V4 API Information
To access the V4 API Documentation, click on Profile > API Documentation from inside the portal.
User Management and Security | API Key
API Rate Limits
100 requests per minute
1000 requests per hour
3000 requests per day
API Documentation - Overview and Login
To log in and authorize, use API /w/authorize
Client-Auth-Token: (base64 (tenant+client_id:client_secret))
Use Base64 Encode and Decode - Online to Encode the Client-Auth-Token
Warning: You will get a 502 ‘Gateway Error’ if using Unicode instead of UTF8 for encoding
Please use UTF8 for encoding to base64
Sample Example: Go to the above URL and add {{tenantname}}+ {{Client_id}}:{{client_secret}}
Refer the below screenshot.
To fetch a User’s Client_ID and Client_Secret, navigate to Global > User Management > Select User > click on Action > API Key.
Â
Once you have the encoded data add it to POST: /w/authorize and execute
After execution, copy the ‘access_token’ from the response, click on Authorize on top of the page, paste the ‘access_token’ to the ‘Value', and click on Authorize.
Â
Now you can use the ‘user_ID’, given under the /w/authorize response.
Navigate to the required section (IE: Company as below to GET /r/company/agents
Description: String, skip, limit, sort
String: It specifies the number of pages to skip. E.g., when the skip is set to 0, and the limit is set to 10, it will process the entire dataset by splitting it into 10 pages. The data from the first page will be returned; for the second page, the skip will be 1, and the limit will be 10, returning the next 10 data.
Limit: It limits the number of returned values. The default limit is 100.
Sort: It specifies the sorting order based on the 'severity. keyword' field in descending order.
Example Data for GET /r/company/agents
{ "status": true, "data": [ { "old_id": "string", "name": "string", "agent_version": "string", "host_name": "string", "ip": "string", "os_type": "string", "os_platform": "string", "os_name": "string", "os_version": "string", "kernel": "string", "agent_type": "string", "last_scanned_time": "string", "last_reported": "string", "max_thread_count": 0, "is_deprecated": true, "deprecated_time": "string", "reported": true, "company_ref_id": "string", "company_id": 0, "tenantid": 0, "id": 0, "created": "string", "updated": "string" } ] }
API Details
Problem Group ID’s
problem_group_name = id
"Critical Vulnerabilities" = 1
"High Severity Vulnerabilities" = 2
"Medium Severity Vulnerabilities" = 3
"Low Severity Vulnerabilities" = 4
"SMB Vulnerabilities" = 12
"SSL/TLS Vulnerabilities" = 13
"SSL Certificate Info" = 14
"Running Services" = 15
"Web Server Fingerprint" = 16
"Remote Login Vulnerabilities" = 23
"Information Disclosure" = 17
"Antivirus Not Installed" = 26
"Backup Not Performed" = 27
"Firewall Misconfiguration" = 28
"Operating System Out Of Support" = 29
"User Password Never Expires" = 30
"User Password Not Required" = 31
"Active Users Not Logged In For 30 Days" = 32
"MFA Not Enabled For Azure Users" = 33
"CISA Notified Vulnerabilities" = 34
"EPSS >= 0.95" = 35
"0.95 > EPSS >= 0.90" = 36
"0.90 > EPSS >= 0.85" = 37
"0.85 > EPSS >= 0.80" = 38
"Database Vulnerabilities" = 45
"Mail Vulnerabilities" = 46
"Remote Access Vulnerabilities" = 47
"User Account Lockouts" = 5
"Failed Login Attempts" = 6
"Empty Security Groups" = 41
"Multiple Administrators In OU" = 44
"Computer Not Logged In For 30 Days" = 39
"Password Policy Compliance" = 40
"Informational" = 48
"Non Security Enabled Groups" = 42
Need Support?
Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.
https://cybercns.freshdesk.com/en/support/login
Â