other request than GET requests (no POST or PATCH).

You can select (using the checkbox is required) a specific request and send parameters to get the data back.

For instance, if you want to get a list of "vulnerability groups" (a similar list as the product's Frontend "Vulnerabilities" page) for a specific search query, you can do so by clicking on the "_api_v2_vulnerability-groups_get" function in the left section, and set the parameters for the request and use the following parameters:

  • Change the "Limit" parameterto the number of vulnerability groups you want to get for each request.
  • Change the "Offset" parameter if you want to look for the next page/group of vulnerability groups (this can be useful to chain multiple small queries instead of doing a big query).
  • Change the "Sort" parameter if you want the vulnerability groups to arrive pre-sorted upon certain criteria.
  • Use the "q" (query) parameter to specify that you want the vulnerability groups matching a certain search criteria, eg.: {"global": {"text": "XSS"}} The query language is documented in its own article.

Once you have decided on your request parameters, you can click on the "Apply" button to get a preview of the data being fetched in Delve's public API.

 

586252316

It is possible that endpoints displayed in the list above differ in naming from what you see in the above screenshot. Refer to Delve's OpenAPI Swagger API documentation for details about each endpoint.

Then you can use the "Load" button to load the data into Power BI Desktop, you will then be transferred to the data view, if not you can click on the "Data" icon in the top left corner of Power BI Desktop.

 

586416196

 

From the data view, Power BI Desktop will show the results as a table, with a "sub-table" in the "items" section. In order to expand this table and access the vulnerability groups themselves, you need to use the "Edit Queries" function.

 

586186788

 

586350627

The Power Query Editor window will then appear, allowing you to click on the "Table" in the items line, and get an expanded view for all the vulnerability group items. You can use the "Close and Apply" button to save this modified data source.

capture10

Apply your changes to work on that new transformed data source, and use the graphing feature to extract the information you are looking for.