Illumio Core 25.2.10 REST API
25.2.10
Known Issues: Some parameter tables, JSON request bodies, and JSON response bodies are currently not included.
This Illumio Core 25.2.10 v2 REST API Reference Preview includes all Public Stable and Public Experimental APIs in this release. It contains curl code examples, parameter definitions, and JSON request and response bodies.
For detailed curl code examples and in-depth information about methods, parameters, and API calls, see the Illumio Core 25.2.10 REST API Developer Guide.
README
API Properties
Code Examples
The $KEY and $TOKEN constants in the code examples represent authentication credentials (session and token, API key and token, or username and password as appropriate).
Required Parameters
Required parameters in the parameter tables have a Required field of true with an orange asterisk. However, the requirements are based on nesting, so if you're not using any parameters in an indented nested block then none of the parameters in the nested block are required, even if they have an asterisk.
If at least one of multiple parameters is required, their Required fields are false with two orange asterisks, indicating that at least one of the parameters with two asterisks must be defined. For example, when creating a workload, a name and/or a hostname for the workload must be defined.
Search
Use the search field at the top of the left column for whole words like IP Lists.
Use Ctrl-F to search for whole words or words joined by underscores and/or slashes like ip_lists or workloads/bulk_create.
Access Restrictions
Get all Access Restrictions
Example Code
curl -X GET /orgs/{org_id}/access_restrictions \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/access_restrictions
Exposure: Public Stable
Auditable: No
Get all Access Restrictions
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
{
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"devices": [
{
"href": "string",
"config": {
"host": "string",
"port": 0,
"credential_type": "password",
"username": "string",
"credential": null,
"check_certificate": true
},
"status": {
"connection_state": "pending",
"software_version": "string",
"sync_state": "in_sync"
}
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | slbs_get |
Create a new Access Restriction
Example Code
curl -X POST /orgs/{org_id}/access_restrictions \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/access_restrictions
Auditable: Yes
Exposure: Public Stable
Create a new Access Restriction
Example Request Body
{
"name": "string",
"description": "string",
"ips": [
null
],
"enforcement_exclusions": null
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | orgs_access_restrictions_post | false | none |
| » name | body | string | true* | User assigned name of the access restriction |
| » description | body | string | false | User assigned description of the access restriction |
| » ips | body | [oneOf] | true* | Array of ip addresses or CIDR blocks |
| »» anonymous | body | any | false | none |
| »» anonymous | body | any | false | none |
| » enforcement_exclusions | body | array,null | false | The types of API access methods that are excluded from access restriction enforcement |
Enumerated Values
| Parameter | Value |
|---|---|
| » enforcement_exclusions | user_sessions |
| » enforcement_exclusions | api_keys |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Read the Specified Access Restriction Info
Example Code
curl -X GET /orgs/{org_id}/access_restrictions/{id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/access_restrictions/{id}
Exposure: Public Stable
Auditable: No
Read Access Restriction Info
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| id | path | string | true* | access restriction id |
Example Response Body
200 Response
{
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"devices": [
{
"href": "string",
"config": {
"host": "string",
"port": 0,
"credential_type": "password",
"username": "string",
"credential": null,
"check_certificate": true
},
"status": {
"connection_state": "pending",
"software_version": "string",
"sync_state": "in_sync"
}
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | slbs_get |
Delete the Specified Access Restriction
Example Code
curl -X DELETE /orgs/{org_id}/access_restrictions/{id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/access_restrictions/{id}
Exposure: Public Stable
Auditable: Yes
Delete Access Restriction
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| id | path | string | true* | access restriction id |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Update the Access Restriction Info
Example Code
curl -X PUT /orgs/{org_id}/access_restrictions/{id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/access_restrictions/{id}
Auditable: Yes
Exposure: Public Stable
Update Access Restriction Info
Example Request Body
{
"name": "string",
"description": "string",
"ips": [
null
],
"enforcement_exclusions": null
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| id | path | string | true* | access restriction id |
| body | body | orgs_access_restrictions_put | false | none |
| » name | body | string | false | User assigned name of the access restriction |
| » description | body | string | false | User assigned description of the access restriction |
| » ips | body | [oneOf] | false | Array of ip addresses or CIDR blocks |
| »» anonymous | body | any | false | none |
| »» anonymous | body | any | false | none |
| » enforcement_exclusions | body | array,null | false | The types of API access methods that are excluded from access restriction enforcement |
Enumerated Values
| Parameter | Value |
|---|---|
| » enforcement_exclusions | user_sessions |
| » enforcement_exclusions | api_keys |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Agents (deprecated, see VEN Operations)
Get an Agent
Example Code
curl -X GET /orgs/{org_id}/agents/{agent_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/agents/{agent_id}
Exposure: Public Experimental
Auditable: No
DEPRECATED AND REPLACED (USE /orgs/:org_id/vens/:ven_uuid INSTEAD)
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| agent_id | path | integer | true* | Agent ID |
Example Response Body
200 Response
{
"name": null,
"description": null,
"online": null,
"mode": null,
"uid": "string",
"last_heartbeat_on": null,
"uptime_seconds": null,
"hostname": "string",
"agent_version": null,
"public_ip": null,
"ip_tables_saved": null,
"os_id": null,
"os_detail": null,
"log_traffic": null,
"target_pce_fqdn": null,
"active_pce_fqdn": null,
"labels": null,
"visibility_level": null,
"ven": {
"href": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | agents_get |
Update an Agent
Example Code
curl -X PUT /orgs/{org_id}/agents/{agent_id}/update \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/agents/{agent_id}/update
Auditable: Yes
Exposure: Public Experimental
DEPRECATED AND REPLACED (USE PUT /orgs/:org_id/vens/:ven_uuid INSTEAD)
Example Request Body
{
"target_pce_fqdn": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| agent_id | path | integer | true* | Agent ID |
| body | body | agents_update_put | false | none |
| » target_pce_fqdn | body | string | false | cluster FQDN for target PCE |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Create an Agent Traffic Flow
Example Code
curl -X POST /orgs/{org_id}/agents/bulk_traffic_flows
POST /api/v2/orgs/{org_id}/agents/bulk_traffic_flows
Exposure: Public Experimental
Auditable: Yes
Bulk load traffic flows from unmanaged workloads
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
API Keys, Service Account-based
Get service accounts
Example Code
curl -X GET /orgs/{org_id}/service_accounts \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/service_accounts
Exposure: Public Experimental
Auditable: No
Get service accounts
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| managing | query | string | false | Name of the entity managing the service account (such as "cs") |
| max_results | query | integer | false | Maximum number of service accounts to return. |
| name | query | string | false | Name of service account to filter by |
| role | query | string | false | Role URI (JSON-encoded string) to filter on |
Example Response Body
200 Response
{
"name": "string",
"description": "string",
"access_restriction": null,
"permissions": [
{
"href": "string",
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
}
],
"href": "string",
"api_keys": [
{
"key_id": "string",
"auth_username": "string",
"name": null,
"description": "string",
"state": "string",
"expires_in_seconds": 0,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"last_login_on": "2025-04-01T00:21:27Z",
"account": {
"href": "string",
"type": "string",
"name": "string",
"access_restriction": null,
"permissions": [
{
"href": "string",
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
}
]
},
"href": "string"
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | service_accounts_get |
Create a new service account
Example Code
curl -X POST /orgs/{org_id}/service_accounts \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/service_accounts
Auditable: Yes
Exposure: Public Experimental
Create a new service account
Example Request Body
{
"name": "string",
"description": "string",
"access_restriction": null,
"permissions": [
{
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
}
],
"api_key": {
"expires_in_seconds": "default"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| body | body | service_accounts_post | false | none |
| » name | body | string | true* | Name of the service_account |
| » description | body | string | false | The description of the service_account |
| » access_restriction | body | object,null | false | Access restriction assigned to the keys created under this service_account |
| »» href | body | string | true* | Access restriction URI |
| » permissions | body | [object] | true* | The list of permissions |
| »» role | body | orgs_permissions_put/properties/role | true* | none |
| »»» href | body | string | true* | URI of Role |
| »» scope | body | [object] | true* | none |
| »»» label | body | object | false | none |
| »»»» href | body | string | true* | Label URI |
| »»»» key | body | string | false | Label type |
| »»»» value | body | string | false | Label name |
| »»» label_group | body | object | false | none |
| »»»» href | body | string | true* | Label group URI |
| »»»» key | body | string | false | Label group type |
| »»»» name | body | string | false | Label group name |
| »»» api_key | body | object | true* | none |
| »»»» expires_in_seconds | body | any | true* | Validity of the api_key, in seconds |
| »»»»» anonymous | body | string | false | none |
| »»»»» anonymous | body | integer | false | none |
Enumerated Values
| Parameter | Value |
|---|---|
| »»»»» anonymous | default |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Read service account info
Example Code
curl -X GET /orgs/{org_id}/service_accounts/{service_account_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/service_accounts/{service_account_id}
Exposure: Public Experimental
Auditable: No
Read Service Account Info
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| service_account_id | path | string | true* | Service account UUID |
Example Response Body
200 Response
{
"name": "string",
"description": "string",
"access_restriction": null,
"permissions": [
{
"href": "string",
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
}
],
"href": "string",
"api_keys": [
{
"key_id": "string",
"auth_username": "string",
"name": null,
"description": "string",
"state": "string",
"expires_in_seconds": 0,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"last_login_on": "2025-04-01T00:21:27Z",
"account": {
"href": "string",
"type": "string",
"name": "string",
"access_restriction": null,
"permissions": [
{
"href": "string",
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
}
]
},
"href": "string"
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | service_accounts_get |
Delete service account
Example Code
curl -X DELETE /orgs/{org_id}/service_accounts/{service_account_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/service_accounts/{service_account_id}
Exposure: Public Experimental
Auditable: Yes
Delete service account
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| service_account_id | path | string | true* | Service account UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Update service account info
Example Code
curl -X PUT /orgs/{org_id}/service_accounts/{service_account_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/service_accounts/{service_account_id}
Auditable: Yes
Exposure: Public Experimental
Update service account info
Example Request Body
{
"name": "string",
"description": "string",
"access_restriction": null,
"permissions": [
{
"href": "string",
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| service_account_id | path | string | true* | Service account UUID |
| body | body | service_accounts_put | false | none |
| » name | body | string | false | Service account name |
| » description | body | string | false | Description of the service_account |
| » access_restriction | body | object,null | false | Access restriction assigned to the keys created under this service_account |
| »» href | body | string | true* | Access restriction URI |
| » permissions | body | [object] | false | List of permissions |
| »» href | body | string | false | URI of the permission entity |
| »» role | body | orgs_permissions_put/properties/role | true* | none |
| »»» href | body | string | true* | URI of Role |
| »» scope | body | [object] | true* | none |
| »»» label | body | object | false | none |
| »»»» href | body | string | true* | Label URI |
| »»»» key | body | string | false | Label type |
| »»»» value | body | string | false | Label name |
| »»» label_group | body | object | false | none |
| »»»» href | body | string | true* | Label group URI |
| »»»» key | body | string | false | Label group type |
| »»»» name | body | string | false | Label group name |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Create a new API key for this service account
Example Code
curl -X POST /orgs/{org_id}/service_accounts/{service_account_id}/api_keys \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/service_accounts/{service_account_id}/api_keys
Auditable: Yes
Exposure: Public Experimental
Create a new API key for this service account
Example Request Body
{
"expires_in_seconds": "default"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| service_account_id | path | string | true* | Service account UUID |
| body | body | service_accounts_api_keys_post | false | none |
| » expires_in_seconds | body | any | true* | Validity of the api_key, in seconds |
| »» anonymous | body | string | false | none |
| »» anonymous | body | integer | false | none |
Enumerated Values
| Parameter | Value |
|---|---|
| »» anonymous | default |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Delete service account API Key
Example Code
curl -X DELETE /orgs/{org_id}/service_accounts/{service_account_id}/api_keys/{api_key_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/service_accounts/{service_account_id}/api_keys/{api_key_id}
Exposure: Public Experimental
Auditable: Yes
Delete Service Account API Key
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| service_account_id | path | string | true* | Service account UUID |
| api_key_id | path | string | true* | API Key ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
API Keys, User-based
Get API Keys
Example Code
curl -X GET /users/{user_id}/api_keys \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/users/{user_id}/api_keys
Exposure: Public Stable
Auditable: No
Get API Key
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_id | path | integer | true* | User ID |
Example Response Body
200 Response
{
"key_id": "string",
"auth_username": "string",
"created_at": "2025-04-01T00:21:27Z",
"name": "string",
"description": "string",
"href": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | users_api_keys_get |
Get an API Key
Example Code
curl -X GET /users/{user_id}/api_keys/{key_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/users/{user_id}/api_keys/{key_id}
Exposure: Public Stable
Auditable: No
Read API Key Info
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_id | path | integer | true* | User ID |
| key_id | path | string | true* | key_id |
Example Response Body
200 Response
{
"key_id": "string",
"auth_username": "string",
"created_at": "2025-04-01T00:21:27Z",
"name": "string",
"description": "string",
"href": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | users_api_keys_get |
Create an API Key
Example Code
curl -X POST /users/{user_id}/api_keys \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/users/{user_id}/api_keys
Auditable: Yes
Exposure: Public Stable
Create a new API Key
Example Request Body
{
"name": "string",
"description": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_id | path | integer | true* | User ID |
| body | body | users_api_keys_post | false | none |
| » name | body | string | true* | The key name - just a label to be used |
| » description | body | string | false | The description of the key |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update an API Key
Example Code
curl -X PUT /users/{user_id}/api_keys/{key_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/users/{user_id}/api_keys/{key_id}
Auditable: Yes
Exposure: Public Stable
Update API Key Info
Example Request Body
{
"name": "string",
"description": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_id | path | integer | true* | User ID |
| key_id | path | string | true* | key_id |
| body | body | users_api_keys_put | false | none |
| » name | body | string | false | The key name - just a label to be used |
| » description | body | string | false | The description of the key |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete an API Key
Example Code
curl -X DELETE /users/{user_id}/api_keys/{key_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/users/{user_id}/api_keys/{key_id}
Exposure: Public Stable
Auditable: Yes
Delete API Key
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_id | path | integer | true* | User ID |
| key_id | path | string | true* | key_id |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get API Keys
Example Code
curl -X GET /orgs/{org_id}/api_keys?type=user \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/api_keys
Exposure: Public Experimental
Auditable: No
Get api keys
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| max_results | query | integer | false | Maximum number of api keys to return. |
| name | query | string | false | Name of the service account to filter by |
| role | query | string | false | Role URI (JSON-encoded string) to filter on |
| state | query | string | false | State of api keys - active or expired |
| type | query | string | true* | Type of principal - User or Service Account |
| username | query | string | false | Username of the user to filter by |
Enumerated Values
| Parameter | Value |
|---|---|
| state | active |
| state | expired |
| type | user |
| type | service_account |
Example Response Body
200 Response
{
"key_id": "string",
"auth_username": "string",
"name": null,
"description": "string",
"state": "string",
"expires_in_seconds": 0,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"last_login_on": "2025-04-01T00:21:27Z",
"account": {
"href": "string",
"type": "string",
"name": "string",
"access_restriction": null,
"permissions": [
{
"href": "string",
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
}
]
},
"href": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | api_keys_get |
Delete API Key
Example Code
curl -X DELETE /orgs/{org_id}/api_keys/{api_key_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/api_keys/{api_key_id}
Exposure: Public Experimental
Auditable: Yes
Delete API Key
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| api_key_id | path | string | true* | API Key ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Application Groups
Get Risk Summary for Application Groups
Example Code
curl -X GET /orgs/{org_id}/app_groups/risk_summary \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/app_groups/risk_summary
Exposure: Public Experimental
Auditable: No
Get the risk summary for all application groups
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
[
{
"app_group": {
"href": "string"
},
"labels": [
{
"href": "string"
}
],
"risk_summary": {
"ransomware": null
}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | app_groups_risk_summary_get |
Get Risk Details for a Specific Application Group
Example Code
curl -X GET /orgs/{org_id}/app_groups/{app_group_id}/risk_details \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/app_groups/{app_group_id}/risk_details
Exposure: Public Experimental
Auditable: No
Get the risk_details for a specific application group
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| app_group_id | path | string | true* | app group resource id |
Example Response Body
200 Response
{
"risk_details": {}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | app_groups_risk_details_get |
Async Queries for Traffic Flows
Get collection of async queries
Example Code
curl -X GET /orgs/{org_id}/traffic_flows/async_queries \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/traffic_flows/async_queries
Exposure: Public Experimental
Auditable: No
Get collection of asynchronous traffic flow query status
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
{
"href": "http://example.com",
"result": "http://example.com",
"status": "string",
"created_at": "2025-04-01T00:21:26Z",
"created_by": {
"href": "http://example.com"
},
"query_parameters": {
"query_name": "string",
"start_date": "2025-04-01",
"end_date": "2025-04-01",
"sources_destinations_query_op": "and",
"sources": {
"include": [
[
{
"label": {
"href": "string"
}
}
]
],
"exclude": [
{
"label": {
"href": "string"
}
}
]
},
"destinations": {
"include": [
[
{
"label": {
"href": "string"
}
}
]
],
"exclude": [
{
"label": {
"href": "string"
}
}
]
},
"data_sources": {
"include": [
"server"
],
"exclude": [
"server"
]
},
"services": {
"include": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"process_name": "string",
"windows_service_name": "string"
}
],
"exclude": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"process_name": "string",
"windows_service_name": "string"
}
]
},
"policy_decisions": [
"allowed"
],
"boundary_decisions": [
"blocked"
],
"max_results": 0,
"exclude_workloads_from_ip_list_query": true
},
"updated_at": "2025-04-01T00:21:26Z",
"matches_count": 0,
"flows_count": 0,
"regions": [
{
"pce_fqdn": "string",
"responded": true,
"matches_count": 0,
"flows_count": 0
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | traffic_flows_async_queries_get |
Create a new async traffic flow query
Example Code
curl -X POST /orgs/{org_id}/traffic_flows/async_queries \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/traffic_flows/async_queries
Auditable: No
Exposure: Public Experimental
Create asynchronous traffic flow query for traffic analysis
Example Request Body
{
"query_name": "string",
"start_date": "2025-04-01",
"end_date": "2025-04-01",
"sources_destinations_query_op": "and",
"sources": {
"include": [
[
{
"label": {
"href": "string"
}
}
]
],
"exclude": [
{
"label": {
"href": "string"
}
}
]
},
"destinations": {
"include": [
[
{
"label": {
"href": "string"
}
}
]
],
"exclude": [
{
"label": {
"href": "string"
}
}
]
},
"data_sources": {
"include": [
"server"
],
"exclude": [
"server"
]
},
"services": {
"include": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"process_name": "string",
"windows_service_name": "string"
}
],
"exclude": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"process_name": "string",
"windows_service_name": "string"
}
]
},
"policy_decisions": [
"allowed"
],
"boundary_decisions": [
"blocked"
],
"max_results": 0,
"exclude_workloads_from_ip_list_query": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | traffic_flows_async_queries_post | false | none |
| » query_name | body | string | true* | Query Name |
| » start_date | body | string(date) | false | Starting date for query |
| » end_date | body | string(date) | false | Ending date for query |
| » sources_destinations_query_op | body | string | false | Query logical operator between sources and destinations |
| » sources | body | object | true* | Source labels, workloads, IP addresses to include or exclude |
| »» include | body | [array] | true* | List of included sources or targets |
| »»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»» label | body | object | true* | none |
| »»»»» href | body | string | true* | Label URI |
| »»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»» label_group | body | object | true* | none |
| »»»»»» href | body | string | true* | Label group URI |
| »»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»» workload | body | object | true* | none |
| »»»»»»» href | body | string | true* | Workload URI |
| »»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»» ip_address | body | string | true* | IP address value |
| »»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»» ip_list | body | object | true* | none |
| »»»»»»»» href | body | string | true* | IP List draft URI |
| »»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/5 | false | Explorer filter for all managed services (workloads, virtual_services etc) |
| »»»»»»»» actors | body | string | false | All managed workloads ('ams') |
| »»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»» cloud_resource | body | object | true* | none |
| »»»»»»»»» resource_uuid | body | string | true* | UUID of cloud resource |
| »»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»» data_center | body | object | true* | none |
| »»»»»»»»»» type | body | string | true* | Type of the datacenter, such as core/cloud/aws/azure/gcp |
| »»»»»»»»» exclude | body | [anyOf] | true* | List of excluded sources or targets |
| »»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»» destinations | body | object | true* | Target labels, workloads, IP addresses, domain names, transmission to include or exclude |
| »»»»»»»»»» include | body | [array] | true* | List of included sources or targets |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/destinations/properties/include/items/items/oneOf/4 | false | An DNS parameter for a traffic query |
| »»»»»»»»»»»» fqdn | body | string | true* | parameter for querying the matched fqdn |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/5 | false | Explorer filter for all managed services (workloads, virtual_services etc) |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»» exclude | body | [anyOf] | true* | List of excluded sources or targets |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/destinations/properties/include/items/items/oneOf/4 | false | An DNS parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | object | false | Parameter representing broadcast/multiccast |
| »»»»»»»»»»»» transmission | body | string | true* | transmission type |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»» data_sources | body | object | false | Data sources of the flows to include or exclude |
| »»»»»»»»»»» include | body | [string] | false | List of included services |
| »»»»»»»»»»» exclude | body | [string] | false | List of excluded data sources |
| »»»»»»»»»» services | body | object | true* | Services (5-tuple of port/to_port/proto/process/service) to include or exclude |
| »»»»»»»»»»» include | body | [object] | true* | List of included services (5-tuple of port/to_port/proto/process/service) |
| »»»»»»»»»»»» port | body | integer | false | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»»»»»»»»» proto | body | integer | false | protocol number |
| »»»»»»»»»»»» process_name | body | string | false | Process Name |
| »»»»»»»»»»»» windows_service_name | body | string | false | Windows Service Name |
| »»»»»»»»»»» exclude | body | [object] | true* | List of excluded services (5-tuple of port/to_port/proto/process/service) |
| »»»»»»»»»»»» port | body | integer | false | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»»»»»»»»» proto | body | integer | false | protocol number |
| »»»»»»»»»»»» process_name | body | string | false | Process Name |
| »»»»»»»»»»»» windows_service_name | body | string | false | Windows Service Name |
| »»»»»»»»»»» policy_decisions | body | [string] | true* | List of policy decisions |
| »»»»»»»»»»» boundary_decisions | body | [string] | false | List of boundary decisions |
| »»»»»»»»»»» max_results | body | integer | true* | maximum number of flows to return |
| »»»»»»»»»»» exclude_workloads_from_ip_list_query | body | boolean | false | exclude workload traffic when IP List is provided either in consumer or provider part of traffic query |
Enumerated Values
| Parameter | Value |
|---|---|
| » sources_destinations_query_op | and |
| » sources_destinations_query_op | or |
| »»»»»»»» actors | ams |
| »»»»»»»»»» type | core |
| »»»»»»»»»» type | cloud |
| »»»»»»»»»» type | aws |
| »»»»»»»»»» type | azure |
| »»»»»»»»»» type | gcp |
| »»»»»»»»»»»» transmission | broadcast |
| »»»»»»»»»»»» transmission | multicast |
| »»»»»»»»»»»» transmission | unicast |
| »»»»»»»»»»» include | server |
| »»»»»»»»»»» include | endpoint |
| »»»»»»»»»»» include | flowlink |
| »»»»»»»»»»» include | scanner |
| »»»»»»»»»»» exclude | server |
| »»»»»»»»»»» exclude | endpoint |
| »»»»»»»»»»» exclude | flowlink |
| »»»»»»»»»»» exclude | scanner |
| »»»»»»»»»»» policy_decisions | allowed |
| »»»»»»»»»»» policy_decisions | potentially_blocked |
| »»»»»»»»»»» policy_decisions | blocked |
| »»»»»»»»»»» policy_decisions | unknown |
| »»»»»»»»»»» boundary_decisions | blocked |
| »»»»»»»»»»» boundary_decisions | blocked_by_override_deny |
| »»»»»»»»»»» boundary_decisions | blocked_non_illumio_rule |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Get asynchronous traffic flow query status
Example Code
curl -X GET /orgs/{org_id}/traffic_flows/async_queries/{uuid} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/traffic_flows/async_queries/{uuid}
Exposure: Public Experimental
Auditable: No
Get asynchronous traffic flow query status
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| uuid | path | string | true* | async query uuid |
Example Response Body
200 Response
{
"href": "http://example.com",
"result": "http://example.com",
"status": "string",
"created_at": "2025-04-01T00:21:26Z",
"created_by": {
"href": "http://example.com"
},
"query_parameters": {
"query_name": "string",
"start_date": "2025-04-01",
"end_date": "2025-04-01",
"sources_destinations_query_op": "and",
"sources": {
"include": [
[
{
"label": {
"href": "string"
}
}
]
],
"exclude": [
{
"label": {
"href": "string"
}
}
]
},
"destinations": {
"include": [
[
{
"label": {
"href": "string"
}
}
]
],
"exclude": [
{
"label": {
"href": "string"
}
}
]
},
"data_sources": {
"include": [
"server"
],
"exclude": [
"server"
]
},
"services": {
"include": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"process_name": "string",
"windows_service_name": "string"
}
],
"exclude": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"process_name": "string",
"windows_service_name": "string"
}
]
},
"policy_decisions": [
"allowed"
],
"boundary_decisions": [
"blocked"
],
"max_results": 0,
"exclude_workloads_from_ip_list_query": true
},
"updated_at": "2025-04-01T00:21:26Z",
"matches_count": 0,
"flows_count": 0,
"regions": [
{
"pce_fqdn": "string",
"responded": true,
"matches_count": 0,
"flows_count": 0
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | traffic_flows_async_queries_get |
Request cancellation of an executing asynchronous traffic flow query
Example Code
curl -X PUT /orgs/{org_id}/traffic_flows/async_queries/{uuid} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/traffic_flows/async_queries/{uuid}
