Already noted that you can't use extraction by Cloud API type (see attached screenshot named API_note.PNG).
An example ("demo") of extraction API to Appliance via curl - please find in attached text file named: Threat_Extraction_Appliance_API_curl_example.txt
Before running this curl command, make sure you replace :
- The x.x.x.x with the appliance ip-address.
- The nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn with the appliance api-key.
In this example I base64 encoded a small office excel file (I named it in the curl API call as "000102.xls").
Of course, before running the curl command, reminding required settings described in documentation for "extraction" in Appliance API calls : sk113599 , sk137032
BTW, please find up-to-date Threat Extraction to Appliance API python utility here
Let me know if you have any further questions.