If you are unable to generate a ThreatDown Nebula client ID and secret in the ThreatDown Nebula dashboard, you can use Postman to generate these values.

1. Sign in to the ThreatDown Nebula dashboard.
2. Navigate to Manage > Endpoints.
3. Open Developer Tools:
   1. Right-click anywhere on the page, and then select Inspect.
   2. n the Dev Tools panel, click the Network tab.
4. In the Network tab of the Dev Tools panel, look for a request to https://api.threatdown.com/nebula/v1/grid/endpoints/search.
5. Click on the request, and then scroll down to Request Headers.
6. Find and copy the Authorization header value, excluding the Bearer prefix.
7. Open Postman or a similar HTTP header request tool.
8. In Postman, go to the Authorization tab, and then select Bearer Token.
9. Paste the token that you copied from the Dev Tools panel.
10. Set these Request Headers in Postman:

    • x-mwb-accountid — Enter the Nebula account ID of the site.

      Content-Type — Leave as application/json.

11. In the Body section, enter:
    JSONCopy

    { "client_name": "<client_name>", "scopes": ["read", "write", "execute"] }

    {
        "client_name": "<client_name>",
        "scopes": ["read", "write", "execute"]
    }

12. Use Postman to send a POST request to: https://api.threatdown.com/api/v2/applications/client.
    The response includes a client_id and client_secret.
13. Copy the client ID and client secret to a safe, encrypted location to provide to Arctic Wolf later.
14. Proceed to Provide ThreatDown Nebula credentials to Arctic Wolf.