Auditable: No
Exposure: Public Experimental
Request cancellation of an executing asynchronous traffic flow query
Example Request Body
{
"status": "cancel_requested"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| uuid | path | string | true* | async query uuid |
| body | body | traffic_flows_async_queries_put | false | none |
| » status | body | string | true* | Query status |
Enumerated Values
| Parameter | Value |
|---|---|
| » status | cancel_requested |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete status and results for an asynchronous traffic flow query
Example Code
curl -X DELETE /orgs/{org_id}/traffic_flows/async_queries/{uuid}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/traffic_flows/async_queries/{uuid}
Exposure: Public Experimental
Auditable: No
Delete status and results for an asynchronous traffic flow query
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| uuid | path | string | true* | async query uuid |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Download results of a completed asynchronous traffic flow query
Example Code
curl -X GET /orgs/{org_id}/traffic_flows/async_queries/{uuid}/download \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/traffic_flows/async_queries/{uuid}/download
Exposure: Public Experimental
Auditable: No
Download results of a completed asynchronous traffic flow query
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| uuid | path | string | true* | async query uuid |
Example Response Body
200 Response
[
{
"src": {
"ip": "string",
"workload": {
"href": "string",
"hostname": "string",
"name": "string",
"os_type": "windows",
"enforcement_mode": "idle",
"labels": [
{
"href": "string"
}
],
"managed": true
},
"cloud_resource": {
"resource_uuid": "string",
"labels": [
{
"href": "string"
}
],
"type": "aws"
},
"data_center": {
"data_center": {
"type": "core"
}
},
"ip_lists": [
{
"name": "string",
"href": "string",
"size": 0,
"rules": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
],
"override_deny_rules": [
{
"href": "string"
}
]
}
],
"virtual_server": {
"name": "string",
"href": "string",
"enforcement_mode": "unmanaged",
"labels": [
{
"href": "string"
}
]
},
"virtual_service": {
"name": "string",
"href": "string",
"labels": [
{
"href": "string"
}
],
"workload_enforcement_mode": "idle"
},
"fqdn_name": "string"
},
"dst": {
"ip": "string",
"workload": {
"href": "string",
"hostname": "string",
"name": "string",
"os_type": "windows",
"enforcement_mode": "idle",
"labels": [
{
"href": "string"
}
],
"managed": true
},
"cloud_resource": {
"resource_uuid": "string",
"labels": [
{
"href": "string"
}
],
"type": "aws"
},
"data_center": {
"data_center": {
"type": "core"
}
},
"ip_lists": [
{
"name": "string",
"href": "string",
"size": 0,
"rules": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
],
"override_deny_rules": [
{
"href": "string"
}
]
}
],
"virtual_server": {
"name": "string",
"href": "string",
"enforcement_mode": "unmanaged",
"labels": [
{
"href": "string"
}
]
},
"virtual_service": {
"name": "string",
"href": "string",
"labels": [
{
"href": "string"
}
],
"workload_enforcement_mode": "idle"
},
"fqdn_name": "string"
},
"service": {
"port": 0,
"proto": 0,
"process_name": "string",
"windows_service_name": "string",
"user_name": "string"
},
"num_connections": 0,
"policy_decision": "string",
"boundary_decision": "string",
"draft_policy_decision": "string",
"flow_direction": "string",
"transmission": "string",
"timestamp_range": {
"first_detected": "2025-04-01T00:21:26Z",
"last_detected": "2025-04-01T00:21:26Z"
},
"state": "string",
"dst_bo": 0,
"dst_bi": 0,
"icmp_type": 0,
"icmp_code": 0,
"network": {
"name": "string",
"href": "string"
},
"rules": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
],
"override_deny_rules": [
{
"href": "string"
}
],
"caps": [
"write"
],
"client_type": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | traffic_flows_async_queries_download_get |
Update rule coverage for a completed asynchronous traffic flow query
Example Code
curl -X PUT /orgs/{org_id}/traffic_flows/async_queries/{uuid}/update_rules \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/traffic_flows/async_queries/{uuid}/update_rules
Auditable: No
Exposure: Public Experimental
Update rule coverage for a completed asynchronous traffic flow query
Example Request Body
null
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| uuid | path | string | true* | async query uuid |
| body | body | traffic_flows_async_queries_update_rules_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Auth Security Principals
Get Auth Security Principals
Example Code
curl -X GET /orgs/{org_id}/auth_security_principals \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/auth_security_principals
Exposure: Public Stable
Auditable: No
Get all auth_security_principals for this org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| name | query | string | false | Name of the auth_security_principal to filter by. Supports partial matches |
| type | query | string | false | Type (user or group) to filter by |
Example Response Body
200 Response
[
{
"type": "user",
"name": "string",
"display_name": "string",
"access_restriction": null,
"href": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | orgs_auth_security_principals_get |
Get an Auth Security Principal
Example Code
curl -X GET /orgs/{org_id}/auth_security_principals/{auth_security_principal_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/auth_security_principals/{auth_security_principal_id}
Exposure: Public Stable
Auditable: No
Get details of this auth_security_principal in this org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| auth_security_principal_id | path | string | true* | UUID of the auth_security_principal |
Example Response Body
200 Response
[
{
"type": "user",
"name": "string",
"display_name": "string",
"access_restriction": null,
"href": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | orgs_auth_security_principals_get |
Create an Auth Security Principal
Example Code
curl -X POST /orgs/{org_id}/auth_security_principals \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/auth_security_principals
Auditable: Yes
Exposure: Public Stable
Create an auth_security_principal in this org
Example Request Body
{
"type": "user",
"name": "string",
"display_name": "string",
"access_restriction": null
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| body | body | orgs_auth_security_principals_post | false | none |
| » type | body | string | true* | type of the auth_security_principal |
| » name | body | string | true* | name of auth_security_principal |
| » display_name | body | string | false | name of auth_security_principal |
| » access_restriction | body | object,null | false | Access restriction assigned to this user |
| »» href | body | string | true* | Access restriction URI |
Enumerated Values
| Parameter | Value |
|---|---|
| » type | user |
| » type | group |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update an Auth Security Principal
Example Code
curl -X PUT /orgs/{org_id}/auth_security_principals/{auth_security_principal_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/auth_security_principals/{auth_security_principal_id}
Auditable: Yes
Exposure: Public Stable
Edit this auth_security_principal in this org
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| auth_security_principal_id | path | string | true* | UUID of the auth_security_principal |
| body | body | orgs_auth_security_principals_put | false | none |
| » type | body | string | false | type of the auth_security_principal |
| » name | body | string | false | name of the auth_security_principal |
| » display_name | body | string | false | display name of the auth_security_principal |
| » access_restriction | body | object,null | false | Access restriction assigned to this user |
| »» href | body | string | true* | Access restriction URI |
| » anonymous | body | object | false | none |
| » anonymous | body | object | false | none |
| » anonymous | body | object | false | none |
| » anonymous | body | object | false | none |
Enumerated Values
| Parameter | Value |
|---|---|
| » type | user |
| » type | group |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete an Auth Security Principal
Example Code
curl -X DELETE /orgs/{org_id}/auth_security_principals/{auth_security_principal_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/auth_security_principals/{auth_security_principal_id}
Exposure: Public Stable
Auditable: Yes
Delete this auth_security_principal in this org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| auth_security_principal_id | path | string | true* | UUID of the auth_security_principal |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Authentication Settings
Get Password Policy
Example Code
curl -X GET /authentication_settings/password_policy \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/authentication_settings/password_policy
Exposure: Public Stable
Auditable: No
Get password policy for local user
Example Response Body
200 Response
{
"require_type_number": true,
"require_type_lowercase": true,
"require_type_uppercase": true,
"require_type_symbol": true,
"min_characters_per_type": 0,
"min_length": 0,
"min_changed_characters": 0,
"history_count": 0,
"expire_time_days": 0,
"session_timeout_minutes": 0,
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"username": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | authentication_settings_password_policy_get |
Update Password Policy
Example Code
curl -X PUT /authentication_settings/password_policy \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/authentication_settings/password_policy
Auditable: Yes
Exposure: Public Stable
Update password policy for local user
Example Request Body
{
"require_type_number": true,
"require_type_lowercase": true,
"require_type_uppercase": true,
"require_type_symbol": true,
"min_characters_per_type": 0,
"min_length": 0,
"min_changed_characters": 0,
"history_count": 0,
"expire_time_days": 0,
"session_timeout_minutes": 0
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | authentication_settings_password_policy_put | false | none |
| » require_type_number | body | boolean | false | Flag to indicate whether password must contain numerical digit |
| » require_type_lowercase | body | boolean | false | Flag to indicate whether password must contain lowercase letter |
| » require_type_uppercase | body | boolean | false | Flag to indicate whether password must contain uppercase letter |
| » require_type_symbol | body | boolean | false | Flag to indicate whether password must contain symbol (i.e. !@#$%^&*<>?) |
| » min_characters_per_type | body | integer | false | Minimum number of characters for each character type |
| » min_length | body | integer | false | Minimum length of password |
| » min_changed_characters | body | integer | false | Minimum number of changed characters for new passwords |
| » history_count | body | integer | false | Number of old passwords to remember |
| » expire_time_days | body | integer | false | Number of days password expires; a value of 0 means it never expires |
| » session_timeout_minutes | body | integer | false | Number of minutes to timeout the user session without activity |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get Authentication Setting
Example Code
curl -X GET /authentication_settings \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/authentication_settings
Exposure: Public Stable
Auditable: No
Get authentication settings
Example Response Body
200 Response
{
"authentication_type": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | authentication_settings_get |
Update Authentication Setting
Example Code
curl -X PUT /authentication_settings \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/authentication_settings
Auditable: Yes
Exposure: Public Stable
Update authentication settings
Example Request Body
{
"authentication_type": "Local"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | authentication_settings_put | false | none |
| » authentication_type | body | string | true* | Authentication types |
Enumerated Values
| Parameter | Value |
|---|---|
| » authentication_type | Local |
| » authentication_type | RADIUS |
| » authentication_type | SAML |
| » authentication_type | LDAP |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Containers
Get Container Clusters Workload Profiles
Example Code
curl -X GET /orgs/{org_id}/container_clusters/{container_cluster_id}/container_workload_profiles \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/container_clusters/{container_cluster_id}/container_workload_profiles
Exposure: Public Experimental
Auditable: No
Get collection of container workload profiles
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| container_cluster_id | path | string | true* | Cluster UUID |
| assign_labels | query | string | false | List of lists of label URIs, encoded as a JSON string |
| enforcement_mode | query | string | false | Filter by enforcement mode. |
| linked | query | boolean | false | Filter by linked container workload profiles. |
| managed | query | boolean | false | Filter by managed state |
| max_results | query | integer | false | Maximum number of container workloads to return. |
| name | query | string | false | Name string to match.Supports partial matches. |
| namespace | query | string | false | Namespace string to match.Supports partial matches. |
| visibility_level | query | string | false | Filter by visibility level |
Enumerated Values
| Parameter | Value |
|---|---|
| enforcement_mode | visibility_only |
| enforcement_mode | full |
| enforcement_mode | idle |
| enforcement_mode | selective |
| visibility_level | flow_full_detail |
| visibility_level | flow_summary |
| visibility_level | flow_drops |
| visibility_level | flow_off |
| visibility_level | enhanced_data_collection |
Example Response Body
200 Response
{
"href": "string",
"name": null,
"namespace": null,
"description": "string",
"assign_labels": [
{
"href": "string"
}
],
"labels": [
{
"key": "string",
"assignment": {
"href": "string",
"value": "string"
}
}
],
"enforcement_mode": "idle",
"managed": true,
"linked": true,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"updated_at": "2025-04-01T00:21:27Z"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | container_clusters_container_workload_profiles_get |
Create a Container Cluster Workload Profile
Example Code
curl -X POST /orgs/{org_id}/container_clusters/{container_cluster_id}/container_workload_profiles \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/container_clusters/{container_cluster_id}/container_workload_profiles
Auditable: Yes
Exposure: Public Experimental
Create a container workload profile
Example Request Body
{
"name": null,
"description": "string",
"assign_labels": [
{
"href": "string"
}
],
"labels": [
{
"key": "string",
"assignment": {
"href": "string"
}
}
],
"enforcement_mode": "idle",
"managed": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| container_cluster_id | path | string | true* | Cluster UUID |
| body | body | container_clusters_container_workload_profiles_post | false | none |
| » name | body | string,null | true* | A friendly name given to a profile if the namespace is not user friendly |
| » description | body | string | false | Description of the profile |
| » assign_labels | body | [object] | false | Assigned labels |
| »» href | body | string | true* | Label URI |
| » labels | body | [oneOf] | false | Labels to assign to the workload that matches the namespace |
| »» anonymous | body | object | false | none |
| »»» key | body | string | true* | The label key |
| »»» assignment | body | object | true* | The label href to set |
| »»»» href | body | string | true* | Label URI |
| »»» anonymous | body | object | false | none |
| »»»» key | body | string | true* | The label key |
| »»»» restriction | body | [object] | true* | The list of allowed label hrefs |
| »»»»» href | body | string | true* | Label URI |
| »»»» enforcement_mode | body | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | Workload enforcement mode |
| »»»» managed | body | boolean | false | If the namespace is managed or not |
Enumerated Values
| Parameter | Value |
|---|---|
| »»»» enforcement_mode | idle |
| »»»» enforcement_mode | visibility_only |
| »»»» enforcement_mode | full |
| »»»» enforcement_mode | selective |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update the Container Cluster Workload Profile
Example Code
curl -X PUT /orgs/{org_id}/container_clusters/{container_cluster_id}/container_workload_profiles/{container_workload_profile_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/container_clusters/{container_cluster_id}/container_workload_profiles/{container_workload_profile_id}
Auditable: Yes
Exposure: Public Experimental
Update a container workload profile by id
Example Request Body
{
"name": null,
"description": null,
"assign_labels": [
{
"href": "string"
}
],
"labels": [
{
"key": "string",
"assignment": {
"href": "string"
}
}
],
"enforcement_mode": "idle",
"managed": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| container_cluster_id | path | string | true* | Cluster UUID |
| container_workload_profile_id | path | string | true* | Container workload profile UUID |
| body | body | container_clusters_container_workload_profiles_put | false | none |
| » name | body | string,null | false | A friendly name given to a profile if the namespace is not user friendly |
| » description | body | string,null | false | Description of the profile |
| » assign_labels | body | [object] | false | Assigned labels |
| »» href | body | string | true* | Label URI |
| » labels | body | [oneOf] | false | Labels to assign to the workload that matches the namespace |
| »» anonymous | body | object | false | none |
| »»» key | body | string | true* | The label key |
| »»» assignment | body | object | true* | The label href to set |
| »»»» href | body | string | true* | Label URI |
| »»» anonymous | body | object | false | none |
| »»»» key | body | string | true* | The label key |
| »»»» restriction | body | [object] | true* | The list of allowed label hrefs |
| »»»»» href | body | string | true* | Label URI |
| »»»» enforcement_mode | body | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | Workload enforcement mode |
| »»»» managed | body | boolean | false | If the namespace is managed or not |
Enumerated Values
| Parameter | Value |
|---|---|
| »»»» enforcement_mode | idle |
| »»»» enforcement_mode | visibility_only |
| »»»» enforcement_mode | full |
| »»»» enforcement_mode | selective |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Bulk Update Container Workload Profiles
Example Code
curl -X PUT /orgs/{org_id}/container_clusters/{container_cluster_id}/container_workload_profiles/update \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/container_clusters/{container_cluster_id}/container_workload_profiles/update
Auditable: Yes
Exposure: Public Experimental
Bulk update container workload profiles
Example Request Body
{
"container_workload_profiles": [
{
"href": "string"
}
],
"labels": [
{
"key": "string",
"assignment": {
"href": "string"
}
}
],
"enforcement_mode": "idle",
"managed": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| container_cluster_id | path | string | true* | Cluster UUID |
| body | body | container_clusters_container_workload_profiles_update_put | false | none |
| » container_workload_profiles | body | [object] | false | List of Container Workload Profile hrefs |
| »» href | body | string | true* | Container Workload Profile URI |
| » labels | body | [oneOf] | false | Labels to assign to the workload that matches the namespace |
| »» anonymous | body | object | false | none |
| »»» key | body | string | true* | The label key |
| »»» assignment | body | object | true* | The label href to set |
| »»»» href | body | string | true* | Label URI |
| »»» anonymous | body | object | false | none |
| »»»» key | body | string | true* | The label key |
| »»»» restriction | body | [object] | true* | The list of allowed label hrefs |
| »»»»» href | body | string | true* | Label URI |
| »»»» enforcement_mode | body | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | Workload enforcement mode |
| »»»» managed | body | boolean | false | If the namespace is managed or not |
Enumerated Values
| Parameter | Value |
|---|---|
| »»»» enforcement_mode | idle |
| »»»» enforcement_mode | visibility_only |
| »»»» enforcement_mode | full |
| »»»» enforcement_mode | selective |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get Container Clusters
Example Code
curl -X GET /orgs/{org_id}/container_clusters \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/container_clusters
Exposure: Public Experimental
Auditable: No
Return the set of container_clusters
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| clas_mode | query | boolean | false | CLAS Mode of container cluster(s) to return |
| max_results | query | integer | false | Maximum number of container clusters to return |
| name | query | string | false | Name of the container cluster(s) to return. Supports partial matches |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"description": "string",
"nodes": [
{
"pod_subnet": "string"
}
],
"container_runtime": "string",
"manager_type": "string",
"last_connected": "2025-04-01T00:21:27Z",
"online": true,
"errors": [
{
"audit_event": {
"href": "string"
},
"duplicate_ids": [],
"error_type": "string"
}
],
"kubelink_version": "string",
"pce_fqdn": "string",
"cluster_mode": "legacy",
"datacenter_nat_1to1": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | container_clusters_get |
Create a Container Cluster
Example Code
curl -X POST /orgs/{org_id}/container_clusters \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/container_clusters
Auditable: Yes
Exposure: Public Experimental
Create a new container cluster
Example Request Body
{
"name": "string",
"description": "string",
"datacenter_nat_1to1": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | container_clusters_post | false | none |
| » name | body | string | false | User assigned name of the cluster |
| » description | body | string | false | User assigned description of the cluster |
| » datacenter_nat_1to1 | body | boolean | false | Datacenter NAT 1to1 mode ON. Used for enforcing creation of pseudo public interfaces on nodes |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update a Container Cluster
Example Code
curl -X PUT /orgs/{org_id}/container_clusters/{container_cluster_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/container_clusters/{container_cluster_id}
Auditable: Yes
Exposure: Public Experimental
Update a cluster
Example Request Body
{
"name": "string",
"description": "string",
"datacenter_nat_1to1": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| container_cluster_id | path | string | true* | Cluster UUID |
| body | body | container_clusters_put | false | none |
| » name | body | string | false | User assigned name of the cluster |
| » description | body | string | false | User assigned description of the cluster |
| » datacenter_nat_1to1 | body | boolean | false | Datacenter NAT 1to1 mode ON. Used for enforcing creation of pseudo public interfaces on nodes |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get Container Clusters Service Backend
Example Code
curl -X GET /orgs/{org_id}/container_clusters/{container_cluster_id}/service_backends \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/container_clusters/{container_cluster_id}/service_backends
Exposure: Public Experimental
Auditable: No
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| container_cluster_id | path | string | true* | Cluster UUID |
Example Response Body
200 Response
[
{
"name": "string",
"kind": "string",
"namespace": "string",
"updated_at": "string",
"created_at": "string",
"virtual_services": {
"href": "string",
"name": "string"
}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | container_clusters_service_backends_get |
Get Container Clusters Workload Profiles
Example Code
curl -X GET /orgs/{org_id}/container_clusters/{container_cluster_id}/container_workload_profiles/{container_workload_profile_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/container_clusters/{container_cluster_id}/container_workload_profiles/{container_workload_profile_id}
Exposure: Public Experimental
Auditable: No
Get a container workload profile by id
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| container_cluster_id | path | string | true* | Cluster UUID |
| container_workload_profile_id | path | string | true* | Container workload profile UUID |
Example Response Body
200 Response
{
"href": "string",
"name": null,
"namespace": null,
"description": "string",
"assign_labels": [
{
"href": "string"
}
],
"labels": [
{
"key": "string",
"assignment": {
"href": "string",
"value": "string"
}
}
],
"enforcement_mode": "idle",
"managed": true,
"linked": true,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"updated_at": "2025-04-01T00:21:27Z"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | container_clusters_container_workload_profiles_get |
Delete Container Clusters Container Workload Profiles
Example Code
curl -X DELETE /orgs/{org_id}/container_clusters/{container_cluster_id}/container_workload_profiles/{container_workload_profile_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/container_clusters/{container_cluster_id}/container_workload_profiles/{container_workload_profile_id}
Exposure: Public Experimental
Auditable: Yes
Delete a container workload profile by id
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| container_cluster_id | path | string | true* | Cluster UUID |
| container_workload_profile_id | path | string | true* | Container workload profile UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get a Container Cluster
Example Code
curl -X GET /orgs/{org_id}/container_clusters/{container_cluster_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/container_clusters/{container_cluster_id}
Exposure: Public Experimental
Auditable: No
Return the container_cluster instance
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| container_cluster_id | path | string | true* | Cluster UUID |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"description": "string",
"nodes": [
{
"pod_subnet": "string"
}
],
"container_runtime": "string",
"manager_type": "string",
"last_connected": "2025-04-01T00:21:27Z",
"online": true,
"errors": [
{
"audit_event": {
"href": "string"
},
"duplicate_ids": [],
"error_type": "string"
}
],
"kubelink_version": "string",
"pce_fqdn": "string",
"cluster_mode": "legacy",
"datacenter_nat_1to1": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | container_clusters_get |
Delete a Container Cluster
Example Code
curl -X DELETE /orgs/{org_id}/container_clusters/{container_cluster_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/container_clusters/{container_cluster_id}
Exposure: Public Experimental
Auditable: Yes
Delete a cluster
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| container_cluster_id | path | string | true* | Cluster UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Core Service Types
Fetch all core service types for this org
Example Code
curl -X GET /orgs/{org_id}/core_service_types \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/core_service_types
Exposure: Public Experimental
Auditable: No
Fetches all core service types for this org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
{
"href": "http://example.com",
"name": "string",
"required_ports": [
{
"port": 0,
"to_port": 0
}
],
"optional_ports": [
{
"port": 0,
"to_port": 0
}
],
"labels": [
{}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"priority": 0,
"num_optional_ports_required": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | core_service_types_get |
Fetch core service type by UUID
Example Code
curl -X GET /orgs/{org_id}/core_service_types/{core_service_type_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/core_service_types/{core_service_type_id}
Exposure: Public Experimental
Auditable: No
Fetches core service type by UUID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| core_service_type_id | path | string | true* | UUID of the core service type |
Example Response Body
200 Response
{
"href": "http://example.com",
"name": "string",
"required_ports": [
{
"port": 0,
"to_port": 0
}
],
"optional_ports": [
{
"port": 0,
"to_port": 0
}
],
"labels": [
{}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"priority": 0,
"num_optional_ports_required": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | core_service_types_get |
Update core service type by UUID
Example Code
curl -X PUT /orgs/{org_id}/core_service_types/{core_service_type_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/core_service_types/{core_service_type_id}
Auditable: Yes
Exposure: Public Experimental
Example Request Body
{
"labels": [
{}
],
"required_ports": [
{
"port": 0,
"to_port": 0
}
],
"optional_ports": [
{
"port": 0,
"to_port": 0
}
],
"num_optional_ports_required": 0,
"provider": true,
"priority": 1
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| core_service_type_id | path | string | true* | UUID of the core service type |
| body | body | core_service_types_put | false | none |
| » labels | body | [oneOf] | false | Suggested labels |
| »» value | body | string | false | Label name |
| »» key | body | string | false | Label type |
| »» href | body | string(uri) | false | Label URI |
| »» anonymous | body | object | false | none |
| »» anonymous | body | object | false | none |
| » required_ports | body | [object] | false | Core Service Ports |
| »» port | body | integer | true* | Port number, or the starting port of a range. |
| »» to_port | body | integer | false | Upper end of port range; this field should not be included if specifying an individual port. |
| » optional_ports | body | [object] | false | Core Service Ports |
| » num_optional_ports_required | body | integer | false | Number of optional ports required |
| » provider | body | boolean | false | To indicate whether the provider is a core service. Default value is true which means provider is a core service |
| » priority | body | integer | false | Each IP/workload is identified for 1 core service type and they are ordered by priority |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Database Metrics for Traffic Flows
Get organization database usage metrics
Example Code
curl -X GET /orgs/{org_id}/traffic_flows/database_metrics \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/traffic_flows/database_metrics
Exposure: Public Experimental
Auditable: No
return organization database usage metrics
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
{
"flows_days": 0,
"flows_days_limit": 0,
"flows_oldest_day": "2025-04-01",
"flows_size_gb": 0,
"flows_size_gb_limit": 0,
"server": {
"num_flows_days": 0,
"num_flows_days_limit": 0,
"flows_oldest_day": "2025-04-01",
"flows_size_gb": 0,
"flows_size_gb_limit": 0,
"num_daily_tables": 0,
"num_weekly_tables": 0
},
"endpoint": {
"num_flows_days": 0,
"num_flows_days_limit": 0,
"flows_oldest_day": "2025-04-01",
"flows_size_gb": 0,
"flows_size_gb_limit": 0,
"num_daily_tables": 0,
"num_weekly_tables": 0
},
"backlog": {
"total_disk_used_gb": 0,
"total_file_count": 0
},
"updated_at": "2025-04-01T00:21:26Z"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | traffic_flows_database_metrics_get |
Datafiles
Retrieve the specified datafile from the system
Example Code
curl -X GET /orgs/{org_id}/datafiles/{uuid}
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/datafiles/{uuid}
Exposure: Public Stable
Auditable: No
Retrieve the specified datafile from the system.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| uuid | path | string | true* | uuid of file resource |
| filename | query | string | false | Filename to save as |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | None |
Detected Core Services
Fetch all detected core services for this org
Example Code
curl -X GET /orgs/{org_id}/detected_core_services \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/detected_core_services
Exposure: Public Experimental
Auditable: No
Fetches all detected core services for this org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| action | query | string | false | the action taken on the detected core services |
| core_service_type | query | string | false | get all detected core services for a particular core service type |
| max_results | query | integer | false | the maximum results to be returned |
Enumerated Values
| Parameter | Value |
|---|---|
| action | skip |
| action | reject |
| action | accept |
| action | recommended |
Example Response Body
200 Response
{
"ip_address": "string",
"workload": {
"href": "string",
"hostname": "string",
"name": "string",
"os_type": "windows",
"enforcement_mode": "idle",
"labels": [
{
"href": "string"
}
],
"managed": true
},
"href": "string",
"core_service_type": null,
"confidence": 50,
"feedback": "string",
"action": "string",
"method_name": "string",
"labels_applied": true,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"last_detected_at": "2025-04-01T00:21:27Z"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | detected_core_services_get |
Get a detected core service by UUID
Example Code
curl -X GET /orgs/{org_id}/detected_core_services/{detected_core_service_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/detected_core_services/{detected_core_service_id}
Exposure: Public Experimental
Auditable: No
Get a detected core service by UUID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| detected_core_service_id | path | string | true* | UUID of the detected core service |
Example Response Body
200 Response
{
"ip_address": "string",
"workload": {
"href": "string",
"hostname": "string",
"name": "string",
"os_type": "windows",
"enforcement_mode": "idle",
"labels": [
{
"href": "string"
}
],
"managed": true
},
"href": "string",
"core_service_type": null,
"confidence": 50,
"feedback": "string",
"action": "string",
"method_name": "string",
"labels_applied": true,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"last_detected_at": "2025-04-01T00:21:27Z"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | detected_core_services_get |
Update a detected core service by UUID
Example Code
curl -X PUT /orgs/{org_id}/detected_core_services/{detected_core_service_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/detected_core_services/{detected_core_service_id}
Auditable: Yes
Exposure: Public Experimental
Example Request Body
{
"action": "accept",
"feedback": "string",
"labels_applied": true,
"workload": {
"href": "http://example.com"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| detected_core_service_id | path | string | true* | UUID of the detected core service |
| body | body | detected_core_services_put | false | none |
| » action | body | string | false | Accept, skip or reject the core service detection |
| » feedback | body | string | false | Feedback from user about the detected core service |
| » labels_applied | body | boolean | false | Indicates if the end user applied the suggested labels for this detected core service |
| » workload | body | object | false | none |
| »» href | body | string(uri) | true* | The workload URI to be associated with this core service recommendation |
Enumerated Values
| Parameter | Value |
|---|---|
| » action | accept |
| » action | skip |
| » action | reject |
| » action | recommended |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get detected core service summary details
Example Code
curl -X GET /orgs/{org_id}/detected_core_services_summary \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/detected_core_services_summary
Exposure: Public Experimental
Auditable: No
Get detected core service summary details
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
[
{
"href": "http://example.com",
"core_service_type": null,
"recommended": 0,
"accepted": 0,
"rejected": 0
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | detected_core_services_summary_get |
Discovered Virtual Servers
Get Discovered Virtual Servers Info
Example Code
curl -X GET /orgs/{org_id}/discovered_virtual_servers \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/discovered_virtual_servers
Exposure: Public Experimental
Auditable: No
Get the discovered virtual servers
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| active_pce_fqdn | query | string | false | FQDN of the PCE |
| has_virtual_server | query | boolean | false | Filter discovered virtual server(s) by whether they are managed by a virtual server object |
| max_results | query | integer | false | Maximum number of discovered virtual servers to return |
| name | query | string | false | Name of discovered virtual server(s) to return. Supports partial matches |
| network_enforcement_node.hostname | query | string | false | Hostname of NEN object to filter discovered virtual server(s) |
| slb | query | string | false | URI of SLB object to filter discovered virtual server(s) |
| vip | query | string | false | Frontend (VIP) address of the discovered virtual server(s). Supports suffix-wildcard matches |
| vip_port | query | integer | false | Port of frontend VIP of the discovered virtual server(s) |
| vip_proto | query | integer | false | Protocol of frontend VIP of the discovered virtual server(s) |
| virtual_server | query | string | false | URI of virtual server to filter discovered virtual server(s) |
| virtual_server_labels | query | string | false | 2D array of label URIs, encoded as a JSON string. Filter by virtual server labels. Requires usage of has_virtual_server: true |
| virtual_server_mode | query | string | false | Filter discovered virtual server(s) by virtual server mode. Requires usage of has_virtual_server: true |
Enumerated Values
| Parameter | Value |
|---|---|
| virtual_server_mode | unmanaged |
| virtual_server_mode | enforced |
Example Response Body
200 Response
{
"href": "string",
"dvs_identifier": "string",
"name": "string",
"vip_port": {
"vip": "192.168.0.1",
"protocol": 0,
"port": "string"
},
"local_ips": [
"192.168.0.1"
],
"mode": "string",
"slb": {
"href": "string"
},
"snat_type": "string",
"snat_pool_ips": [
"192.168.0.1"
],
"service_checks": [
{
"protocol": 0,
"port": 0
}
],
"nfc": {
"href": "string"
},
"network_enforcement_node": {
"href": "string"
},
"virtual_server": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | discovered_virtual_servers_get |
Get the Specified Discovered Virtual Servers Info
Example Code
curl -X GET /orgs/{org_id}/discovered_virtual_servers/{discovered_virtual_server_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/discovered_virtual_servers/{discovered_virtual_server_id}
Exposure: Public Experimental
Auditable: No
Get the discovered virtual servers
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| discovered_virtual_server_id | path | string | true* | Discovered virtual servers UUID |
Example Response Body
200 Response
{
"href": "string",
"dvs_identifier": "string",
"name": "string",
"vip_port": {
"vip": "192.168.0.1",
"protocol": 0,
"port": "string"
},
"local_ips": [
"192.168.0.1"
],
"mode": "string",
"slb": {
"href": "string"
},
"snat_type": "string",
"snat_pool_ips": [
"192.168.0.1"
],
"service_checks": [
{
"protocol": 0,
"port": 0
}
],
"nfc": {
"href": "string"
},
"network_enforcement_node": {
"href": "string"
},
"virtual_server": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | discovered_virtual_servers_get |
Check the status of the submitted virtual server discovery job
Example Code
curl -X GET /orgs/{org_id}/network_enforcement_nodes/virtual_server_discovery_jobs/{job_uuid} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/network_enforcement_nodes/virtual_server_discovery_jobs/{job_uuid}
Exposure: Public Experimental
Auditable: No
get a virtual server discovery request
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| job_uuid | path | string | true* | uuid of virtual server discovery job |
Example Response Body
200 Response
{
"href": "string",
"status": "string",
"created_at": "2025-04-01T00:21:26Z",
"completed_at": "2025-04-01T00:21:26Z",
"created_by": {
"href": "string"
},
"connection_state": "string",
"virtual_server_infos": [
{
"ip_address": "string",
"port": 0,
"discovered_virtual_server": {
"href": "string"
}
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | network_enforcement_nodes_virtual_server_discovery_jobs_get |
Events
Get a list of the various organizational events
Example Code
curl -X GET /orgs/{org_id}/events \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/events
Exposure: Public Stable
Auditable: No
Get a list of the various organizational events.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| created_by | query | string | false | User, agent, or system that created the event |
| event_type | query | string | false | Type of event |
| max_results | query | integer | false | Maximum number of results to return |
| severity | query | string | false | Severity of event |
| status | query | string | false | Status of event |
| timestamp[gte] | query | string | false | Earliest event date to return (RFC 3339 format) |
| timestamp[lte] | query | string | false | Latest event date to return (RFC 3339 format) |
Enumerated Values
| Parameter | Value |
|---|---|
| severity | emerg |
| severity | alert |
| severity | crit |
| severity | warning |
| severity | err |
| severity | notice |
| severity | info |
| severity | debug |
| status | success |
| status | failure |
| status | nil |
| timestamp[gte] | success |
| timestamp[gte] | failure |
| timestamp[gte] | nil |
| timestamp[lte] | success |
| timestamp[lte] | failure |
| timestamp[lte] | nil |
Example Response Body
200 Response
{
"href": "string",
"org_id": 0,
"version": "string",
"event_id": "string",
"event_type": "string",
"status": "string",
"severity": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": {},
"action": null,
"resource_changes": [
{
"href": "string",
"version": "string",
"org_id": 0,
"uuid": "string",
"event": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": null,
"resource": null,
"changes": {},
"change_type": "string"
}
],
"notifications": [
{
"href": "string",
"event": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": null,
"notification_type": "string",
"severity": "err",
"info": null
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | events_get |
Get an Event
Example Code
curl -X GET /orgs/{org_id}/events/{composite_log_event_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/events/{composite_log_event_id}
Exposure: Public Stable
Auditable: No
Get an organizational event by id
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| composite_log_event_id | path | string | true* | UUID of event to return |
Example Response Body
200 Response
{
"href": "string",
"org_id": 0,
"version": "string",
"event_id": "string",
"event_type": "string",
"status": "string",
"severity": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": {},
"action": null,
"resource_changes": [
{
"href": "string",
"version": "string",
"org_id": 0,
"uuid": "string",
"event": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": null,
"resource": null,
"changes": {},
"change_type": "string"
}
],
"notifications": [
{
"href": "string",
"event": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": null,
"notification_type": "string",
"severity": "err",
"info": null
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | events_get |
Firewall Settings
Get Firewall Policies
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/firewall_settings \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/firewall_settings
Exposure: Public Stable
Auditable: No
Get the firewall settings object
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
Example Response Body
200 Response
{
"static_policy_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"ike_authentication_type": "string",
"firewall_coexistence": null,
"allow_captive_portal_outbound": true,
"containers_inherit_host_policy_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"blocked_connection_reject_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"loopback_interfaces_in_policy_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"ip_forwarding_enabled_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"rule_hit_count_enabled_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": {
"href": "string"
},
"update_type": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_firewall_settings_get |
Update Firewall Policies
Example Code
curl -X PUT /orgs/{org_id}/sec_policy/{pversion}/firewall_settings \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/sec_policy/{pversion}/firewall_settings
Auditable: Yes
Exposure: Public Stable
Modify firewall settings object
Example Request Body
{
"update_type": "create",
"static_policy_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"ike_authentication_type": "psk",
"firewall_coexistence": null,
"allow_captive_portal_outbound": true,
"containers_inherit_host_policy_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"blocked_connection_reject_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"loopback_interfaces_in_policy_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"ip_forwarding_enabled_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"rule_hit_count_enabled_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| body | body | sec_policy_firewall_settings_put | false | none |
| » update_type | body | string | false | Type of update |
| » static_policy_scopes | body | [sec_policy_firewall_settings_put/properties/blocked_connection_reject_scopes/items] | false | Rule set scopes |
| »» exclusion | body | boolean | false | Boolean to specify whether or not the scope is an exclusion |
| »» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»» href | body | string | true* | none |
| »» label_group | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| » ike_authentication_type | body | string | false | IKE authentication type to use for IPsec (SecureConnect and Machine Authentication) |
| » firewall_coexistence | body | array,null | false | none |
| »» scope | body | [object] | true* | Assigned labels |
| »»» href | body | string | true* | Label URI |
| »» workload_mode | body | string | false | Additional match criteria to select workload(s) |
| »» illumio_primary | body | boolean | true* | Configure Illumio to be the primary firewall |
| » allow_captive_portal_outbound | body | boolean | false | Defines whether or not to open the endpoint firewall to all outbound traffic when a captive portal scenario is discovered by the VEN |
| » containers_inherit_host_policy_scopes | body | [sec_policy_firewall_settings_put/properties/blocked_connection_reject_scopes/items] | false | Rule set scopes |
| » blocked_connection_reject_scopes | body | [sec_policy_firewall_settings_put/properties/blocked_connection_reject_scopes/items] | false | Scopes whose blocked connection action will be reject |
| » loopback_interfaces_in_policy_scopes | body | [sec_policy_firewall_settings_put/properties/blocked_connection_reject_scopes/items] | false | Workloads that match the scope will apply policy on loopback interfaces and the loopback interface's IPs will be distributed to peers. |
| » ip_forwarding_enabled_scopes | body | [sec_policy_firewall_settings_put/properties/blocked_connection_reject_scopes/items] | false | Rule set scopes |
| » rule_hit_count_enabled_scopes | body | [sec_policy_firewall_settings_put/properties/blocked_connection_reject_scopes/items] | false | Rule set scopes |
Enumerated Values
| Parameter | Value |
|---|---|
| » update_type | create |
| » update_type | update |
| » update_type | delete |
| » ike_authentication_type | psk |
| » ike_authentication_type | certificate |
| »» workload_mode | enforced |
| »» workload_mode | illuminated |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Health
Get Health
Example Code
curl -X GET /health \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/health
Exposure: Public Stable
Auditable: No
Get the PCE Health
Example Response Body
200 Response
[
{
"status": "normal",
"type": "string",
"fqdn": "string",
"available_seconds": 0,
"notifications": [
{
"status": "normal",
"token": "string",
"message": "string"
}
],
"listen_only_mode_enabled_at": null,
"nodes": [
{
"hostname": null,
"ip_address": null,
"runlevel": null,
"uptime_seconds": null,
"cpu": {
"status": "normal",
"percent": 0
},
"disk": [
{
"location": "string",
"value": {
"status": "normal",
"percent": 0
}
}
],
"memory": {
"status": "normal",
"percent": 0
},
"metrics": [
{
"metric": "string",
"entries": [
{
"values": [
{
"status": "normal",
"name": "string",
"value": 0,
"unit": "millisecond",
"frequency": "second",
"display": "enclosed"
}
]
}
],
"last_updated_at": "2025-04-01T00:21:27Z",
"display": "table"
}
],
"services": {
"status": "string",
"running": [
"string"
],
"not_running": [
"string"
],
"partial": [
"string"
],
"optional": [
"string"
],
"unknown": [
"string"
]
},
"generated_at": null
}
],
"network": {
"replication": [
{
"type": "string",
"details": {
"database_name": "string",
"primary_fqdn": "string",
"replica_fqdn": "string"
},
"value": {
"status": "string",
"lag_seconds": 0
}
}
]
},
"groups": [
{
"group": "string",
"status": "normal",
"components": [
{
"section": "string",
"contents": [
{
"metric": "string",
"entries": [
{
"values": []
}
],
"last_updated_at": "2025-04-01T00:21:27Z",
"display": "table"
}
]
}
]
}
],
"generated_at": null
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | health_get |
IP Lists
Get IP Lists
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/ip_lists \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/ip_lists
Exposure: Public Stable
Auditable: No
Get the collection of IP lists
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| description | query | string | false | Description of IP list(s) to return. Supports partial matches |
| external_data_reference | query | string | false | A unique identifier within the external data source |
| external_data_set | query | string | false | The data source from which a resource originates |
| fqdn | query | string | false | IP lists matching FQDN. Supports partial matches |
| ip_address | query | string | false | IP address matching IP list(s) to return. Supports partial matches |
| max_results | query | integer | false | Maximum number of IP Lists to return. |
| name | query | string | false | Name of IP list(s) to return. Supports partial matches |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ip_ranges": [
{
"description": "string",
"from_ip": "string",
"to_ip": "string",
"exclusion": true
}
],
"fqdns": [
{
"fqdn": "string",
"description": "string"
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_ip_lists_get |
Get an IP List
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/ip_lists/{ip_list_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/ip_lists/{ip_list_id}
Exposure: Public Stable
Auditable: No
Get IP list by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| ip_list_id | path | string | true* | IP list ID |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ip_ranges": [
{
"description": "string",
"from_ip": "string",
"to_ip": "string",
"exclusion": true
}
],
"fqdns": [
{
"fqdn": "string",
"description": "string"
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_ip_lists_get |
Create an IP List
Example Code
curl -X POST /orgs/{org_id}/sec_policy/{pversion}/ip_lists \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/sec_policy/{pversion}/ip_lists
Auditable: Yes
Exposure: Public Stable
Create new IP List
Example Request Body
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ip_ranges": [
{
"description": "string",
"from_ip": "string",
"to_ip": "string",
"exclusion": true
}
],
"fqdns": [
{
"fqdn": "string",
"description": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| body | body | sec_policy_ip_lists_post | false | none |
| » name | body | string | true* | Name (must be unique) |
| » description | body | string | false | Description |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
| » ip_ranges | body | [object] | false | IP addresses or ranges |
| »» description | body | string | false | Description |
| »» from_ip | body | string | true* | IP address or a low end of IP range. Might be specified with CIDR notation |
| »» to_ip | body | string | false | High end of an IP range |
| »» exclusion | body | boolean | false | Whether this IP address is an exclusion. Exclusions must be a strict subset of inclusive IP addresses. |
| » fqdns | body | [object] | false | Collection of FQDN |
| »» fqdn | body | string | true* | none |
| »» description | body | string | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update an IP List
Example Code
curl -X PUT /orgs/{org_id}/sec_policy/{pversion}/ip_lists/{ip_list_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/sec_policy/{pversion}/ip_lists/{ip_list_id}
Auditable: Yes
Exposure: Public Stable
Modify IP list
Example Request Body
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ip_ranges": [
{
"description": "string",
"from_ip": "string",
"to_ip": "string",
"exclusion": true
}
],
"fqdns": [
{
"fqdn": "string",
"description": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| ip_list_id | path | string | true* | IP list ID |
| body | body | sec_policy_ip_lists_put | false | none |
| » name | body | string | false | Name (must be unique) |
| » description | body | string | false | Description |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
| » ip_ranges | body | [object] | false | IP addresses or ranges |
| »» description | body | string | false | Description |
| »» from_ip | body | string | true* | IP address or a low end of IP range. Might be specified with CIDR notation |
| »» to_ip | body | string | false | High end of an IP range |
| »» exclusion | body | boolean | false | Whether this IP address is an exclusion. Exclusions must be a strict subset of inclusive IP addresses. |
| » fqdns | body | [object] | false | Collection of FQDN |
| »» fqdn | body | string | true* | none |
| »» description | body | string | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete an IP List
Example Code
curl -X DELETE /orgs/{org_id}/sec_policy/{pversion}/ip_lists/{ip_list_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/sec_policy/{pversion}/ip_lists/{ip_list_id}
Exposure: Public Stable
Auditable: Yes
Delete IP list
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| ip_list_id | path | string | true* | IP list ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Jobs
Get Jobs
Example Code
curl -X GET /orgs/{org_id}/jobs \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/jobs
Exposure: Public Stable
Auditable: No
Gets the job list.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| job_type | query | string | false | The job-type value to use for filtering the results. |
| max_results | query | integer | false | Maximum number of jobs to return. |
Example Response Body
200 Response
{
"href": "string",
"job_type": "string",
"description": null,
"status": "string",
"requested_at": "2025-04-01T00:21:27Z",
"requested_by": {
"href": "string"
},
"terminated_at": "2025-04-01T00:21:27Z",
"result": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | jobs_get |
Get a Job
Example Code
curl -X GET /orgs/{org_id}/jobs/{job_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/jobs/{job_id}
Exposure: Public Stable
Auditable: No
Gets information about the specified job.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| job_id | path | string | true* | ID of a job. |
Example Response Body
200 Response
{
"href": "string",
"job_type": "string",
"description": null,
"status": "string",
"requested_at": "2025-04-01T00:21:27Z",
"requested_by": {
"href": "string"
},
"terminated_at": "2025-04-01T00:21:27Z",
"result": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | jobs_get |
Delete a Job
Example Code
curl -X DELETE /orgs/{org_id}/jobs/{job_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/jobs/{job_id}
Exposure: Public Stable
Auditable: Yes
Deletes the specified job record
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| job_id | path | string | true* | ID of a job. |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Kubernetes
Get all kubernetes workloads
Example Code
curl -X GET /orgs/{org_id}/kubernetes_workloads \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/kubernetes_workloads
Exposure: Public Experimental
Auditable: No
Get all kubernetes workloads
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| container_clusters | query | string | false | List of container cluster URIs, encoded as a JSON string |
| enforcement_mode | query | string | false | Enforcement mode of kubernetes workload(s) to return |
| kind | query | string | false | k8s resource kind (Deployment, ReplicaSet, etc.) |
| labels | query | string | false | List of label URIs to include, encoded as a JSON string |
| max_results | query | integer | false | Maximum number of kubernetes workloads to return |
| name | query | string | false | Name of kubernetes workload(s) to return. Supports partial matches |
| namespace | query | string | false | Namespace of kubernetes workload(s) to return. Supports partial matches |
| no_labels | query | string | false | List of label URIs to NOT include, encoded as a JSON string |
| security_policy_applied_at[gte] | query | string | false | Greater than or equal to value for security policy applied at timestamp |
| security_policy_applied_at[lte] | query | string | false | Less than or equal to value for security policy applied at timestamp |
| security_policy_sync_state | query | string | false | Search option based on policy sync state |
| visibility_level | query | string | false | Filter by visibility level |
Enumerated Values
| Parameter | Value |
|---|---|
| enforcement_mode | visibility_only |
| enforcement_mode | full |
| enforcement_mode | idle |
| enforcement_mode | selective |
| security_policy_applied_at[gte] | syncing |
| security_policy_applied_at[gte] | applied |
| security_policy_applied_at[lte] | syncing |
| security_policy_applied_at[lte] | applied |
| security_policy_sync_state | syncing |
| security_policy_sync_state | applied |
| visibility_level | flow_full_detail |
| visibility_level | flow_summary |
| visibility_level | flow_drops |
| visibility_level | flow_off |
| visibility_level | enhanced_data_collection |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"namespace": "string",
"kind": "string",
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"enforcement_mode": "idle",
"visibility_level": "flow_summary",
"container_workload_profile": {
"href": "string",
"name": null,
"namespace": null,
"description": "string",
"assign_labels": [
{
"href": "string"
}
],
"labels": [
{
"key": "string",
"assignment": {
"href": "string",
"value": "string"
}
}
],
"enforcement_mode": "idle",
"managed": true,
"linked": true,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"updated_at": "2025-04-01T00:21:27Z"
},
"container_cluster": {
"href": "string",
"name": "string",
"description": "string",
"nodes": [
{
"pod_subnet": "string"
}
],
"container_runtime": "string",
"manager_type": "string",
"last_connected": "2025-04-01T00:21:27Z",
"online": true,
"errors": [
{
"audit_event": {
"href": "string"
},
"duplicate_ids": [],
"error_type": "string"
}
],
"kubelink_version": "string",
"pce_fqdn": "string",
"cluster_mode": "legacy",
"datacenter_nat_1to1": true
},
"security_policy_applied_at": null,
"security_policy_sync_state": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"metadata": {
"labels": {},
"annotations": {},
"external_service_uid": "string"
},
"private_ip_addresses": [
"2001:0db8:85a3:0000:0000:8a2e:0370:7334"
],
"container_cluster_service": {}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | kubernetes_workloads_get |
Get the info for one kubernetes workload
Example Code
curl -X GET /orgs/{org_id}/kubernetes_workloads/{kubernetes_workload_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/kubernetes_workloads/{kubernetes_workload_id}
Exposure: Public Experimental
Auditable: No
Get the info for one kubernetes workload
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| kubernetes_workload_id | path | string | true* | KubernetesWorkload uuid |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"namespace": "string",
"kind": "string",
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"enforcement_mode": "idle",
"visibility_level": "flow_summary",
"container_workload_profile": {
"href": "string",
"name": null,
"namespace": null,
"description": "string",
"assign_labels": [
{
"href": "string"
}
],
"labels": [
{
"key": "string",
"assignment": {
"href": "string",
"value": "string"
}
}
],
"enforcement_mode": "idle",
"managed": true,
"linked": true,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"updated_at": "2025-04-01T00:21:27Z"
},
"container_cluster": {
"href": "string",
"name": "string",
"description": "string",
"nodes": [
{
"pod_subnet": "string"
}
],
"container_runtime": "string",
"manager_type": "string",
"last_connected": "2025-04-01T00:21:27Z",
"online": true,
"errors": [
{
"audit_event": {
"href": "string"
},
"duplicate_ids": [],
"error_type": "string"
}
],
"kubelink_version": "string",
"pce_fqdn": "string",
"cluster_mode": "legacy",
"datacenter_nat_1to1": true
},
"security_policy_applied_at": null,
"security_policy_sync_state": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"metadata": {
"labels": {},
"annotations": {},
"external_service_uid": "string"
},
"private_ip_addresses": [
"2001:0db8:85a3:0000:0000:8a2e:0370:7334"
],
"container_cluster_service": {}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | kubernetes_workloads_get |
Labels
Return the set of labels used for categorization
Example Code
curl -X GET /orgs/{org_id}/labels \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/labels
Exposure: Public Stable
Auditable: No
Return the set of labels used for categorization.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| external_data_reference | query | string | false | A unique identifier within the external data source |
| external_data_set | query | string | false | The data source from which a resource originates |
| include_deleted | query | boolean | false | Include deleted labels |
| key | query | string | false | Key by which to filter |
| max_results | query | integer | false | Maximum number of Labels to return. |
| usage | query | boolean | false | Include label usage flags as well |
| value | query | string | false | Value on which to filter. Supports partial matches |
Example Response Body
200 Response
{
"href": "string",
"deleted": true,
"key": "string",
"value": "string",
"external_data_set": null,
"external_data_reference": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | labels_get |
Get a Label
Example Code
curl -X GET /orgs/{org_id}/labels/{label_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/labels/{label_id}
Exposure: Public Stable
Auditable: No
Get label by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| label_id | path | integer | true* | Label ID |
| usage | query | boolean | false | Include label usage flags as well |
Example Response Body
200 Response
{
"href": "string",
"deleted": true,
"key": "string",
"value": "string",
"external_data_set": null,
"external_data_reference": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | labels_get |
Create a label to categorize workloads
Example Code
curl -X POST /orgs/{org_id}/labels \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/labels
Auditable: Yes
Exposure: Public Stable
Create a label to categorize workloads.
Example Request Body
{
"key": "string",
"value": "string",
"external_data_set": null,
"external_data_reference": null
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | labels_post | false | none |
| » key | body | string | true* | Key in key-value pair |
| » value | body | string | true* | Value in key-value pair |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update a Label
Example Code
curl -X PUT /orgs/{org_id}/labels/{label_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/labels/{label_id}
Auditable: Yes
Exposure: Public Stable
Modify a label by ID
Example Request Body
{
"value": "string",
"external_data_set": null,
"external_data_reference": null
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| label_id | path | integer | true* | Label ID |
| body | body | labels_put | false | none |
| » value | body | string | false | Value in key-value pair |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Label
Example Code
curl -X DELETE /orgs/{org_id}/labels/{label_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/labels/{label_id}
Exposure: Public Stable
Auditable: Yes
Delete a label by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| label_id | path | integer | true* | Label ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Label Groups
Get Label Groups
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/label_groups \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/label_groups
Exposure: Public Stable
Auditable: No
Get the label groups
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| description | query | string | false | Description of Label Group(s) to return. Supports partial matches |
| external_data_reference | query | string | false | A unique identifier within the external data source |
| external_data_set | query | string | false | The data source from which a resource originates |
| key | query | string | false | Key by which to filter |
| max_results | query | integer | false | Maximum number of Labels to return. |
| name | query | string | false | Name of Label Group(s) to return. Supports partial matches |
| usage | query | boolean | false | Include label usage flags as well |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"description": null,
"key": "string",
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"sub_groups": [
{
"href": "string",
"name": "string"
}
],
"usage": {
"label_group": true,
"ruleset": true,
"rule": true,
"static_policy_scopes": true,
"containers_inherit_host_policy_scopes": true,
"blocked_connection_reject_scopes": true,
"enforcement_boundary": true,
"loopback_interfaces_in_policy_scopes": true,
"ip_forwarding_enabled_scopes": true,
"rule_hit_count_enabled_scopes": true,
"protection_schema": true
},
"external_data_set": null,
"external_data_reference": null,
"update_type": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_label_groups_get |
Get a Label Group
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/label_groups/{label_group_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/label_groups/{label_group_id}
Exposure: Public Stable
Auditable: No
Get label group
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| label_group_id | path | string | true* | Label Group UUID |
| usage | query | boolean | false | Include label usage flags as well |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"description": null,
"key": "string",
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"sub_groups": [
{
"href": "string",
"name": "string"
}
],
"usage": {
"label_group": true,
"ruleset": true,
"rule": true,
"static_policy_scopes": true,
"containers_inherit_host_policy_scopes": true,
"blocked_connection_reject_scopes": true,
"enforcement_boundary": true,
"loopback_interfaces_in_policy_scopes": true,
"ip_forwarding_enabled_scopes": true,
"rule_hit_count_enabled_scopes": true,
"protection_schema": true
},
"external_data_set": null,
"external_data_reference": null,
"update_type": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_label_groups_get |
Is Group Member of Other Groups?
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/label_groups/{label_group_id}/member_of \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/label_groups/{label_group_id}/member_of
Exposure: Public Experimental
Auditable: No
Get the parents of this label group
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| label_group_id | path | string | true* | Label Group UUID |
Example Response Body
200 Response
[
{
"href": "string",
"name": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_label_groups_member_of_get |
Create a new Label Group
Example Code
curl -X POST /orgs/{org_id}/sec_policy/{pversion}/label_groups \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/sec_policy/{pversion}/label_groups
Auditable: Yes
Exposure: Public Stable
Create a new label group.
Example Request Body
{
"name": "string",
"description": null,
"key": "string",
"labels": [
{
"href": "string"
}
],
"sub_groups": [
{
"href": "string"
}
],
"external_data_set": null,
"external_data_reference": null
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| body | body | sec_policy_label_groups_post | false | none |
| » name | body | string | true* | Name of the label group |
| » description | body | string,null | false | The long description of the label group |
| » key | body | string | true* | Key in key-value pair of contained labels or label groups |
| » labels | body | [sec_policy_virtual_servers_get/properties/created_by] | false | Contained labels |
| »» href | body | string | true* | none |
| » sub_groups | body | [sec_policy_virtual_servers_get/properties/created_by] | false | Contained label groups |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update a Label Group
Example Code
curl -X PUT /orgs/{org_id}/sec_policy/{pversion}/label_groups/{label_group_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/sec_policy/{pversion}/label_groups/{label_group_id}
Auditable: Yes
Exposure: Public Stable
Update the label group
Example Request Body
{
"name": "string",
"description": null,
"labels": [
{
"href": "string"
}
],
"sub_groups": [
{
"href": "string"
}
],
"external_data_set": null,
"external_data_reference": null
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| label_group_id | path | string | true* | Label Group UUID |
| body | body | sec_policy_label_groups_put | false | none |
| » name | body | string | false | Name of the label group |
| » description | body | string,null | false | The long description of the label group |
| » labels | body | [sec_policy_virtual_servers_get/properties/created_by] | false | Contained labels |
| »» href | body | string | true* | none |
| » sub_groups | body | [sec_policy_virtual_servers_get/properties/created_by] | false | Contained label groups |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Label Group
Example Code
curl -X DELETE /orgs/{org_id}/sec_policy/{pversion}/label_groups/{label_group_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/sec_policy/{pversion}/label_groups/{label_group_id}
Exposure: Public Stable
Auditable: Yes
Delete label group
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| label_group_id | path | string | true* | Label Group UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get all labels in this label group
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/label_groups/{label_group_id}/all_labels \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/label_groups/{label_group_id}/all_labels
Exposure: Public Experimental
Auditable: No
Get all labels in this label group, including it's and sub-groups
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| label_group_id | path | string | true* | Label Group UUID |
Example Response Body
200 Response
[
{
"href": "string",
"key": "string",
"value": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | labels_summary |
Label Mapping Rules
Return the collection of label mapping rules
Example Code
curl -X GET /orgs/{org_id}/label_mapping_rules \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/label_mapping_rules
Exposure: Public Experimental
Auditable: No
Return the collection of label mapping rules
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| max_results | query | integer | false | Maximum number of label mapping rules to return. |
Example Response Body
200 Response
{
"href": "string",
"enabled": true,
"expression": {
"property": "hostname",
"operator": "starts_with",
"values": [
"string"
]
},
"label_assignments": [
{
"label": {
"key": "string",
"value": "string"
}
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": null,
"updated_by": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | label_mapping_rules_get |
Create a new label mapping rule
Example Code
curl -X POST /orgs/{org_id}/label_mapping_rules \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/label_mapping_rules
Auditable: Yes
Exposure: Public Experimental
Create a new label mapping rule
Example Request Body
{
"expression": {
"property": "hostname",
"operator": "starts_with",
"values": [
"string"
]
},
"label_assignments": [
{
"label": {
"key": "string",
"value": "string"
}
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | label_mapping_rules_post | false | none |
| » expression | body | label_mapping_rules_get/properties/expression | true* | none |
| »» anonymous | body | object | false | none |
| »»» property | body | string | true* | The workload property to compare. (hostname, ip_address etc.) |
| »»» operator | body | string | true* | operator for the condition (starts_with, contains, equals, ends_with, is_in) |
| »»» values | body | [anyOf] | true* | Value to use in comparison |
| »»»» anonymous | body | string | false | none |
| »»»» anonymous | body | object | false | none |
| »»»»» port | body | integer | false | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't include this. |
| »»»»» proto | body | integer | false | protocol number |
| »»»» anonymous | body | object | false | none |
| »»»»» logical_operator | body | string | true* | logical operator for the child expressions |
| »»»»» child_expressions | body | [anyOf] | true* | none |
| »»»»»» anonymous | body | object | false | none |
| »»»»»»» property | body | string | true* | The workload property to compare. (hostname, ip_address etc.) |
| »»»»»»» operator | body | string | true* | operator for the condition (starts_with, contains, equals, ends_with, is_in) |
| »»»»»»» values | body | [anyOf] | true* | Value to use in comparison |
| »»»»»»»» anonymous | body | string | false | none |
| »»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»» port | body | integer | false | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't include this. |
| »»»»»»»»» proto | body | integer | false | protocol number |
| »»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»» logical_operator | body | string | true* | logical operator for the child expressions |
| »»»»»»»»» child_expressions | body | [anyOf] | true* | none |
| »»»»»»»» label_assignments | body | [anyOf] | true* | List of label assignments for a rule |
| »»»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»»» label | body | object | true* | none |
| »»»»»»»»»»» key | body | string | false | none |
| »»»»»»»»»»» value | body | string | false | none |
| »»»»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»»»» label | body | object | true* | none |
| »»»»»»»»»»»» href | body | string | false | HREF of the pre-existing label |
Enumerated Values
| Parameter | Value |
|---|---|
| »»» property | hostname |
| »»» property | ip_address |
| »»» property | os |
| »»» property | process |
| »»» property | port |
| »»» operator | starts_with |
| »»» operator | ends_with |
| »»» operator | contains |
| »»» operator | equals |
| »»» operator | is_in |
| »»»»» logical_operator | and |
| »»»»» logical_operator | or |
| »»»»» logical_operator | not |
| »»»»»»» property | hostname |
| »»»»»»» property | ip_address |
| »»»»»»» property | os |
| »»»»»»» property | process |
| »»»»»»» property | port |
| »»»»»»» operator | starts_with |
| »»»»»»» operator | ends_with |
| »»»»»»» operator | contains |
| »»»»»»» operator | equals |
| »»»»»»» operator | is_in |
| »»»»»»»»» logical_operator | and |
| »»»»»»»»» logical_operator | or |
| »»»»»»»»» logical_operator | not |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Delete multiple label mapping rules
Example Code
curl -X PUT /orgs/{org_id}/label_mapping_rules/delete \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/label_mapping_rules/delete
Auditable: Yes
Exposure: Public Experimental
Delete multiple label mapping rules
Example Request Body
{
"rules": [
{
"href": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | label_mapping_rules_delete_put | false | none |
| » rules | body | [object] | true* | Rules to delete |
| »» href | body | string | true* | URI of label mapping rule to delete |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Update multiple label mapping rules
Example Code
curl -X PUT /orgs/{org_id}/label_mapping_rules/update \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/label_mapping_rules/update
Auditable: Yes
Exposure: Public Experimental
Update multiple label mapping rules
Example Request Body
[
{
"href": "string",
"enabled": true,
"expression": {
"property": "hostname",
"operator": "starts_with",
"values": [
"string"
]
},
"label_assignments": [
{
"label": {
"key": "string",
"value": "string"
}
}
]
}
]
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | label_mapping_rules_update_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Reorder a label mapping rule
Example Code
curl -X PUT /orgs/{org_id}/label_mapping_rules/{label_mapping_rule_id}/reorder \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/label_mapping_rules/{label_mapping_rule_id}/reorder
Auditable: Yes
Exposure: Public Experimental
Reorder a label mapping rule
Example Request Body
{
"position": 0
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| label_mapping_rule_id | path | string | true* | Label Mapping Rule UUID |
| body | body | label_mapping_rules_reorder_put | false | none |
| » position | body | integer | true* | Index of the new position for this rule |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get a label mapping rule
Example Code
curl -X GET /orgs/{org_id}/label_mapping_rules/{label_mapping_rule_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/label_mapping_rules/{label_mapping_rule_id}
Exposure: Public Experimental
Auditable: No
Get a label mapping rule
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| label_mapping_rule_id | path | string | true* | Label Mapping Rule UUID |
Example Response Body
200 Response
{
"href": "string",
"enabled": true,
"expression": {
"property": "hostname",
"operator": "starts_with",
"values": [
"string"
]
},
"label_assignments": [
{
"label": {
"key": "string",
"value": "string"
}
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": null,
"updated_by": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | label_mapping_rules_get |
Run rules on workloads
Example Code
curl -X POST /orgs/{org_id}/label_mapping_rules/run \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/label_mapping_rules/run
Auditable: Yes
Exposure: Public Experimental
Run rules on workloads
Example Request Body
{
"workloads": [
{
"href": "string"
}
],
"rules": [
{
"href": "string"
}
],
"assign_labels": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | label_mapping_rules_run_post | false | none |
| » workloads | body | [sec_policy_virtual_servers_get/properties/created_by] | false | HREFs of the workloads to which the rules need to be applied |
| »» href | body | string | true* | none |
| » rules | body | [sec_policy_virtual_servers_get/properties/created_by] | false | HREFs of the label_mapping_rules which need to be applied |
| » assign_labels | body | boolean | false | Determines whether the labels should be assigned automatically as a part of the run |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Modify a label mapping rule
Example Code
curl -X PUT /orgs/{org_id}/label_mapping_rules/{label_mapping_rule_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/label_mapping_rules/{label_mapping_rule_id}
Auditable: Yes
Exposure: Public Experimental
Modify a label mapping rule
Example Request Body
{
"enabled": true,
"expression": {
"property": "hostname",
"operator": "starts_with",
"values": [
"string"
]
},
"label_assignments": [
{
"label": {
"key": "string",
"value": "string"
}
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| label_mapping_rule_id | path | string | true* | Label Mapping Rule UUID |
| body | body | label_mapping_rules_put | false | none |
| » enabled | body | boolean | false | Enabled flag |
| » expression | body | label_mapping_rules_get/properties/expression | false | none |
| »» anonymous | body | object | false | none |
| »»» property | body | string | true* | The workload property to compare. (hostname, ip_address etc.) |
| »»» operator | body | string | true* | operator for the condition (starts_with, contains, equals, ends_with, is_in) |
| »»» values | body | [anyOf] | true* | Value to use in comparison |
| »»»» anonymous | body | string | false | none |
| »»»» anonymous | body | object | false | none |
| »»»»» port | body | integer | false | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't include this. |
| »»»»» proto | body | integer | false | protocol number |
| »»»» anonymous | body | object | false | none |
| »»»»» logical_operator | body | string | true* | logical operator for the child expressions |
| »»»»» child_expressions | body | [anyOf] | true* | none |
| »»»»»» anonymous | body | object | false | none |
| »»»»»»» property | body | string | true* | The workload property to compare. (hostname, ip_address etc.) |
| »»»»»»» operator | body | string | true* | operator for the condition (starts_with, contains, equals, ends_with, is_in) |
| »»»»»»» values | body | [anyOf] | true* | Value to use in comparison |
| »»»»»»»» anonymous | body | string | false | none |
| »»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»» port | body | integer | false | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't include this. |
| »»»»»»»»» proto | body | integer | false | protocol number |
| »»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»» logical_operator | body | string | true* | logical operator for the child expressions |
| »»»»»»»»» child_expressions | body | [anyOf] | true* | none |
| »»»»»»»» label_assignments | body | [anyOf] | false | List of label assignments for a rule |
| »»»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»»» label | body | object | true* | none |
| »»»»»»»»»»» key | body | string | false | none |
| »»»»»»»»»»» value | body | string | false | none |
| »»»»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»»»» label | body | object | true* | none |
| »»»»»»»»»»»» href | body | string | false | HREF of the pre-existing label |
Enumerated Values
| Parameter | Value |
|---|---|
| »»» property | hostname |
| »»» property | ip_address |
| »»» property | os |
| »»» property | process |
| »»» property | port |
| »»» operator | starts_with |
| »»» operator | ends_with |
| »»» operator | contains |
| »»» operator | equals |
| »»» operator | is_in |
| »»»»» logical_operator | and |
| »»»»» logical_operator | or |
| »»»»» logical_operator | not |
| »»»»»»» property | hostname |
| »»»»»»» property | ip_address |
| »»»»»»» property | os |
| »»»»»»» property | process |
| »»»»»»» property | port |
| »»»»»»» operator | starts_with |
| »»»»»»» operator | ends_with |
| »»»»»»» operator | contains |
| »»»»»»» operator | equals |
| »»»»»»» operator | is_in |
| »»»»»»»»» logical_operator | and |
| »»»»»»»»» logical_operator | or |
| »»»»»»»»» logical_operator | not |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a label mapping rule
Example Code
curl -X DELETE /orgs/{org_id}/label_mapping_rules/{label_mapping_rule_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/label_mapping_rules/{label_mapping_rule_id}
Exposure: Public Experimental
Auditable: Yes
Delete a label mapping rule
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| label_mapping_rule_id | path | string | true* | Label Mapping Rule UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get the status of the job
Example Code
curl -X GET /orgs/{org_id}/label_mapping_rules/run/{job_uuid} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/label_mapping_rules/run/{job_uuid}
Exposure: Public Experimental
Auditable: No
Get the staus of the job
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| job_uuid | path | string | true* | job UUID |
Example Response Body
200 Response
{
"href": "http://example.com",
"result": "http://example.com",
"status": "string",
"progress_percent": 0,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "http://example.com"
},
"updated_at": "2025-04-01T00:21:27Z",
"label_mapping_params": {
"workloads": [
{
"href": "string"
}
],
"rules": [
{
"href": "string"
}
],
"assign_labels": true
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | label_mapping_rules_run_get |
Download the results
Example Code
curl -X GET /orgs/{org_id}/label_mapping_rules/run/{job_uuid}/download \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/label_mapping_rules/run/{job_uuid}/download
Exposure: Public Experimental
Auditable: No
Download the results
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| job_uuid | path | string | true* | job UUID |
Example Response Body
200 Response
{
"results": [
{
"href": "string",
"hostname": null,
"existing_labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"labels_to_assign": [
{
"href": "string",
"key": "string",
"value": "string",
"label_mapping_rule": {
"href": "string"
}
}
]
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | label_mapping_rules_run_download_get |
Assign labels from the previous run
Example Code
curl -X PUT /orgs/{org_id}/label_mapping_rules/run/{job_uuid}/assign_labels \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/label_mapping_rules/run/{job_uuid}/assign_labels
Auditable: Yes
Exposure: Public Experimental
Assign labels from the previous run
Example Request Body
null
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| job_uuid | path | string | true* | job UUID |
| body | body | label_mapping_rules_run_assign_labels_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
LDAP Configs
Get all LDAP configurations
Example Code
curl -X GET /authentication_settings/ldap_configs \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/authentication_settings/ldap_configs
Exposure: Public Experimental
Auditable: No
Get all LDAP configurations
Example Response Body
200 Response
{
"href": "string",
"pce_fqdn": "string",
"name": "string",
"address": "string",
"port": 0,
"authentication_method": "string",
"request_timeout_seconds": 1,
"bind_distinguished_name": "string",
"is_bind_password_set": true,
"user_base_distinguished_name": "string",
"user_distinguished_name_pattern": "string",
"user_base_filter": "string",
"username_attribute": "string",
"full_name_attribute": "string",
"user_memberof_attribute": "string",
"tls_ca_bundle": "string",
"insecure_disable_tls_certificate_verification": true,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"username": "string"
},
"updated_by": {
"username": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | authentication_settings_ldap_configs_get |
Create a LDAP configuration
Example Code
curl -X POST /authentication_settings/ldap_configs \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/authentication_settings/ldap_configs
Auditable: Yes
Exposure: Public Experimental
Create LDAP configuration
Example Request Body
{
"pce_fqdn": "string",
"name": null,
"address": "string",
"port": 0,
"authentication_method": "LDAP",
"request_timeout_seconds": 1,
"bind_distinguished_name": null,
"bind_password": null,
"user_base_distinguished_name": "string",
"user_distinguished_name_pattern": null,
"user_base_filter": null,
"username_attribute": "string",
"full_name_attribute": null,
"user_memberof_attribute": null,
"tls_ca_bundle": null,
"insecure_disable_tls_certificate_verification": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | authentication_settings_ldap_configs_post | false | none |
| » pce_fqdn | body | string | false | The FQDN of the PCE cluster |
| » name | body | string,null | false | Friendly name of the LDAP server |
| » address | body | string | true* | IP address or host name of the LDAP server |
| » port | body | integer | true* | Port number of the LDAP server |
| » authentication_method | body | string | true* | Authentication types |
| » request_timeout_seconds | body | integer | false | Number of seconds to wait for response |
| » bind_distinguished_name | body | string,null | false | Distinguished name (DN) used to bind to the LDAP server |
| » bind_password | body | string,null | false | Bind DN password |
| » user_base_distinguished_name | body | string | true* | Base distinguished name to be used for login |
| » user_distinguished_name_pattern | body | string,null | false | Pattern used to create a DN string for a user during login, e.g. uid=*,ou=people, where * will be replaced with the username |
| » user_base_filter | body | string,null | false | Search filter used to query the LDAP tree for users |
| » username_attribute | body | string | true* | Attribute on a user object which contains the username, e.g. uid, sAMAccountName |
| » full_name_attribute | body | string,null | false | Attribute on a user object which contains the full name, e.g. cn, commonName, displayName |
| » user_memberof_attribute | body | string,null | false | Attribute on a user object containing group membership information, e.g. memberOf, isMemberOf |
| » tls_ca_bundle | body | string,null | false | Trustee CA bundle |
| » insecure_disable_tls_certificate_verification | body | boolean | false | Specifies whether to verify the server certificate when establishing an SSL connection to the LDAP server. WARNING: The use of this feature decreases the security of the system, and should only be used with full understanding of the ramifications. |
Enumerated Values
| Parameter | Value |
|---|---|
| » authentication_method | LDAP |
| » authentication_method | LDAPS |
| » authentication_method | STARTTLS |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Get the specified LDAP configuration
Example Code
curl -X GET /authentication_settings/ldap_configs/{uuid} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/authentication_settings/ldap_configs/{uuid}
Exposure: Public Experimental
Auditable: No
Get LDAP configuration
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| uuid | path | string | true* | LDAPConfig UUID |
Example Response Body
200 Response
{
"href": "string",
"pce_fqdn": "string",
"name": "string",
"address": "string",
"port": 0,
"authentication_method": "string",
"request_timeout_seconds": 1,
"bind_distinguished_name": "string",
"is_bind_password_set": true,
"user_base_distinguished_name": "string",
"user_distinguished_name_pattern": "string",
"user_base_filter": "string",
"username_attribute": "string",
"full_name_attribute": "string",
"user_memberof_attribute": "string",
"tls_ca_bundle": "string",
"insecure_disable_tls_certificate_verification": true,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"username": "string"
},
"updated_by": {
"username": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | authentication_settings_ldap_configs_get |
Delete the specified LDAP configuration
Example Code
curl -X DELETE /authentication_settings/ldap_configs/{uuid}
\ -u $KEY:$TOKEN
DELETE /api/v2/authentication_settings/ldap_configs/{uuid}
Exposure: Public Experimental
Auditable: Yes
Delete LDAP configuration
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| uuid | path | string | true* | LDAPConfig UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Update the specified LDAP configuration
Example Code
curl -X PUT /authentication_settings/ldap_configs/{uuid} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/authentication_settings/ldap_configs/{uuid}
Auditable: Yes
Exposure: Public Experimental
Update LDAP configuration
Example Request Body
{
"name": null,
"address": "string",
"port": 0,
"authentication_method": "LDAP",
"request_timeout_seconds": 1,
"bind_distinguished_name": null,
"bind_password": null,
"user_base_distinguished_name": "string",
"user_distinguished_name_pattern": null,
"user_base_filter": null,
"username_attribute": "string",
"full_name_attribute": null,
"user_memberof_attribute": null,
"tls_ca_bundle": null,
"insecure_disable_tls_certificate_verification": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| uuid | path | string | true* | LDAPConfig UUID |
| body | body | authentication_settings_ldap_configs_put | false | none |
| » name | body | string,null | false | Friendly name of the LDAP server |
| » address | body | string | false | IP address or host name of the LDAP server |
| » port | body | integer | false | Port number of the LDAP server |
| » authentication_method | body | string | false | Authentication types |
| » request_timeout_seconds | body | integer | false | Number of seconds to wait for response |
| » bind_distinguished_name | body | string,null | false | Distinguished name (DN) used to bind to the LDAP server |
| » bind_password | body | string,null | false | Bind DN password |
| » user_base_distinguished_name | body | string | false | Base distinguished name to be used for login |
| » user_distinguished_name_pattern | body | string,null | false | Pattern used to create a DN string for a user during login, e.g. uid=*,ou=people, where * will be replaced with the username |
| » user_base_filter | body | string,null | false | Search filter used to query the LDAP tree for users |
| » username_attribute | body | string | false | Attribute on a user object which contains the username, e.g. uid, sAMAccountName |
| » full_name_attribute | body | string,null | false | Attribute on a user object which contains the full name, e.g. cn, commonName, displayName |
| » user_memberof_attribute | body | string,null | false | Attribute on a user object containing group membership information, e.g. memberOf, isMemberOf |
| » tls_ca_bundle | body | string,null | false | Trustee CA bundle |
| » insecure_disable_tls_certificate_verification | body | boolean | false | Specifies whether to verify the server certificate when establishing an SSL connection to the LDAP server. WARNING: The use of this feature decreases the security of the system, and should only be used with full understanding of the ramifications. |
Enumerated Values
| Parameter | Value |
|---|---|
| » authentication_method | LDAP |
| » authentication_method | LDAPS |
| » authentication_method | STARTTLS |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Verify the specified LDAP server connection
Example Code
curl -X POST /authentication_settings/ldap_configs/{uuid}/verify_connection \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/authentication_settings/ldap_configs/{uuid}/verify_connection
Auditable: Yes
Exposure: Public Experimental
Verify LDAP server connection
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| uuid | path | string | true* | LDAPConfig UUID |
| body | body | authentication_settings_ldap_configs_verify_connection_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Login Users
Create a User Auth Token
Example Code
curl -X POST /login_users/authenticate?pce_fqdn=string \
-u [email protected]:'password' -H 'Content-Type: application/json'
POST /api/v2/login_users/authenticate
Auditable: Yes
Exposure: Public Stable
Sign in a local user and return auth_token for specified PCE
Example Request Body
{
"one_time_password": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| one_time_password | query | string | false | The time-based one-time password for two-factor authentication. |
| pce_fqdn | query | string | true* | Fully qualified name of PCE |
| body | body | login_users_authenticate_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update User Password
Example Code
curl -X PUT /login_users/{user_uuid}/password \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/login_users/{user_uuid}/password
Auditable: Yes
Exposure: Public Stable
Change password for a local user
Example Request Body
{
"password": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_uuid | path | string | true* | User UUID; use 'me' for the currently authenticated user |
| one_time_password | query | string | false | The time-based one-time password for two-factor authentication. |
| body | body | login_users_password_put | false | none |
| » password | body | string | true* | New password |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Manage api-key settings for an organization
View api-key settings for an organization
Example Code
curl -X GET /orgs/{org_id}/settings \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/settings
Exposure: Public Experimental
Auditable: No
Get settings for this org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
Example Response Body
200 Response
{
"href": "http://example.com",
"num_assets_requiring_ransomware_protection": null,
"automatic_label_application_on_ven_activation": true,
"rule_based_label_maker_schedule_enabled": true,
"rule_based_label_maker_schedule": null,
"max_explorer_query_timespan_days": 97,
"max_api_key_expiration_in_seconds": 7776000,
"expired_api_keys_retention_in_seconds": 7776000,
"advanced_ruleset_display": true,
"ven_maintenance_token_required": false,
"cloud_secure_tenant_id": "string",
"use_census_permissions": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | settings_get |
Update api-key settings for an organization
Example Code
curl -X PUT /orgs/{org_id}/settings \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/settings
Auditable: Yes
Exposure: Public Experimental
Update settings for this org
Example Request Body
{
"num_assets_requiring_ransomware_protection": 1,
"automatic_label_application_on_ven_activation": true,
"rule_based_label_maker_schedule_enabled": true,
"rule_based_label_maker_schedule": null,
"max_api_key_expiration_in_seconds": 7776000,
"expired_api_keys_retention_in_seconds": 7776000,
"advanced_ruleset_display": true,
"ven_maintenance_token_required": false,
"cloud_secure_tenant_id": "string",
"use_census_permissions": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| body | body | settings_put | false | none |
| » num_assets_requiring_ransomware_protection | body | integer | false | number of assets that need ransomware protection for this org |
| » automatic_label_application_on_ven_activation | body | boolean | false | Automatically apply labels rules when VEN is activated |
| » rule_based_label_maker_schedule_enabled | body | boolean | false | True or false based on whether the rule based label maker schedule is enabled. |
| » rule_based_label_maker_schedule | body | settings_get/properties/rule_based_label_maker_schedule | false | Schedule used for application of label rules |
| »» schedule_time | body | string(date-time) | false | The time at which the label rules should be run |
| »» frequency | body | string | false | The frequency at which the schedule is to be executed |
| »» day_of_week | body | [string] | false | Applies only in case of weekly schedule and indicates the days on which the schedule will be run. |
| »» day_of_month | body | integer | false | Applies only in case of monthly schedule and indicates the day on which the schedule will be run. |
| » max_api_key_expiration_in_seconds | body | integer | false | Validity of api_key in seconds; -1 specifies api_keys never expire |
| » expired_api_keys_retention_in_seconds | body | integer | false | Retention of expired api_keys in the database |
| » advanced_ruleset_display | body | boolean | false | When true, the UI will display rulesets in advanced mode. This means that scopes will be displayed for any unscoped rulesets, including newly added rulesets. |
| » ven_maintenance_token_required | body | boolean | false | Identifies if the tampering protection for the VEN and endpoints is enabled or not. |
| » cloud_secure_tenant_id | body | string | false | Cloud Secure tenant id corresponding to this organization |
| » use_census_permissions | body | boolean | false | Flag to indicate whether the PCE org will obtain permissions from census or from local database |
Enumerated Values
| Parameter | Value |
|---|---|
| »» frequency | daily |
| »» frequency | weekly |
| »» frequency | monthly |
| »» day_of_week | sunday |
| »» day_of_week | monday |
| »» day_of_week | tuesday |
| »» day_of_week | wednesday |
| »» day_of_week | thursday |
| »» day_of_week | friday |
| »» day_of_week | saturday |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Network Devices
Get Network Device List
Example Code
curl -X GET /orgs/{org_id}/network_devices \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/network_devices
Exposure: Public Stable
Auditable: No
get network device list
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| device_type | query | string | false | Type of supported device |
| manufacturer | query | string | false | Device manufacturer |
| model | query | string | false | Device model |
| name | query | string | false | device name |
Example Response Body
200 Response
[
{
"href": "string",
"config": {
"name": "string",
"description": "string",
"device_type": "string",
"manufacturer": "string",
"model": "string",
"ip_address": "string",
"credentials": {
"type": "cli",
"port": 0,
"username": "string",
"password": "string"
}
},
"configure": true,
"enforcement_instructions_generation_in_progress": true,
"enforcement_instructions_data_href": "string",
"enforcement_instructions_data_timestamp": "2025-04-01T00:21:26Z",
"enforcement_instructions_ack_href": "string",
"enforcement_instructions_ack_timestamp": "2025-04-01T00:21:26Z",
"supported_endpoint_type": "string",
"endpoints": [
{
"href": "string"
}
],
"network_enforcement_node": {
"href": "string"
},
"status": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | network_devices_get |
Get a Device
Example Code
curl -X GET /orgs/{org_id}/network_devices/{nd_uuid} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/network_devices/{nd_uuid}
Exposure: Public Stable
Auditable: No
get a device
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| nd_uuid | path | string | true* | uuid of device resource |
Example Response Body
200 Response
[
{
"href": "string",
"config": {
"name": "string",
"description": "string",
"device_type": "string",
"manufacturer": "string",
"model": "string",
"ip_address": "string",
"credentials": {
"type": "cli",
"port": 0,
"username": "string",
"password": "string"
}
},
"configure": true,
"enforcement_instructions_generation_in_progress": true,
"enforcement_instructions_data_href": "string",
"enforcement_instructions_data_timestamp": "2025-04-01T00:21:26Z",
"enforcement_instructions_ack_href": "string",
"enforcement_instructions_ack_timestamp": "2025-04-01T00:21:26Z",
"supported_endpoint_type": "string",
"endpoints": [
{
"href": "string"
}
],
"network_enforcement_node": {
"href": "string"
},
"status": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | network_devices_get |
Add a Device
Example Code
curl -X POST /orgs/{org_id}/network_enforcement_nodes/{uuid}/network_devices \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/network_enforcement_nodes/{uuid}/network_devices
Auditable: Yes
Exposure: Public Stable
add a network device
Example Request Body
{
"name": "string",
"description": "string",
"device_type": "string",
"manufacturer": "string",
"model": "string",
"ip_address": "string",
"credentials": {
"type": "cli",
"port": 0,
"username": "string",
"password": "string"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| uuid | path | string | true* | Network enforcement node uuid |
| body | body | network_enforcement_nodes_network_devices_post | false | none |
| » name | body | string | false | The name of the device |
| » description | body | string | false | Description of the device |
| » device_type | body | string | false | Type of device |
| » manufacturer | body | string | false | The manufacturer of the device |
| » model | body | string | false | The model of the device |
| » ip_address | body | string | false | The IP address of the device |
| » credentials | body | object | false | none |
| »» type | body | string | false | The type of credential used to access the device |
| »» port | body | integer | false | The device port, if non-standard for credential type |
| »» username | body | string | false | The username used to access the device |
| »» password | body | string | false | The password used to access the device |
Enumerated Values
| Parameter | Value |
|---|---|
| »» type | cli |
| »» type | api |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Delete a Device
Example Code
curl -X DELETE /orgs/{org_id}/network_devices/{nd_uuid}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/network_devices/{nd_uuid}
Exposure: Public Stable
Auditable: Yes
delete a device
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| nd_uuid | path | string | true* | uuid of device resource |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Update a Device
Example Code
curl -X PUT /orgs/{org_id}/network_devices/{nd_uuid} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/network_devices/{nd_uuid}
Auditable: Yes
Exposure: Public Stable
update a device
Example Request Body
{
"name": "string",
"description": "string",
"device_type": "string",
"manufacturer": "string",
"model": "string",
"ip_address": "string",
"credentials": {
"type": "cli",
"port": 0,
"username": "string",
"password": "string"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| nd_uuid | path | string | true* | uuid of device resource |
| body | body | network_enforcement_nodes_network_devices_post | false | none |
| » name | body | string | false | The name of the device |
| » description | body | string | false | Description of the device |
| » device_type | body | string | false | Type of device |
| » manufacturer | body | string | false | The manufacturer of the device |
| » model | body | string | false | The model of the device |
| » ip_address | body | string | false | The IP address of the device |
| » credentials | body | object | false | none |
| »» type | body | string | false | The type of credential used to access the device |
| »» port | body | integer | false | The device port, if non-standard for credential type |
| »» username | body | string | false | The username used to access the device |
| »» password | body | string | false | The password used to access the device |
Enumerated Values
| Parameter | Value |
|---|---|
| »» type | cli |
| »» type | api |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Acknowledge Enforcement Instructions Applied for Multiple Network Devices
Example Code
curl -X POST /orgs/{org_id}/network_devices/multi_enforcement_instructions_applied \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/network_devices/multi_enforcement_instructions_applied
Auditable: Yes
Exposure: Public Stable
acknowledge enforcement instructions applied for multiple network devices
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | network_devices_multi_enforcement_instructions_applied_post | false | none |
| » all_devices | body | boolean | false | Flag to indicate that enforcement instructions are required for all network devices |
| » network_devices | body | [object] | false | none |
| »» href | body | string | false | href of network device |
| » anonymous | body | object | false | none |
| » anonymous | body | object | false | none |
Enumerated Values
| Parameter | Value |
|---|---|
| » all_devices | true* |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Generate Enforcement Instructions for Multiple Network Devices
Example Code
curl -X POST /orgs/{org_id}/network_devices/multi_enforcement_instructions_request \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/network_devices/multi_enforcement_instructions_request
Auditable: No
Exposure: Public Stable
generate enforcement instructions for multiple network devices
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | network_devices_multi_enforcement_instructions_request_post | false | none |
| » all_devices | body | boolean | false | Flag to indicate that enforcement instructions are required for all network devices |
| » network_devices | body | [object] | false | none |
| »» href | body | string | false | href of network device |
| » anonymous | body | object | false | none |
| » anonymous | body | object | false | none |
Enumerated Values
| Parameter | Value |
|---|---|
| » all_devices | true* |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Acknowledge Enforcement Instructions Applied
Example Code
curl -X POST /orgs/{org_id}/network_devices/{nd_uuid}/enforcement_instructions_applied \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/network_devices/{nd_uuid}/enforcement_instructions_applied
Auditable: Yes
Exposure: Public Stable
acknowledge enforcement instructions applied
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| nd_uuid | path | string | true* | uuid of device resource |
| body | body | network_devices_enforcement_instructions_applied_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Request Enforcement Instructions
Example Code
curl -X POST /orgs/{org_id}/network_devices/{nd_uuid}/enforcement_instructions_request \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/network_devices/{nd_uuid}/enforcement_instructions_request
Auditable: No
Exposure: Public Stable
request enforcement instructions
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| nd_uuid | path | string | true* | uuid of device resource |
| body | body | network_devices_enforcement_instructions_request_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Get network endpoints for a network device
Example Code
curl -X GET /orgs/{org_id}/network_devices/{nd_uuid}/network_endpoints \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/network_devices/{nd_uuid}/network_endpoints
Exposure: Public Stable
Auditable: No
Get network endpoints for a network device.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| nd_uuid | path | string | true* | uuid of device resource |
Example Response Body
200 Response
[
{
"href": "string",
"config": {
"endpoint_type": "string",
"name": "string",
"traffic_flow_id": "string",
"workload_discovery": true
},
"workload_discovery": true,
"network_device": {
"href": "string"
},
"workloads": [
{
"href": "string"
}
],
"status": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | network_devices_network_endpoints_get |
Add a network endpoint to a specific network device
Example Code
curl -X POST /orgs/{org_id}/network_devices/{nd_uuid}/network_endpoints \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/network_devices/{nd_uuid}/network_endpoints
Auditable: Yes
Exposure: Public Stable
Add a network endpoint to a specific network device.
Example Request Body
{
"config": {
"endpoint_type": "string",
"name": "string",
"traffic_flow_id": "string",
"workload_discovery": true
},
"workloads": [
{
"href": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| nd_uuid | path | string | true* | uuid of device resource |
| body | body | network_devices_network_endpoints_post | false | none |
| » config | body | network_devices_network_endpoints_post/properties/config | true* | none |
| »» endpoint_type | body | string | false | The type of endpoint |
| »» name | body | string | false | The name of the endpoint e.g. interface name |
| »» traffic_flow_id | body | string | false | A traffic flow identifier for this endpoint e.g. switch port IfIndex |
| »» workload_discovery | body | boolean | false | Flag to indicate if workload discovery is enabled |
| » workloads | body | [object] | false | List of managed workloads |
| »» href | body | string | true* | URI of workload |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Get a Network Endpoint
Example Code
curl -X GET /orgs/{org_id}/network_devices/{nd_uuid}/network_endpoints/{ep_uuid} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/network_devices/{nd_uuid}/network_endpoints/{ep_uuid}
Exposure: Public Stable
Auditable: No
get a network_endpoint
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| nd_uuid | path | string | true* | uuid of device resource |
| ep_uuid | path | string | true* | uuid of network_endpoint resource |
Example Response Body
200 Response
[
{
"href": "string",
"config": {
"endpoint_type": "string",
"name": "string",
"traffic_flow_id": "string",
"workload_discovery": true
},
"workload_discovery": true,
"network_device": {
"href": "string"
},
"workloads": [
{
"href": "string"
}
],
"status": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | network_devices_network_endpoints_get |
Delete a Network Endpoint
Example Code
curl -X DELETE /orgs/{org_id}/network_devices/{nd_uuid}/network_endpoints/{ep_uuid}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/network_devices/{nd_uuid}/network_endpoints/{ep_uuid}
Exposure: Public Stable
Auditable: Yes
delete a network_endpoint
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| nd_uuid | path | string | true* | uuid of device resource |
| ep_uuid | path | string | true* | uuid of network_endpoint resource |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Update a Network Endpoint
Example Code
curl -X PUT /orgs/{org_id}/network_devices/{nd_uuid}/network_endpoints/{ep_uuid} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/network_devices/{nd_uuid}/network_endpoints/{ep_uuid}
Auditable: Yes
Exposure: Public Stable
update a network_endpoint
Example Request Body
{
"config": {
"endpoint_type": "string",
"name": "string",
"traffic_flow_id": "string",
"workload_discovery": true
},
"workloads": [
{
"href": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| nd_uuid | path | string | true* | uuid of device resource |
| ep_uuid | path | string | true* | uuid of network_endpoint resource |
| body | body | network_devices_network_endpoints_put | false | none |
| » config | body | network_devices_network_endpoints_post/properties/config | false | none |
| »» endpoint_type | body | string | false | The type of endpoint |
| »» name | body | string | false | The name of the endpoint e.g. interface name |
| »» traffic_flow_id | body | string | false | A traffic flow identifier for this endpoint e.g. switch port IfIndex |
| »» workload_discovery | body | boolean | false | Flag to indicate if workload discovery is enabled |
| » workloads | body | [object] | false | List of managed workloads |
| »» href | body | string | true* | URI of workload |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Network Enforcement Nodes
Get list of network enforcement nodes
Example Code
curl -X GET /orgs/{org_id}/network_enforcement_nodes \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/network_enforcement_nodes
Exposure: Public Stable
Auditable: No
Get list of network enforcement nodes
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| condition | query | string | false | A specific error condition to filter by |
| device_type | query | string | false | Type of supported device |
| health | query | string | false | The overall health (condition) of the Network Enforcement Node |
| manufacturer | query | string | false | Device manufacturer |
| model | query | string | false | Device model |
Enumerated Values
| Parameter | Value |
|---|---|
| condition | network_enforcement_node.missed_heartbeats |
| condition | network_enforcement_node.degraded |
| health | healthy |
| health | unhealthy |
| health | error |
| health | warning |
Example Response Body
200 Response
[
{
"uuid": "string",
"org_id": 0,
"hostname": "string",
"name": "string",
"public_ip": "string",
"software_version": "string",
"last_status_at": null,
"uptime_seconds": null,
"network_devices": [],
"supported_devices": [
{
"device_type": "string",
"manufacturers": [
{
"manufacturer": "string",
"models": [
{
"model": "string",
"endpoint_type": "string"
}
]
}
]
}
],
"conditions": [
{
"first_reported_timestamp": "2025-04-01T00:21:26Z",
"latest_event": {
"notification_type": "string",
"severity": "err",
"href": "string",
"info": {},
"timestamp": "2025-04-01T00:21:26Z"
}
}
],
"target_pce_fqdn": null,
"active_pce_fqdn": null
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | network_enforcement_nodes_get |
Get a network enforcement node
Example Code
curl -X GET /orgs/{org_id}/network_enforcement_nodes/{uuid} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/network_enforcement_nodes/{uuid}
Exposure: Public Stable
Auditable: No
get a network enforcement node
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| uuid | path | string | true* | Network enforcement node uuid |
Example Response Body
200 Response
[
{
"uuid": "string",
"org_id": 0,
"hostname": "string",
"name": "string",
"public_ip": "string",
"software_version": "string",
"last_status_at": null,
"uptime_seconds": null,
"network_devices": [],
"supported_devices": [
{
"device_type": "string",
"manufacturers": [
{
"manufacturer": "string",
"models": [
{
"model": "string",
"endpoint_type": "string"
}
]
}
]
}
],
"conditions": [
{
"first_reported_timestamp": "2025-04-01T00:21:26Z",
"latest_event": {
"notification_type": "string",
"severity": "err",
"href": "string",
"info": {},
"timestamp": "2025-04-01T00:21:26Z"
}
}
],
"target_pce_fqdn": null,
"active_pce_fqdn": null
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | network_enforcement_nodes_get |
Update the target PCE of the Network Enforcement Node
Example Code
curl -X PUT /orgs/{org_id}/network_enforcement_nodes/{uuid} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/network_enforcement_nodes/{uuid}
Auditable: Yes
Exposure: Public Stable
Update the target PCE of the Network Enforcement Node
Example Request Body
{
"target_pce_fqdn": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| uuid | path | string | true* | Network enforcement node uuid |
| body | body | network_enforcement_nodes_put | false | none |
| » target_pce_fqdn | body | string | false | cluster FQDN for target PCE |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Optional Features
Get the optional features collection
Example Code
curl -X GET /orgs/{org_id}/optional_features \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/optional_features
Exposure: Public Experimental
Auditable: No
Get the optional features collection
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
[
{
"name": "string",
"preview": true,
"enabled": true
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | optional_features_get |
Set the optional features for an org
Example Code
curl -X PUT /orgs/{org_id}/optional_features \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/optional_features
Auditable: Yes
Exposure: Public Experimental
Set the optional features for an org
Example Request Body
[
{
"name": "ip_forwarding_firewall_setting",
"enabled": true
}
]
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | optional_features_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Organization Settings
Get Events Settings
Example Code
curl -X GET /orgs/{org_id}/settings/events \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/settings/events
Exposure: Public Stable
Auditable: No
Get org-settings
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
Example Response Body
200 Response
{
"audit_event_retention_seconds": 0,
"audit_event_min_severity": "error",
"format": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | settings_events_get |
Update Events Settings
Example Code
curl -X PUT /orgs/{org_id}/settings/events \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/settings/events
Auditable: Yes
Exposure: Public Stable
Create or Update org-settings
Example Request Body
{
"audit_event_retention_seconds": 86400,
"audit_event_min_severity": "error",
"format": "JSON"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| body | body | settings_events_put | false | none |
| » audit_event_retention_seconds | body | integer | false | The time in seconds an audit event is stored in the database |
| » audit_event_min_severity | body | settings_syslog_destinations_post/properties/audit_event_logger/properties/min_severity | false | Minimum severity level of audit event messages. |
| » format | body | string | false | The log format (JSON, CEF, LEEF), which applies to all syslog destinations |
Enumerated Values
| Parameter | Value |
|---|---|
| » audit_event_min_severity | error |
| » audit_event_min_severity | warning |
| » audit_event_min_severity | informational |
| » format | JSON |
| » format | CEF |
| » format | LEEF |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Pairing Profiles
Get Pairing Profiles
Example Code
curl -X GET /orgs/{org_id}/pairing_profiles \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/pairing_profiles
Exposure: Public Stable
Auditable: No
Return the set of pairing profiles
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| agent_software_release | query | string | false | The agent software release for pairing profiles |
| description | query | string | false | Description of Pairing Profile(s) to return. Supports partial matches |
| external_data_reference | query | string | false | A unique identifier within the external data source |
| external_data_set | query | string | false | The data source from which a resource originates |
| labels | query | string | false | List of lists of label URIs, encoded as a JSON string |
| max_results | query | integer | false | Maximum number of Pairing Profiles to return. |
| name | query | string | false | Name of Pairing Profile(s) to return. Supports partial matches |
| ven_type | query | string | false | Specifies the pairing profile by the VEN type: server, endpoint, or specified_during_activation |
Enumerated Values
| Parameter | Value |
|---|---|
| ven_type | specified_during_activation |
| ven_type | server |
| ven_type | endpoint |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"description": "string",
"mode": "idle",
"enforcement_mode": "idle",
"status": "string",
"enabled": true,
"total_use_count": 0,
"allowed_uses_per_key": 1,
"key_lifespan": 1,
"last_pairing_at": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"last_pairing_key_generated_at": null,
"last_pairing_key_generated_by": null,
"is_default": true,
"labels": [
{
"href": "string"
}
],
"env_label_lock": true,
"loc_label_lock": true,
"role_label_lock": true,
"app_label_lock": true,
"mode_lock": true,
"enforcement_mode_lock": true,
"log_traffic": true,
"log_traffic_lock": true,
"visibility_level": "flow_summary",
"visibility_level_lock": true,
"status_lock": true,
"external_data_set": null,
"external_data_reference": null,
"agent_software_release": null,
"ven_type": "specified_during_activation"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | pairing_profiles_get |
Get a Pairing Profile
Example Code
curl -X GET /orgs/{org_id}/pairing_profiles/{pairing_profile_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/pairing_profiles/{pairing_profile_id}
Exposure: Public Stable
Auditable: No
Get pairing profile by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pairing_profile_id | path | integer | true* | Pairing Profile ID |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"description": "string",
"mode": "idle",
"enforcement_mode": "idle",
"status": "string",
"enabled": true,
"total_use_count": 0,
"allowed_uses_per_key": 1,
"key_lifespan": 1,
"last_pairing_at": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"last_pairing_key_generated_at": null,
"last_pairing_key_generated_by": null,
"is_default": true,
"labels": [
{
"href": "string"
}
],
"env_label_lock": true,
"loc_label_lock": true,
"role_label_lock": true,
"app_label_lock": true,
"mode_lock": true,
"enforcement_mode_lock": true,
"log_traffic": true,
"log_traffic_lock": true,
"visibility_level": "flow_summary",
"visibility_level_lock": true,
"status_lock": true,
"external_data_set": null,
"external_data_reference": null,
"agent_software_release": null,
"ven_type": "specified_during_activation"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | pairing_profiles_get |
Create a Workload Pairing Profile
Example Code
curl -X POST /orgs/{org_id}/pairing_profiles \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/pairing_profiles
Auditable: Yes
Exposure: Public Stable
Create a workload pairing profile.
Example Request Body
{
"name": "string",
"description": "string",
"mode": "idle",
"mode_lock": true,
"enforcement_mode": "idle",
"enforcement_mode_lock": true,
"enabled": true,
"allowed_uses_per_key": 1,
"key_lifespan": 1,
"labels": [
{
"href": "string"
}
],
"env_label_lock": true,
"loc_label_lock": true,
"role_label_lock": true,
"app_label_lock": true,
"log_traffic": true,
"log_traffic_lock": true,
"visibility_level": "flow_full_detail",
"visibility_level_lock": true,
"external_data_set": null,
"external_data_reference": null,
"agent_software_release": null,
"ven_type": "specified_during_activation"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | pairing_profiles_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Create a Pairing Key
Example Code
curl -X POST /orgs/{org_id}/pairing_profiles/{pairing_profile_id}/pairing_key \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/pairing_profiles/{pairing_profile_id}/pairing_key
Auditable: Yes
Exposure: Public Stable
Generate a pairing key for a pairing profile by ID
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pairing_profile_id | path | integer | true* | Pairing Profile ID |
| body | body | pairing_profiles_pairing_key_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update a Pairing Profile
Example Code
curl -X PUT /orgs/{org_id}/pairing_profiles/{pairing_profile_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/pairing_profiles/{pairing_profile_id}
Auditable: Yes
Exposure: Public Stable
Modify a pairing profile by ID
Example Request Body
{
"name": "string",
"description": "string",
"mode": "idle",
"mode_lock": true,
"enforcement_mode": "idle",
"enforcement_mode_lock": true,
"enabled": true,
"allowed_uses_per_key": 1,
"key_lifespan": 1,
"labels": [
{
"href": "string"
}
],
"env_label_lock": true,
"loc_label_lock": true,
"role_label_lock": true,
"app_label_lock": true,
"log_traffic": true,
"log_traffic_lock": true,
"visibility_level": "flow_full_detail",
"visibility_level_lock": true,
"external_data_set": null,
"external_data_reference": null,
"agent_software_release": null
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pairing_profile_id | path | integer | true* | Pairing Profile ID |
| body | body | pairing_profiles_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Pairing Profile
Example Code
curl -X DELETE /orgs/{org_id}/pairing_profiles/{pairing_profile_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/pairing_profiles/{pairing_profile_id}
Exposure: Public Stable
Auditable: Yes
Delete a pairing profile by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pairing_profile_id | path | integer | true* | Pairing Profile ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Permissions
Get All Permissions
Example Code
curl -X GET /orgs/{org_id}/permissions \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/permissions
Exposure: Public Stable
Auditable: No
Get all permissions for this org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| auth_security_principal | query | string | false | Auth_security_principal URI (JSON-encoded string) to filter on |
| role | query | string | false | Role URI (JSON-encoded string) to filter on |
| scope | query | string | false | Scope to filter on, where scope is in the format defined in org_scope.schema.json |
Example Response Body
200 Response
[
{
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
],
"auth_security_principal": {
"href": "string"
},
"href": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | orgs_permissions_get |
Get a Permission
Example Code
curl -X GET /orgs/{org_id}/permissions/{permission_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/permissions/{permission_id}
Exposure: Public Stable
Auditable: No
Get details of this permission in this org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| permission_id | path | string | true* | UUID of the permission |
Example Response Body
200 Response
[
{
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
],
"auth_security_principal": {
"href": "string"
},
"href": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | orgs_permissions_get |
Create a Permission
Example Code
curl -X POST /orgs/{org_id}/permissions \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/permissions
Auditable: Yes
Exposure: Public Stable
Create a permission in this org
Example Request Body
{
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
],
"auth_security_principal": {
"href": "string"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| body | body | orgs_permissions_post | false | none |
| » role | body | orgs_permissions_put/properties/role | true* | none |
| »» href | body | string | true* | URI of Role |
| » scope | body | [object] | true* | none |
| »» label | body | object | false | none |
| »»» href | body | string | true* | Label URI |
| »»» key | body | string | false | Label type |
| »»» value | body | string | false | Label name |
| »» label_group | body | object | false | none |
| »»» href | body | string | true* | Label group URI |
| »»» key | body | string | false | Label group type |
| »»» name | body | string | false | Label group name |
| »» auth_security_principal | body | orgs_permissions_put/properties/auth_security_principal | true* | none |
| »»» href | body | string | true* | URI of auth_security_principal |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update a Permission
Example Code
curl -X PUT /orgs/{org_id}/permissions/{permission_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/permissions/{permission_id}
Auditable: Yes
Exposure: Public Stable
Update this permission in this org
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| permission_id | path | string | true* | UUID of the permission |
| body | body | orgs_permissions_put | false | none |
| » role | body | orgs_permissions_put/properties/role | false | none |
| »» href | body | string | true* | URI of Role |
| » scope | body | [object] | false | none |
| »» label | body | object | false | none |
| »»» href | body | string | true* | Label URI |
| »»» key | body | string | false | Label type |
| »»» value | body | string | false | Label name |
| »» label_group | body | object | false | none |
| »»» href | body | string | true* | Label group URI |
| »»» key | body | string | false | Label group type |
| »»» name | body | string | false | Label group name |
| »» auth_security_principal | body | orgs_permissions_put/properties/auth_security_principal | false | none |
| »»» href | body | string | true* | URI of auth_security_principal |
| »» anonymous | body | object | false | none |
| »» anonymous | body | object | false | none |
| »» anonymous | body | object | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Permission
Example Code
curl -X DELETE /orgs/{org_id}/permissions/{permission_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/permissions/{permission_id}
Exposure: Public Stable
Auditable: Yes
Delete this permission in this org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| permission_id | path | string | true* | UUID of the permission |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Reports
Get all reports for this org and user
Example Code
curl -X GET /orgs/{org_id}/reports \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/reports
Exposure: Public Experimental
Auditable: No
Fetches a collection of all reports for this org and user
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
{
"href": "http://example.com",
"report_template": {
"href": "http://example.com",
"name": "string"
},
"description": "string",
"send_by_email": true,
"progress_percentage": 0,
"generated_at": null,
"status": "string",
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
},
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "http://example.com"
},
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"href": "http://example.com"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | reports_get |
Create a new on-demand report
Example Code
curl -X POST /orgs/{org_id}/reports \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/reports
Auditable: Yes
Exposure: Public Experimental
Create a new on-demand report
Example Request Body
{
"report_template": {
"href": "http://example.com"
},
"send_by_email": true,
"description": "string",
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | reports_post | false | none |
| » report_template | body | object | true* | Template for the report |
| »» href | body | string(uri) | true* | Report Template URI |
| » send_by_email | body | boolean | false | Flag for whether to send user report by email |
| » description | body | string | false | Description for the report |
| » report_parameters | body | object | true* | Any specific parameters required for this report template |
| »» anonymous | body | report_templates_get/properties/report_parameters/anyOf/0 | false | Report parameters for executive summary report |
| »»» report_time_range | body | object | true* | Time range the report is built across |
| »»»» anonymous | body | object | false | none |
| »»»»» start_date | body | string(date-time) | true* | Start date for the range |
| »»»»» end_date | body | string(date-time) | true* | End date for the range |
| »»»» anonymous | body | object | false | none |
| »»»»» last_num_days | body | integer | true* | Last x number of days the report is built across |
| »»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/1 | false | Report parameters for traffic flow query report |
| »»»»» report_time_range | body | object | true* | Time range the report is built across |
| »»»»»» anonymous | body | object | false | none |
| »»»»»» anonymous | body | object | false | none |
| »»»»» app_groups | body | [array] | true* | App Group Schema for reports |
| »»»»»» label | body | object | true* | none |
| »»»»»»» href | body | string | true* | Label URI |
| »»»»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/2 | false | Report parameters for explorer report |
| »»»»»»» report_time_range | body | object | true* | none |
| »»»»»»» filters | body | object | true* | none |
| »»»»»»»» query_name | body | string | true* | Query Name |
| »»»»»»»» start_date | body | string(date) | false | Starting date for query |
| »»»»»»»» end_date | body | string(date) | false | Ending date for query |
| »»»»»»»» sources_destinations_query_op | body | string | false | Query logical operator between sources and destinations |
| »»»»»»»» sources | body | object | true* | Source labels, workloads, IP addresses to include or exclude |
| »»»»»»»»» include | body | [array] | true* | List of included sources or targets |
| »»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»» label | body | object | true* | none |
| »»»»»»»»»»»» href | body | string | true* | Label URI |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»»» label_group | body | object | true* | none |
| »»»»»»»»»»»»» href | body | string | true* | Label group URI |
| »»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»»»» workload | body | object | true* | none |
| »»»»»»»»»»»»»» href | body | string | true* | Workload URI |
| »»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»»»»» ip_address | body | string | true* | IP address value |
| »»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»»»»» ip_list | body | object | true* | none |
| »»»»»»»»»»»»»»» href | body | string | true* | IP List draft URI |
| »»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/5 | false | Explorer filter for all managed services (workloads, virtual_services etc) |
| »»»»»»»»»»»»»»» actors | body | string | false | All managed workloads ('ams') |
| »»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»»»»»» cloud_resource | body | object | true* | none |
| »»»»»»»»»»»»»»»» resource_uuid | body | string | true* | UUID of cloud resource |
| »»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»»»»»»»» data_center | body | object | true* | none |
| »»»»»»»»»»»»»»»»» type | body | string | true* | Type of the datacenter, such as core/cloud/aws/azure/gcp |
| »»»»»»»»»»»»»»»» exclude | body | [anyOf] | true* | List of excluded sources or targets |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»»»»»»»» destinations | body | object | true* | Target labels, workloads, IP addresses, domain names, transmission to include or exclude |
| »»»»»»»»»»»»»»»»» include | body | [array] | true* | List of included sources or targets |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/destinations/properties/include/items/items/oneOf/4 | false | An DNS parameter for a traffic query |
| »»»»»»»»»»»»»»»»»»» fqdn | body | string | true* | parameter for querying the matched fqdn |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/5 | false | Explorer filter for all managed services (workloads, virtual_services etc) |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»»»»»»»»» exclude | body | [anyOf] | true* | List of excluded sources or targets |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/destinations/properties/include/items/items/oneOf/4 | false | An DNS parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | object | false | Parameter representing broadcast/multiccast |
| »»»»»»»»»»»»»»»»»»» transmission | body | string | true* | transmission type |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»»»»»»»»» data_sources | body | object | false | Data sources of the flows to include or exclude |
| »»»»»»»»»»»»»»»»»» include | body | [string] | false | List of included services |
| »»»»»»»»»»»»»»»»»» exclude | body | [string] | false | List of excluded data sources |
| »»»»»»»»»»»»»»»»» services | body | object | true* | Services (5-tuple of port/to_port/proto/process/service) to include or exclude |
| »»»»»»»»»»»»»»»»»» include | body | [object] | true* | List of included services (5-tuple of port/to_port/proto/process/service) |
| »»»»»»»»»»»»»»»»»»» port | body | integer | false | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»»»»»»»»»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»»»»»»»»»»»»»»»» proto | body | integer | false | protocol number |
| »»»»»»»»»»»»»»»»»»» process_name | body | string | false | Process Name |
| »»»»»»»»»»»»»»»»»»» windows_service_name | body | string | false | Windows Service Name |
| »»»»»»»»»»»»»»»»»» exclude | body | [object] | true* | List of excluded services (5-tuple of port/to_port/proto/process/service) |
| »»»»»»»»»»»»»»»»»»» port | body | integer | false | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»»»»»»»»»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»»»»»»»»»»»»»»»» proto | body | integer | false | protocol number |
| »»»»»»»»»»»»»»»»»»» process_name | body | string | false | Process Name |
| »»»»»»»»»»»»»»»»»»» windows_service_name | body | string | false | Windows Service Name |
| »»»»»»»»»»»»»»»»»» policy_decisions | body | [string] | true* | List of policy decisions |
| »»»»»»»»»»»»»»»»»» boundary_decisions | body | [string] | false | List of boundary decisions |
| »»»»»»»»»»»»»»»»»» max_results | body | integer | true* | maximum number of flows to return |
| »»»»»»»»»»»»»»»»»» exclude_workloads_from_ip_list_query | body | boolean | false | exclude workload traffic when IP List is provided either in consumer or provider part of traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/3 | false | Report parameters for VES report |
| »»»»»»»»»»»»»»»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/4 | false | Returns the rule hit count stats for all the rules in a ruleset during the specified time-range |
| »»»»»»»»»»»»»»»»»» report_time_range | body | object | true* | Time range the report is built across |
| »»»»»»»»»»»»»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»»»»»»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»»»»»»»»»»» rule_sets | body | [object] | true* | Returns the rule hit count stats for all the rules in a ruleset during the specified time-range |
| »»»»»»»»»»»»»»»»»»» href | body | string | true* | HREF of the ruleset |
| »»»»»»»»»»»»»»»»»» max_results | body | integer | false | maximum number of rules to return in the specified time-range in descending order of rule creation time |
Enumerated Values
| Parameter | Value |
|---|---|
| »»»»»»»» sources_destinations_query_op | and |
| »»»»»»»» sources_destinations_query_op | or |
| »»»»»»»»»»»»»»» actors | ams |
| »»»»»»»»»»»»»»»»» type | core |
| »»»»»»»»»»»»»»»»» type | cloud |
| »»»»»»»»»»»»»»»»» type | aws |
| »»»»»»»»»»»»»»»»» type | azure |
| »»»»»»»»»»»»»»»»» type | gcp |
| »»»»»»»»»»»»»»»»»»» transmission | broadcast |
| »»»»»»»»»»»»»»»»»»» transmission | multicast |
| »»»»»»»»»»»»»»»»»»» transmission | unicast |
| »»»»»»»»»»»»»»»»»» include | server |
| »»»»»»»»»»»»»»»»»» include | endpoint |
| »»»»»»»»»»»»»»»»»» include | flowlink |
| »»»»»»»»»»»»»»»»»» include | scanner |
| »»»»»»»»»»»»»»»»»» exclude | server |
| »»»»»»»»»»»»»»»»»» exclude | endpoint |
| »»»»»»»»»»»»»»»»»» exclude | flowlink |
| »»»»»»»»»»»»»»»»»» exclude | scanner |
| »»»»»»»»»»»»»»»»»» policy_decisions | allowed |
| »»»»»»»»»»»»»»»»»» policy_decisions | potentially_blocked |
| »»»»»»»»»»»»»»»»»» policy_decisions | blocked |
| »»»»»»»»»»»»»»»»»» policy_decisions | unknown |
| »»»»»»»»»»»»»»»»»» boundary_decisions | blocked |
| »»»»»»»»»»»»»»»»»» boundary_decisions | blocked_by_override_deny |
| »»»»»»»»»»»»»»»»»» boundary_decisions | blocked_non_illumio_rule |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Get a report by UUID
Example Code
curl -X GET /orgs/{org_id}/reports/{report_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/reports/{report_id}
Exposure: Public Experimental
Auditable: No
Get a report by UUID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| report_id | path | string | true* | UUID of the report |
Example Response Body
200 Response
{
"href": "http://example.com",
"report_template": {
"href": "http://example.com",
"name": "string"
},
"description": "string",
"send_by_email": true,
"progress_percentage": 0,
"generated_at": null,
"status": "string",
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
},
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "http://example.com"
},
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"href": "http://example.com"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | reports_get |
Updates a report by UUID
Example Code
curl -X PUT /orgs/{org_id}/reports/{report_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/reports/{report_id}
Auditable: No
Exposure: Public Experimental
Updates a report by UUID
Example Request Body
{
"status": "cancel_requested"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| report_id | path | string | true* | UUID of the report |
| body | body | reports_put | false | none |
| » status | body | string | false | State of the report |
Enumerated Values
| Parameter | Value |
|---|---|
| » status | cancel_requested |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Download a report
Example Code
curl -X GET /orgs/{org_id}/reports/{report_id}/download
GET /api/v2/orgs/{org_id}/reports/{report_id}/download
Exposure: Public Experimental
Auditable: No
Download a report
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| report_id | path | string | true* | UUID of the report |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | None |
Get the risk summary for org
Example Code
curl -X GET /orgs/{org_id}/reports/risk_summary \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/reports/risk_summary
Exposure: Public Experimental
Auditable: No
Get the org risk_summary
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
Example Response Body
200 Response
{
"ransomware": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | reports_risk_summary_get |
Get the risk summary time series statistics
Example Code
curl -X POST /orgs/{org_id}/reports/risk_summary/ransomware_timeseries_statistics \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/reports/risk_summary/ransomware_timeseries_statistics
Auditable: No
Exposure: Public Experimental
Get the risk summary time series statistics
Example Request Body
[
{
"property": "num_managed_workloads",
"resolution": "day",
"max_results": 5
}
]
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| body | body | reports_risk_summary_ransomware_timeseries_statistics_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Get time series data
Example Code
curl -X POST /orgs/{org_id}/reports/time_series_statistics \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/reports/time_series_statistics
Auditable: No
Exposure: Public Experimental
Get time series data
Example Request Body
[
{
"property": "num_managed_workloads",
"resolution": "day",
"max_results": 5
}
]
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | reports_time_series_statistics_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Report Schedules
Get report schedules for this user and org
Example Code
curl -X GET /orgs/{org_id}/report_schedules \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/report_schedules
Exposure: Public Experimental
Auditable: No
Fetches collection of all report schedules for this user and org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
{
"href": "http://example.com",
"report_template": {
"href": "http://example.com",
"name": "string"
},
"name": "string",
"report_generation_frequency": "string",
"scheduled_at": "2025-04-01T00:21:27Z",
"send_by_email": true,
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
},
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "http://example.com"
},
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"href": "http://example.com"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | report_schedules_get |
Create a new report schedule
Example Code
curl -X POST /orgs/{org_id}/report_schedules \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/report_schedules
Auditable: No
Exposure: Public Experimental
Creates a new report schedule
Example Request Body
{
"report_template": {
"href": "http://example.com"
},
"name": "string",
"send_by_email": true,
"report_generation_frequency": "daily",
"scheduled_at": "2025-04-01T00:21:27Z",
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | report_schedules_post | false | none |
| » report_template | body | object | true* | Template for the report |
| »» href | body | string(uri) | true* | Report Template URI |
| » name | body | string | true* | Name of the report schedule |
| » send_by_email | body | boolean | false | Flag for whether to send user report by email |
| » report_generation_frequency | body | string | true* | Report generation frequency |
| » scheduled_at | body | string(date-time) | false | Timestamp in UTC for report generation |
| » report_parameters | body | object | true* | Any specific parameters required for this report template |
| »» anonymous | body | report_templates_get/properties/report_parameters/anyOf/0 | false | Report parameters for executive summary report |
| »»» report_time_range | body | object | true* | Time range the report is built across |
| »»»» anonymous | body | object | false | none |
| »»»»» start_date | body | string(date-time) | true* | Start date for the range |
| »»»»» end_date | body | string(date-time) | true* | End date for the range |
| »»»» anonymous | body | object | false | none |
| »»»»» last_num_days | body | integer | true* | Last x number of days the report is built across |
| »»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/1 | false | Report parameters for traffic flow query report |
| »»»»» report_time_range | body | object | true* | Time range the report is built across |
| »»»»»» anonymous | body | object | false | none |
| »»»»»» anonymous | body | object | false | none |
| »»»»» app_groups | body | [array] | true* | App Group Schema for reports |
| »»»»»» label | body | object | true* | none |
| »»»»»»» href | body | string | true* | Label URI |
| »»»»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/2 | false | Report parameters for explorer report |
| »»»»»»» report_time_range | body | object | true* | none |
| »»»»»»» filters | body | object | true* | none |
| »»»»»»»» query_name | body | string | true* | Query Name |
| »»»»»»»» start_date | body | string(date) | false | Starting date for query |
| »»»»»»»» end_date | body | string(date) | false | Ending date for query |
| »»»»»»»» sources_destinations_query_op | body | string | false | Query logical operator between sources and destinations |
| »»»»»»»» sources | body | object | true* | Source labels, workloads, IP addresses to include or exclude |
| »»»»»»»»» include | body | [array] | true* | List of included sources or targets |
| »»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»» label | body | object | true* | none |
| »»»»»»»»»»»» href | body | string | true* | Label URI |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»»» label_group | body | object | true* | none |
| »»»»»»»»»»»»» href | body | string | true* | Label group URI |
| »»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»»»» workload | body | object | true* | none |
| »»»»»»»»»»»»»» href | body | string | true* | Workload URI |
| »»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»»»»» ip_address | body | string | true* | IP address value |
| »»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»»»»» ip_list | body | object | true* | none |
| »»»»»»»»»»»»»»» href | body | string | true* | IP List draft URI |
| »»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/5 | false | Explorer filter for all managed services (workloads, virtual_services etc) |
| »»»»»»»»»»»»»»» actors | body | string | false | All managed workloads ('ams') |
| »»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»»»»»» cloud_resource | body | object | true* | none |
| »»»»»»»»»»»»»»»» resource_uuid | body | string | true* | UUID of cloud resource |
| »»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»»»»»»»» data_center | body | object | true* | none |
| »»»»»»»»»»»»»»»»» type | body | string | true* | Type of the datacenter, such as core/cloud/aws/azure/gcp |
| »»»»»»»»»»»»»»»» exclude | body | [anyOf] | true* | List of excluded sources or targets |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»»»»»»»» destinations | body | object | true* | Target labels, workloads, IP addresses, domain names, transmission to include or exclude |
| »»»»»»»»»»»»»»»»» include | body | [array] | true* | List of included sources or targets |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/destinations/properties/include/items/items/oneOf/4 | false | An DNS parameter for a traffic query |
| »»»»»»»»»»»»»»»»»»» fqdn | body | string | true* | parameter for querying the matched fqdn |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/5 | false | Explorer filter for all managed services (workloads, virtual_services etc) |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»»»»»»»»» exclude | body | [anyOf] | true* | List of excluded sources or targets |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/destinations/properties/include/items/items/oneOf/4 | false | An DNS parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | object | false | Parameter representing broadcast/multiccast |
| »»»»»»»»»»»»»»»»»»» transmission | body | string | true* | transmission type |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»»»»»»»»» data_sources | body | object | false | Data sources of the flows to include or exclude |
| »»»»»»»»»»»»»»»»»» include | body | [string] | false | List of included services |
| »»»»»»»»»»»»»»»»»» exclude | body | [string] | false | List of excluded data sources |
| »»»»»»»»»»»»»»»»» services | body | object | true* | Services (5-tuple of port/to_port/proto/process/service) to include or exclude |
| »»»»»»»»»»»»»»»»»» include | body | [object] | true* | List of included services (5-tuple of port/to_port/proto/process/service) |
| »»»»»»»»»»»»»»»»»»» port | body | integer | false | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»»»»»»»»»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»»»»»»»»»»»»»»»» proto | body | integer | false | protocol number |
| »»»»»»»»»»»»»»»»»»» process_name | body | string | false | Process Name |
| »»»»»»»»»»»»»»»»»»» windows_service_name | body | string | false | Windows Service Name |
| »»»»»»»»»»»»»»»»»» exclude | body | [object] | true* | List of excluded services (5-tuple of port/to_port/proto/process/service) |
| »»»»»»»»»»»»»»»»»»» port | body | integer | false | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»»»»»»»»»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»»»»»»»»»»»»»»»» proto | body | integer | false | protocol number |
| »»»»»»»»»»»»»»»»»»» process_name | body | string | false | Process Name |
| »»»»»»»»»»»»»»»»»»» windows_service_name | body | string | false | Windows Service Name |
| »»»»»»»»»»»»»»»»»» policy_decisions | body | [string] | true* | List of policy decisions |
| »»»»»»»»»»»»»»»»»» boundary_decisions | body | [string] | false | List of boundary decisions |
| »»»»»»»»»»»»»»»»»» max_results | body | integer | true* | maximum number of flows to return |
| »»»»»»»»»»»»»»»»»» exclude_workloads_from_ip_list_query | body | boolean | false | exclude workload traffic when IP List is provided either in consumer or provider part of traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/3 | false | Report parameters for VES report |
| »»»»»»»»»»»»»»»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/4 | false | Returns the rule hit count stats for all the rules in a ruleset during the specified time-range |
| »»»»»»»»»»»»»»»»»» report_time_range | body | object | true* | Time range the report is built across |
| »»»»»»»»»»»»»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»»»»»»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»»»»»»»»»»» rule_sets | body | [object] | true* | Returns the rule hit count stats for all the rules in a ruleset during the specified time-range |
| »»»»»»»»»»»»»»»»»»» href | body | string | true* | HREF of the ruleset |
| »»»»»»»»»»»»»»»»»» max_results | body | integer | false | maximum number of rules to return in the specified time-range in descending order of rule creation time |
| »»»»»»»»»»»»»»»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/5 | false | Report parameters for ransomware risk report |
| »»»»»»»»»»»»»»»»»» report_time_range | body | object | true* | none |
Enumerated Values
| Parameter | Value |
|---|---|
| » report_generation_frequency | daily |
| » report_generation_frequency | weekly |
| » report_generation_frequency | monthly |
| » report_generation_frequency | quarterly |
| » report_generation_frequency | once |
| »»»»»»»» sources_destinations_query_op | and |
| »»»»»»»» sources_destinations_query_op | or |
| »»»»»»»»»»»»»»» actors | ams |
| »»»»»»»»»»»»»»»»» type | core |
| »»»»»»»»»»»»»»»»» type | cloud |
| »»»»»»»»»»»»»»»»» type | aws |
| »»»»»»»»»»»»»»»»» type | azure |
| »»»»»»»»»»»»»»»»» type | gcp |
| »»»»»»»»»»»»»»»»»»» transmission | broadcast |
| »»»»»»»»»»»»»»»»»»» transmission | multicast |
| »»»»»»»»»»»»»»»»»»» transmission | unicast |
| »»»»»»»»»»»»»»»»»» include | server |
| »»»»»»»»»»»»»»»»»» include | endpoint |
| »»»»»»»»»»»»»»»»»» include | flowlink |
| »»»»»»»»»»»»»»»»»» include | scanner |
| »»»»»»»»»»»»»»»»»» exclude | server |
| »»»»»»»»»»»»»»»»»» exclude | endpoint |
| »»»»»»»»»»»»»»»»»» exclude | flowlink |
| »»»»»»»»»»»»»»»»»» exclude | scanner |
| »»»»»»»»»»»»»»»»»» policy_decisions | allowed |
| »»»»»»»»»»»»»»»»»» policy_decisions | potentially_blocked |
| »»»»»»»»»»»»»»»»»» policy_decisions | blocked |
| »»»»»»»»»»»»»»»»»» policy_decisions | unknown |
| »»»»»»»»»»»»»»»»»» boundary_decisions | blocked |
| »»»»»»»»»»»»»»»»»» boundary_decisions | blocked_by_override_deny |
| »»»»»»»»»»»»»»»»»» boundary_decisions | blocked_non_illumio_rule |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Delete a report schedule by UUID
Example Code
curl -X DELETE /orgs/{org_id}/report_schedules/{report_schedule_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/report_schedules/{report_schedule_id}
Exposure: Public Experimental
Auditable: No
Delete a report schedule by UUID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| report_schedule_id | path | string | true* | UUID of the report schedule |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get a report schedule by UUID
Example Code
curl -X GET /orgs/{org_id}/report_schedules/{report_schedule_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/report_schedules/{report_schedule_id}
Exposure: Public Experimental
Auditable: No
Get a report schedule by UUID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| report_schedule_id | path | string | true* | UUID of the report schedule |
Example Response Body
200 Response
{
"href": "http://example.com",
"report_template": {
"href": "http://example.com",
"name": "string"
},
"name": "string",
"report_generation_frequency": "string",
"scheduled_at": "2025-04-01T00:21:27Z",
"send_by_email": true,
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
},
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "http://example.com"
},
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"href": "http://example.com"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | report_schedules_get |
Update a report schedule by UUID
Example Code
curl -X PUT /orgs/{org_id}/report_schedules/{report_schedule_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/report_schedules/{report_schedule_id}
Auditable: No
Exposure: Public Experimental
Update a report schedule by UUID
Example Request Body
{
"report_template": {
"href": "http://example.com"
},
"name": "string",
"report_format": "pdf",
"report_generation_frequency": "once",
"send_by_email": true,
"scheduled_at": "2025-04-01T00:21:27Z",
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| report_schedule_id | path | string | true* | UUID of the report schedule |
| body | body | report_schedules_put | false | none |
| » report_template | body | object | false | Template for the report |
| »» href | body | string(uri) | true* | Report Template URI |
| » name | body | string | false | Name of the report schedule |
| » report_format | body | string | false | Format in which the report should be generated |
| » report_generation_frequency | body | string | false | Report generation frequency |
| » send_by_email | body | boolean | false | Flag for whether to send user report by email |
| » scheduled_at | body | string(date-time) | false | Time stamp in UTC for report generation |
| » report_parameters | body | object | false | Any specific parameters required for this report template |
| »» anonymous | body | report_templates_get/properties/report_parameters/anyOf/0 | false | Report parameters for executive summary report |
| »»» report_time_range | body | object | true* | Time range the report is built across |
| »»»» anonymous | body | object | false | none |
| »»»»» start_date | body | string(date-time) | true* | Start date for the range |
| »»»»» end_date | body | string(date-time) | true* | End date for the range |
| »»»» anonymous | body | object | false | none |
| »»»»» last_num_days | body | integer | true* | Last x number of days the report is built across |
| »»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/1 | false | Report parameters for traffic flow query report |
| »»»»» report_time_range | body | object | true* | Time range the report is built across |
| »»»»»» anonymous | body | object | false | none |
| »»»»»» anonymous | body | object | false | none |
| »»»»» app_groups | body | [array] | true* | App Group Schema for reports |
| »»»»»» label | body | object | true* | none |
| »»»»»»» href | body | string | true* | Label URI |
| »»»»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/2 | false | Report parameters for explorer report |
| »»»»»»» report_time_range | body | object | true* | none |
| »»»»»»» filters | body | object | true* | none |
| »»»»»»»» query_name | body | string | true* | Query Name |
| »»»»»»»» start_date | body | string(date) | false | Starting date for query |
| »»»»»»»» end_date | body | string(date) | false | Ending date for query |
| »»»»»»»» sources_destinations_query_op | body | string | false | Query logical operator between sources and destinations |
| »»»»»»»» sources | body | object | true* | Source labels, workloads, IP addresses to include or exclude |
| »»»»»»»»» include | body | [array] | true* | List of included sources or targets |
| »»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»» label | body | object | true* | none |
| »»»»»»»»»»»» href | body | string | true* | Label URI |
| »»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»»» label_group | body | object | true* | none |
| »»»»»»»»»»»»» href | body | string | true* | Label group URI |
| »»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»»»» workload | body | object | true* | none |
| »»»»»»»»»»»»»» href | body | string | true* | Workload URI |
| »»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»»»»» ip_address | body | string | true* | IP address value |
| »»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»»»»» ip_list | body | object | true* | none |
| »»»»»»»»»»»»»»» href | body | string | true* | IP List draft URI |
| »»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/5 | false | Explorer filter for all managed services (workloads, virtual_services etc) |
| »»»»»»»»»»»»»»» actors | body | string | false | All managed workloads ('ams') |
| »»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»»»»»» cloud_resource | body | object | true* | none |
| »»»»»»»»»»»»»»»» resource_uuid | body | string | true* | UUID of cloud resource |
| »»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»»»»»»»» data_center | body | object | true* | none |
| »»»»»»»»»»»»»»»»» type | body | string | true* | Type of the datacenter, such as core/cloud/aws/azure/gcp |
| »»»»»»»»»»»»»»»» exclude | body | [anyOf] | true* | List of excluded sources or targets |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»»»»»»»» destinations | body | object | true* | Target labels, workloads, IP addresses, domain names, transmission to include or exclude |
| »»»»»»»»»»»»»»»»» include | body | [array] | true* | List of included sources or targets |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/destinations/properties/include/items/items/oneOf/4 | false | An DNS parameter for a traffic query |
| »»»»»»»»»»»»»»»»»»» fqdn | body | string | true* | parameter for querying the matched fqdn |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/5 | false | Explorer filter for all managed services (workloads, virtual_services etc) |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»»»»»»»»» exclude | body | [anyOf] | true* | List of excluded sources or targets |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | A label parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | A label group parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | A workload parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | An IP address parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/destinations/properties/include/items/items/oneOf/4 | false | An DNS parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | object | false | Parameter representing broadcast/multiccast |
| »»»»»»»»»»»»»»»»»»» transmission | body | string | true* | transmission type |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | An IP List parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | Cloud resource Id parameter for a traffic query |
| »»»»»»»»»»»»»»»»»» anonymous | body | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | Data-center parameter for a traffic query |
| »»»»»»»»»»»»»»»»» data_sources | body | object | false | Data sources of the flows to include or exclude |
| »»»»»»»»»»»»»»»»»» include | body | [string] | false | List of included services |
| »»»»»»»»»»»»»»»»»» exclude | body | [string] | false | List of excluded data sources |
| »»»»»»»»»»»»»»»»» services | body | object | true* | Services (5-tuple of port/to_port/proto/process/service) to include or exclude |
| »»»»»»»»»»»»»»»»»» include | body | [object] | true* | List of included services (5-tuple of port/to_port/proto/process/service) |
| »»»»»»»»»»»»»»»»»»» port | body | integer | false | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»»»»»»»»»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»»»»»»»»»»»»»»»» proto | body | integer | false | protocol number |
| »»»»»»»»»»»»»»»»»»» process_name | body | string | false | Process Name |
| »»»»»»»»»»»»»»»»»»» windows_service_name | body | string | false | Windows Service Name |
| »»»»»»»»»»»»»»»»»» exclude | body | [object] | true* | List of excluded services (5-tuple of port/to_port/proto/process/service) |
| »»»»»»»»»»»»»»»»»»» port | body | integer | false | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»»»»»»»»»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»»»»»»»»»»»»»»»» proto | body | integer | false | protocol number |
| »»»»»»»»»»»»»»»»»»» process_name | body | string | false | Process Name |
| »»»»»»»»»»»»»»»»»»» windows_service_name | body | string | false | Windows Service Name |
| »»»»»»»»»»»»»»»»»» policy_decisions | body | [string] | true* | List of policy decisions |
| »»»»»»»»»»»»»»»»»» boundary_decisions | body | [string] | false | List of boundary decisions |
| »»»»»»»»»»»»»»»»»» max_results | body | integer | true* | maximum number of flows to return |
| »»»»»»»»»»»»»»»»»» exclude_workloads_from_ip_list_query | body | boolean | false | exclude workload traffic when IP List is provided either in consumer or provider part of traffic query |
| »»»»»»»»»»»»»»»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/3 | false | Report parameters for VES report |
| »»»»»»»»»»»»»»»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/4 | false | Returns the rule hit count stats for all the rules in a ruleset during the specified time-range |
| »»»»»»»»»»»»»»»»»» report_time_range | body | object | true* | Time range the report is built across |
| »»»»»»»»»»»»»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»»»»»»»»»»»» anonymous | body | object | false | none |
| »»»»»»»»»»»»»»»»»» rule_sets | body | [object] | true* | Returns the rule hit count stats for all the rules in a ruleset during the specified time-range |
| »»»»»»»»»»»»»»»»»»» href | body | string | true* | HREF of the ruleset |
| »»»»»»»»»»»»»»»»»» max_results | body | integer | false | maximum number of rules to return in the specified time-range in descending order of rule creation time |
| »»»»»»»»»»»»»»»»» anonymous | body | report_templates_get/properties/report_parameters/anyOf/5 | false | Report parameters for ransomware risk report |
| »»»»»»»»»»»»»»»»»» report_time_range | body | object | true* | none |
Enumerated Values
| Parameter | Value |
|---|---|
| » report_format | |
| » report_format | json |
| » report_generation_frequency | once |
| » report_generation_frequency | daily |
| » report_generation_frequency | weekly |
| » report_generation_frequency | monthly |
| » report_generation_frequency | quarterly |
| »»»»»»»» sources_destinations_query_op | and |
| »»»»»»»» sources_destinations_query_op | or |
| »»»»»»»»»»»»»»» actors | ams |
| »»»»»»»»»»»»»»»»» type | core |
| »»»»»»»»»»»»»»»»» type | cloud |
| »»»»»»»»»»»»»»»»» type | aws |
| »»»»»»»»»»»»»»»»» type | azure |
| »»»»»»»»»»»»»»»»» type | gcp |
| »»»»»»»»»»»»»»»»»»» transmission | broadcast |
| »»»»»»»»»»»»»»»»»»» transmission | multicast |
| »»»»»»»»»»»»»»»»»»» transmission | unicast |
| »»»»»»»»»»»»»»»»»» include | server |
| »»»»»»»»»»»»»»»»»» include | endpoint |
| »»»»»»»»»»»»»»»»»» include | flowlink |
| »»»»»»»»»»»»»»»»»» include | scanner |
| »»»»»»»»»»»»»»»»»» exclude | server |
| »»»»»»»»»»»»»»»»»» exclude | endpoint |
| »»»»»»»»»»»»»»»»»» exclude | flowlink |
| »»»»»»»»»»»»»»»»»» exclude | scanner |
| »»»»»»»»»»»»»»»»»» policy_decisions | allowed |
| »»»»»»»»»»»»»»»»»» policy_decisions | potentially_blocked |
| »»»»»»»»»»»»»»»»»» policy_decisions | blocked |
| »»»»»»»»»»»»»»»»»» policy_decisions | unknown |
| »»»»»»»»»»»»»»»»»» boundary_decisions | blocked |
| »»»»»»»»»»»»»»»»»» boundary_decisions | blocked_by_override_deny |
| »»»»»»»»»»»»»»»»»» boundary_decisions | blocked_non_illumio_rule |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Report Settings
Get report settings for an org
Example Code
curl -X GET /orgs/{org_id}/settings/reports \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/settings/reports
Exposure: Public Experimental
Auditable: No
Get report settings for an org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
{
"href": "http://example.com",
"max_queued_reports": 0,
"report_retention_days": 1
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | settings_reports_get |
Update report settings for an org
Example Code
curl -X PUT /orgs/{org_id}/settings/reports \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/settings/reports
Auditable: Yes
Exposure: Public Experimental
Update report settings for an org
Example Request Body
{
"max_queued_reports": 1,
"report_retention_days": 1
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | settings_reports_put | false | none |
| » max_queued_reports | body | integer | false | maximum number of queued reports at anytime per org |
| » report_retention_days | body | integer | false | Number of days a report would be retained for |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Report Templates
Get report templates for this user and org
Example Code
curl -X GET /orgs/{org_id}/report_templates \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/report_templates
Exposure: Public Experimental
Auditable: No
Fetches collection of all available report templates for this user and org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
{
"href": "http://example.com",
"name": "string",
"enabled": true,
"show_in_ui": true,
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | report_templates_get |
Get a report template by template type
Example Code
curl -X GET /orgs/{org_id}/report_templates/{template_type} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/report_templates/{template_type}
Exposure: Public Experimental
Auditable: No
Get a report template by template type
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| template_type | path | string | true* | Template type of the report |
Example Response Body
200 Response
{
"href": "http://example.com",
"name": "string",
"enabled": true,
"show_in_ui": true,
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | report_templates_get |
Update report template for an org by template type
Example Code
curl -X PUT /orgs/{org_id}/report_templates/{template_type} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/report_templates/{template_type}
Auditable: Yes
Exposure: Public Experimental
Update report template for an org by template type
Example Request Body
{
"enabled": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| template_type | path | string | true* | Template type of the report |
| body | body | report_templates_put | false | none |
| » enabled | body | boolean | false | Determines whether this report template is enabled for this org |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Roles
Get the roles in the org
Example Code
curl -X GET /orgs/{org_id}/roles \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/roles
Exposure: Public Experimental
Auditable: No
Get the roles in the org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
Example Response Body
200 Response
[
{
"href": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | orgs_roles_get |
Get information for this role name
Example Code
curl -X GET /orgs/{org_id}/roles/{role_name} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/roles/{role_name}
Exposure: Public Experimental
Auditable: No
Get information for this role name
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| role_name | path | string | true* | Role Name |
Example Response Body
200 Response
[
{
"href": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | orgs_roles_get |
Root Level Methods
Get Supercluster Leader
Example Code
curl -X GET /supercluster/leader
GET /api/v2/supercluster/leader
Authorization: Anyone
Exposure: Public Experimental
Auditable: No
Determine if node is supercluster leader
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | None |
Get Available Node
Example Code
curl -X GET /node_available
GET /api/v2/node_available
Authorization: Anyone
Exposure: Public Stable
Auditable: No
Get node health status
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | None |
Get Illumio Core Version
Example Code
curl -X GET /product_version \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/product_version
Exposure: Public Stable
Auditable: No
Product Version Details
Example Response Body
200 Response
{
"product_version": {
"version": "string",
"build": 0,
"release_info": "string",
"engineering_info": "string",
"long_display": "string",
"short_display": "string",
"product_name": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | users_login_get/properties/product_version |
Get No Op
Example Code
curl -X GET /noop \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/noop
Exposure: Public Stable
Auditable: No
Noop API. Useful for things like resetting the session expiration timer, session validation and API key validation
Example Response Body
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | noop_get |
Rulesets and Rules
Get Rulesets
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/rule_sets \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/rule_sets
Exposure: Public Stable
Auditable: No
Get the collection of Rule Sets
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| description | query | string | false | Description of Rule Set(s) to return. Supports partial matches |
| external_data_reference | query | string | false | A unique identifier within the external data source |
| external_data_set | query | string | false | The data source from which a resource originates |
| labels | query | string | false | List of lists of label URIs, encoded as a JSON string |
| max_results | query | integer | false | Maximum number of Rule Sets to return. |
| name | query | string | false | Name of Rule Set(s) to return. Supports partial matches |
Example Response Body
200 Response
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string",
"description": null,
"external_data_set": null,
"external_data_reference": null,
"enabled": true,
"scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"rules": [
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"enabled": true,
"description": null,
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string",
"name": null
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string",
"name": null,
"hostname": null,
"deleted": null
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
],
"unscoped_consumers": true,
"update_type": "create",
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
],
"ip_tables_rules": [
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"enabled": true,
"description": null,
"statements": [
{
"table_name": "nat",
"chain_name": "PREROUTING",
"parameters": "string"
}
],
"actors": [
{
"actors": "string",
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"ip_version": "4"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_rule_sets_get |
Get a Ruleset
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}
Exposure: Public Stable
Auditable: No
Get Rule Set by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| rule_set_id | path | integer | true* | Rule Set ID |
Example Response Body
200 Response
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string",
"description": null,
"external_data_set": null,
"external_data_reference": null,
"enabled": true,
"scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"rules": [
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"enabled": true,
"description": null,
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string",
"name": null
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string",
"name": null,
"hostname": null,
"deleted": null
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
],
"unscoped_consumers": true,
"update_type": "create",
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
],
"ip_tables_rules": [
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"enabled": true,
"description": null,
"statements": [
{
"table_name": "nat",
"chain_name": "PREROUTING",
"parameters": "string"
}
],
"actors": [
{
"actors": "string",
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"ip_version": "4"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_rule_sets_get |
Create a new Ruleset
Example Code
curl -X POST /orgs/{org_id}/sec_policy/{pversion}/rule_sets \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/sec_policy/{pversion}/rule_sets
Auditable: Yes
Exposure: Public Stable
Create a new rule set.
Example Request Body
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"enabled": true,
"scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"rules": [
{
"enabled": true,
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string"
}
],
"unscoped_consumers": true,
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
],
"ip_tables_rules": [
{
"enabled": true,
"description": "string",
"statements": [
{
"table_name": "nat",
"chain_name": "PREROUTING",
"parameters": "string"
}
],
"actors": [
{
"actors": "string",
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"ip_version": "4"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| body | body | sec_policy_rule_sets_post | false | none |
| » name | body | string | true* | Name (must be unique) |
| » description | body | string | false | Description |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
| » enabled | body | boolean | false | Enabled flag |
| » scopes | body | [sec_policy_firewall_settings_put/properties/blocked_connection_reject_scopes/items] | true* | Rule set scopes |
| »» exclusion | body | boolean | false | Boolean to specify whether or not the scope is an exclusion |
| »» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»» href | body | string | true* | none |
| »» label_group | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| » rules | body | [object] | false | Array of sec rules (access rules) in this rule set |
| »» enabled | body | boolean | true* | Enabled flag |
| »» description | body | string | false | Description |
| »» external_data_set | body | string,null | false | External data set identifier |
| »» external_data_reference | body | string,null | false | External data reference identifier |
| »» ingress_services | body | [oneOf] | true* | Array of service URI and port/protocol combinations |
| »»» anonymous | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»» anonymous | body | object | false | none |
| »»»» port | body | integer | false | Port number, or the starting port of a range. If unspecified, this will apply to all ports for the given protocol. |
| »»»» to_port | body | integer | false | Upper end of port range; this field should not be included if specifying an individual port. |
| »»»» proto | body | integer | true* | Transport protocol (numeric) |
| »»» anonymous | body | object | false | none |
| »»»» name | body | string | true* | Name (does not need to be unique) |
| »»»» description | body | string | false | Description |
| »»»» service_ports | body | [object] | false | Service ports |
| »»»»» port | body | integer | false | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»» proto | body | integer | true* | Transport protocol |
| »»»»» icmp_type | body | integer,null | false | ICMP Type (integer 0-255 for icmp protocol) |
| »»»»» icmp_code | body | integer,null | false | ICMP Code (integer 0-15 for icmp protocol) |
| »»»» windows_services | body | [sec_policy_services_get/properties/windows_services/items] | false | Windows services |
| »»»»» service_name | body | string,null | false | Name of Windows Service |
| »»»»» process_name | body | string,null | false | Name of running process |
| »»»»» port | body | integer | false | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»» proto | body | integer,null | false | Transport protocol |
| »»»»» icmp_type | body | integer | false | ICMP Type (integer 0-255 for icmp protocol) |
| »»»»» icmp_code | body | integer | false | ICMP Code (integer 0-15 for icmp protocol) |
| »»»» external_data_set | body | string | true* | External data set identifier |
| »»»» external_data_reference | body | string | true* | External data reference identifier |
| »»» resolve_labels_as | body | sec_policy_rule_sets_put/properties/rules/items/properties/resolve_labels_as | true* | none |
| »»»» providers | body | [string] | true* | none |
| »»»» consumers | body | [string] | true* | none |
| »»» sec_connect | body | boolean | false | Whether a secure connection is established |
| »»» stateless | body | boolean | false | Whether packet filtering is stateless for the rule |
| »»» machine_auth | body | boolean | false | Whether machine authentication is enabled |
| »»» providers | body | [object] | true* | Providers |
| »»»» actors | body | string | false | Rule actors are all workloads ('ams') |
| »»»» label_dimension | body | string | false | Rule actors that are all workloads with a specific label dimension |
| »»»» exclusion | body | boolean | false | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| »»»» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»» label_group | body | object | false | none |
| »»»»» href | body | string | true* | Label group URI |
| »»»» workload | body | object | false | none |
| »»»»» href | body | string | true* | Workload URI |
| »»»» virtual_service | body | object | false | none |
| »»»»» href | body | string | true* | Virtual service URI |
| »»»» virtual_server | body | object | false | none |
| »»»»» href | body | string | true* | Virtual server URI |
| »»»» ip_list | body | object | false | URI of associated IP List |
| »»»»» href | body | string | true* | IP List URI |
| »»»» consumers | body | [object] | true* | Consumers |
| »»»»» actors | body | string | false | Rule actors are all workloads or container host |
| »»»»» label_dimension | body | string | false | Rule actors that are all workloads with a specific label dimension |
| »»»»» exclusion | body | boolean | false | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| »»»»» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»»» label_group | body | object | false | none |
| »»»»»» href | body | string | true* | Label group URI |
| »»»»» workload | body | object | false | none |
| »»»»»» href | body | string | true* | Workload URI |
| »»»»» virtual_service | body | object | false | none |
| »»»»»» href | body | string | true* | Virtual service URI |
| »»»»» ip_list | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»» consuming_security_principals | body | [object] | false | Hrefs of consuming security principals |
| »»»»» href | body | string | true* | URI of security principal |
| »»»» unscoped_consumers | body | boolean | false | Set the scope for rule consumers to All |
| »»»» network_type | body | sec_policy_rule_sets_put/properties/rules/items/properties/network_type | false | Network types that this rule should apply to. |
| »»»» use_workload_subnets | body | [string] | false | Whether to use workload subnets instead of IP addresses for the providers/consumers |
| »»» ip_tables_rules | body | [object] | false | Array of custom iptables rules in this rule set |
| »»»» enabled | body | boolean | true* | Enabled flag |
| »»»» description | body | string | false | Description |
| »»»» statements | body | [sec_policy_rule_sets_put/properties/ip_tables_rules/items/properties/statements/items] | true* | list of the iptables statements in this rule |
| »»»»» table_name | body | string | true* | name of the iptables table for this rule |
| »»»»» chain_name | body | string | true* | name of the iptables chain for this rule |
| »»»»» parameters | body | string | true* | the remainder of the iptables rules (excluding table/chain) |
| »»»» actors | body | [object] | true* | none |
| »»»»» actors | body | string | false | Rule Actors are all workloads ('ams') |
| »»»»» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»»» label_group | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»»» workload | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»» ip_version | body | string | true* | IP version for the rules to be applied to |
Enumerated Values
| Parameter | Value |
|---|---|
| »»»» proto | 6 |
| »»»» proto | 17 |
| »»»» providers | workloads |
| »»»» providers | virtual_services |
| »»»» consumers | workloads |
| »»»» consumers | virtual_services |
| »»»» actors | ams |
| »»»» label_dimension | app |
| »»»»» actors | ams |
| »»»»» actors | container_host |
| »»»»» label_dimension | app |
| »»»» network_type | brn |
| »»»» network_type | non_brn |
| »»»» network_type | all |
| »»»» use_workload_subnets | providers |
| »»»» use_workload_subnets | consumers |
| »»»»» table_name | nat |
| »»»»» table_name | mangle |
| »»»»» table_name | filter |
| »»»»» chain_name | PREROUTING |
| »»»»» chain_name | INPUT |
| »»»»» chain_name | OUTPUT |
| »»»»» chain_name | FORWARD |
| »»»»» chain_name | POSTROUTING |
| »»»» ip_version | 4 |
| »»»» ip_version | 6 |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update a Ruleset
Example Code
curl -X PUT /orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}
Auditable: Yes
Exposure: Public Stable
Modify Rule Set
Example Request Body
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"enabled": true,
"update_type": "create",
"scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"rules": [
{}
],
"ip_tables_rules": [
{}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| rule_set_id | path | integer | true* | Rule Set ID |
| body | body | sec_policy_rule_sets_put | false | none |
| » name | body | string | false | Name (must be unique) |
| » description | body | string | false | Description |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
| » enabled | body | boolean | false | Enabled flag |
| » update_type | body | string | false | Type of update |
| » scopes | body | [sec_policy_firewall_settings_put/properties/blocked_connection_reject_scopes/items] | false | Rule set scopes |
| »» exclusion | body | boolean | false | Boolean to specify whether or not the scope is an exclusion |
| »» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»» href | body | string | true* | none |
| »» label_group | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| » rules | body | [anyOf] | false | Array of rules in this rule set |
| »» href | body | string | false | URI of Rule |
| »» enabled | body | boolean | false | Enabled flag |
| »» description | body | string | false | Description |
| »» external_data_set | body | string,null | false | External data set identifier |
| »» external_data_reference | body | string | false | External data reference identifier |
| »» ingress_services | body | [oneOf] | false | Array of service URI and port/protocol combinations |
| »»» anonymous | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»» anonymous | body | object | false | none |
| »»»» port | body | integer | false | Port number, or the starting port of a range. If unspecified, this will apply to all ports for the given protocol. |
| »»»» to_port | body | integer | false | Upper end of port range; this field should not be included if specifying an individual port. |
| »»»» proto | body | integer | true* | Transport protocol (numeric) |
| »»» anonymous | body | object | false | none |
| »»»» name | body | string | true* | Name (does not need to be unique) |
| »»»» description | body | string | false | Description |
| »»»» service_ports | body | [object] | false | Service ports |
| »»»»» port | body | integer | false | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»» proto | body | integer | true* | Transport protocol |
| »»»»» icmp_type | body | integer,null | false | ICMP Type (integer 0-255 for icmp protocol) |
| »»»»» icmp_code | body | integer,null | false | ICMP Code (integer 0-15 for icmp protocol) |
| »»»» windows_services | body | [sec_policy_services_get/properties/windows_services/items] | false | Windows services |
| »»»»» service_name | body | string,null | false | Name of Windows Service |
| »»»»» process_name | body | string,null | false | Name of running process |
| »»»»» port | body | integer | false | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »»»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»» proto | body | integer,null | false | Transport protocol |
| »»»»» icmp_type | body | integer | false | ICMP Type (integer 0-255 for icmp protocol) |
| »»»»» icmp_code | body | integer | false | ICMP Code (integer 0-15 for icmp protocol) |
| »»»» external_data_set | body | string | true* | External data set identifier |
| »»»» external_data_reference | body | string | true* | External data reference identifier |
| »»» resolve_labels_as | body | sec_policy_rule_sets_put/properties/rules/items/properties/resolve_labels_as | false | none |
| »»»» providers | body | [string] | true* | none |
| »»»» consumers | body | [string] | true* | none |
| »»» sec_connect | body | boolean | false | Whether a secure connection is established |
| »»» stateless | body | boolean | false | Whether packet filtering is stateless for the rule |
| »»» machine_auth | body | boolean | false | Whether machine authentication is enabled |
| »»» providers | body | [object] | false | Providers |
| »»»» actors | body | string | false | Rule actors are all workloads ('ams') |
| »»»» label_dimension | body | string | false | Rule actors that are all workloads with a specific label dimension |
| »»»» exclusion | body | boolean | false | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| »»»» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»» label_group | body | object | false | none |
| »»»»» href | body | string | true* | Label group URI |
| »»»» workload | body | object | false | none |
| »»»»» href | body | string | true* | Workload URI |
| »»»» virtual_service | body | object | false | none |
| »»»»» href | body | string | true* | Virtual service URI |
| »»»» virtual_server | body | object | false | none |
| »»»»» href | body | string | true* | Virtual server URI |
| »»»» ip_list | body | object | false | URI of associated IP List |
| »»»»» href | body | string | true* | IP List URI |
| »»»» consumers | body | [object] | false | Consumers |
| »»»»» actors | body | string | false | Rule actors are all workloads or container host |
| »»»»» label_dimension | body | string | false | Rule actors that are all workloads with a specific label dimension |
| »»»»» exclusion | body | boolean | false | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| »»»»» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»»» label_group | body | object | false | none |
| »»»»»» href | body | string | true* | Label group URI |
| »»»»» workload | body | object | false | none |
| »»»»»» href | body | string | true* | Workload URI |
| »»»»» virtual_service | body | object | false | none |
| »»»»»» href | body | string | true* | Virtual service URI |
| »»»»» ip_list | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»» consuming_security_principals | body | [object] | false | Hrefs of consuming security principals |
| »»»»» href | body | string | true* | URI of security principal |
| »»»» update_type | body | string | false | Type of update |
| »»»» unscoped_consumers | body | boolean | false | Set the scope for rule consumers to All |
| »»»» network_type | body | sec_policy_rule_sets_put/properties/rules/items/properties/network_type | false | Network types that this rule should apply to. |
| »»»» use_workload_subnets | body | [string] | false | Whether to use workload subnets instead of IP addresses for the providers/consumers |
| »»»» anonymous | body | object | false | none |
| »»»» anonymous | body | object | false | none |
| »»» ip_tables_rules | body | [anyOf] | false | Array of iptables rules in this ruleset |
| »»»» href | body | string | false | URI of Rule |
| »»»» enabled | body | boolean | false | Enabled flag |
| »»»» description | body | string | false | Description |
| »»»» statements | body | [sec_policy_rule_sets_put/properties/ip_tables_rules/items/properties/statements/items] | false | list of the iptables statements in this rule |
| »»»»» table_name | body | string | true* | name of the iptables table for this rule |
| »»»»» chain_name | body | string | true* | name of the iptables chain for this rule |
| »»»»» parameters | body | string | true* | the remainder of the iptables rules (excluding table/chain) |
| »»»» actors | body | [object] | false | none |
| »»»»» actors | body | string | false | Rule Actors are all workloads ('ams') |
| »»»»» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»»» label_group | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»»» workload | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»» ip_version | body | string | false | IP version for the rules to be applied to |
| »»»» update_type | body | string | false | Type of update |
| »»»» anonymous | body | object | false | none |
| »»»» anonymous | body | object | false | none |
Enumerated Values
| Parameter | Value |
|---|---|
| » update_type | create |
| » update_type | update |
| » update_type | delete |
| »»»» proto | 6 |
| »»»» proto | 17 |
| »»»» providers | workloads |
| »»»» providers | virtual_services |
| »»»» consumers | workloads |
| »»»» consumers | virtual_services |
| »»»» actors | ams |
| »»»» label_dimension | app |
| »»»»» actors | ams |
| »»»»» actors | container_host |
| »»»»» label_dimension | app |
| »»»» update_type | create |
| »»»» update_type | update |
| »»»» update_type | delete |
| »»»» network_type | brn |
| »»»» network_type | non_brn |
| »»»» network_type | all |
| »»»» use_workload_subnets | providers |
| »»»» use_workload_subnets | consumers |
| »»»»» table_name | nat |
| »»»»» table_name | mangle |
| »»»»» table_name | filter |
| »»»»» chain_name | PREROUTING |
| »»»»» chain_name | INPUT |
| »»»»» chain_name | OUTPUT |
| »»»»» chain_name | FORWARD |
| »»»»» chain_name | POSTROUTING |
| »»»» ip_version | 4 |
| »»»» ip_version | 6 |
| »»»» update_type | create |
| »»»» update_type | update |
| »»»» update_type | delete |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Ruleset
Example Code
curl -X DELETE /orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}
Exposure: Public Stable
Auditable: Yes
Delete Rule Set
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| rule_set_id | path | integer | true* | Rule Set ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get Security Rules
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}/sec_rules \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}/sec_rules
Exposure: Public Stable
Auditable: No
Get the collection of rules
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| rule_set_id | path | integer | true* | Rule Set ID |
| external_data_reference | query | string | false | A unique identifier within the external data source |
| external_data_set | query | string | false | The data source from which a resource originates |
Example Response Body
200 Response
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"enabled": true,
"description": null,
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string",
"name": null
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string",
"name": null,
"hostname": null,
"deleted": null
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
],
"unscoped_consumers": true,
"update_type": "create",
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_rule_sets_sec_rules_get |
Get a Security Rule
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}/sec_rules/{sec_rule_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}/sec_rules/{sec_rule_id}
Exposure: Public Stable
Auditable: No
Get Rule by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| rule_set_id | path | integer | true* | Rule Set ID |
| sec_rule_id | path | integer | true* | Rule ID |
Example Response Body
200 Response
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"enabled": true,
"description": null,
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string",
"name": null
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string",
"name": null,
"hostname": null,
"deleted": null
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
],
"unscoped_consumers": true,
"update_type": "create",
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_rule_sets_sec_rules_get |
Create a Security Rule
Example Code
curl -X POST /orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}/sec_rules \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}/sec_rules
Auditable: Yes
Exposure: Public Stable
Create new rule
Example Request Body
{
"enabled": true,
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string"
}
],
"unscoped_consumers": true,
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| rule_set_id | path | integer | true* | Rule Set ID |
| body | body | sec_policy_rule_sets_sec_rules_post | false | none |
| » enabled | body | boolean | true* | Enabled flag |
| » description | body | string | false | Description |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
| » ingress_services | body | [oneOf] | true* | Array of service URI and port/protocol combinations |
| »» anonymous | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»» href | body | string | true* | none |
| »» anonymous | body | object | false | none |
| »»» port | body | integer | false | Port number, or the starting port of a range. If unspecified, this will apply to all ports for the given protocol. |
| »»» to_port | body | integer | false | Upper end of port range; this field should not be included if specifying an individual port. |
| »»» proto | body | integer | true* | Transport protocol (numeric) |
| »» anonymous | body | object | false | none |
| »»» name | body | string | true* | Name (does not need to be unique) |
| »»» description | body | string | false | Description |
| »»» service_ports | body | [object] | false | Service ports |
| »»»» port | body | integer | false | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»» proto | body | integer | true* | Transport protocol |
| »»»» icmp_type | body | integer,null | false | ICMP Type (integer 0-255 for icmp protocol) |
| »»»» icmp_code | body | integer,null | false | ICMP Code (integer 0-15 for icmp protocol) |
| »»» windows_services | body | [sec_policy_services_get/properties/windows_services/items] | false | Windows services |
| »»»» service_name | body | string,null | false | Name of Windows Service |
| »»»» process_name | body | string,null | false | Name of running process |
| »»»» port | body | integer | false | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»» proto | body | integer,null | false | Transport protocol |
| »»»» icmp_type | body | integer | false | ICMP Type (integer 0-255 for icmp protocol) |
| »»»» icmp_code | body | integer | false | ICMP Code (integer 0-15 for icmp protocol) |
| »»» external_data_set | body | string | true* | External data set identifier |
| »»» external_data_reference | body | string | true* | External data reference identifier |
| »» resolve_labels_as | body | sec_policy_rule_sets_put/properties/rules/items/properties/resolve_labels_as | true* | none |
| »»» providers | body | [string] | true* | none |
| »»» consumers | body | [string] | true* | none |
| »» sec_connect | body | boolean | false | Whether a secure connection is established |
| »» stateless | body | boolean | false | Whether packet filtering is stateless for the rule |
| »» machine_auth | body | boolean | false | Whether machine authentication is enabled |
| »» providers | body | [object] | true* | Providers |
| »»» actors | body | string | false | Rule actors are all workloads ('ams') |
| »»» label_dimension | body | string | false | Rule actors that are all workloads with a specific label dimension |
| »»» exclusion | body | boolean | false | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| »»» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»» label_group | body | object | false | none |
| »»»» href | body | string | true* | Label group URI |
| »»» workload | body | object | false | none |
| »»»» href | body | string | true* | Workload URI |
| »»» virtual_service | body | object | false | none |
| »»»» href | body | string | true* | Virtual service URI |
| »»» virtual_server | body | object | false | none |
| »»»» href | body | string | true* | Virtual server URI |
| »»» ip_list | body | object | false | URI of associated IP List |
| »»»» href | body | string | true* | IP List URI |
| »»» consumers | body | [object] | true* | Consumers |
| »»»» actors | body | string | false | Rule actors are all workloads or container host |
| »»»» label_dimension | body | string | false | Rule actors that are all workloads with a specific label dimension |
| »»»» exclusion | body | boolean | false | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| »»»» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»» label_group | body | object | false | none |
| »»»»» href | body | string | true* | Label group URI |
| »»»» workload | body | object | false | none |
| »»»»» href | body | string | true* | Workload URI |
| »»»» virtual_service | body | object | false | none |
| »»»»» href | body | string | true* | Virtual service URI |
| »»»» ip_list | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»» consuming_security_principals | body | [object] | false | Hrefs of consuming security principals |
| »»»» href | body | string | true* | URI of security principal |
| »»» unscoped_consumers | body | boolean | false | Set the scope for rule consumers to All |
| »»» network_type | body | sec_policy_rule_sets_put/properties/rules/items/properties/network_type | false | Network types that this rule should apply to. |
| »»» use_workload_subnets | body | [string] | false | Whether to use workload subnets instead of IP addresses for the providers/consumers |
Enumerated Values
| Parameter | Value |
|---|---|
| »»» proto | 6 |
| »»» proto | 17 |
| »»» providers | workloads |
| »»» providers | virtual_services |
| »»» consumers | workloads |
| »»» consumers | virtual_services |
| »»» actors | ams |
| »»» label_dimension | app |
| »»»» actors | ams |
| »»»» actors | container_host |
| »»»» label_dimension | app |
| »»» network_type | brn |
| »»» network_type | non_brn |
| »»» network_type | all |
| »»» use_workload_subnets | providers |
| »»» use_workload_subnets | consumers |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update a Security Rule
Example Code
curl -X PUT /orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}/sec_rules/{sec_rule_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}/sec_rules/{sec_rule_id}
Auditable: Yes
Exposure: Public Stable
Modify Rule
Example Request Body
{
"enabled": true,
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string"
}
],
"update_type": "create",
"unscoped_consumers": true,
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| rule_set_id | path | integer | true* | Rule Set ID |
| sec_rule_id | path | integer | true* | Rule ID |
| body | body | sec_policy_rule_sets_sec_rules_put | false | none |
| » enabled | body | boolean | false | Enabled flag |
| » description | body | string | false | Description |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
| » ingress_services | body | [oneOf] | false | Array of service URI and port/protocol combinations |
| »» anonymous | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»» href | body | string | true* | none |
| »» anonymous | body | object | false | none |
| »»» port | body | integer | false | Port number, or the starting port of a range. If unspecified, this will apply to all ports for the given protocol. |
| »»» to_port | body | integer | false | Upper end of port range; this field should not be included if specifying an individual port. |
| »»» proto | body | integer | true* | Transport protocol (numeric) |
| »» anonymous | body | object | false | none |
| »»» name | body | string | true* | Name (does not need to be unique) |
| »»» description | body | string | false | Description |
| »»» service_ports | body | [object] | false | Service ports |
| »»»» port | body | integer | false | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»» proto | body | integer | true* | Transport protocol |
| »»»» icmp_type | body | integer,null | false | ICMP Type (integer 0-255 for icmp protocol) |
| »»»» icmp_code | body | integer,null | false | ICMP Code (integer 0-15 for icmp protocol) |
| »»» windows_services | body | [sec_policy_services_get/properties/windows_services/items] | false | Windows services |
| »»»» service_name | body | string,null | false | Name of Windows Service |
| »»»» process_name | body | string,null | false | Name of running process |
| »»»» port | body | integer | false | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »»»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»» proto | body | integer,null | false | Transport protocol |
| »»»» icmp_type | body | integer | false | ICMP Type (integer 0-255 for icmp protocol) |
| »»»» icmp_code | body | integer | false | ICMP Code (integer 0-15 for icmp protocol) |
| »»» external_data_set | body | string | true* | External data set identifier |
| »»» external_data_reference | body | string | true* | External data reference identifier |
| »» resolve_labels_as | body | sec_policy_rule_sets_put/properties/rules/items/properties/resolve_labels_as | false | none |
| »»» providers | body | [string] | true* | none |
| »»» consumers | body | [string] | true* | none |
| »» sec_connect | body | boolean | false | Whether a secure connection is established |
| »» stateless | body | boolean | false | Whether packet filtering is stateless for the rule |
| »» machine_auth | body | boolean | false | Whether machine authentication is enabled |
| »» providers | body | [object] | false | Providers |
| »»» actors | body | string | false | Rule actors are all workloads ('ams') |
| »»» label_dimension | body | string | false | Rule actors that are all workloads with a specific label dimension |
| »»» exclusion | body | boolean | false | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| »»» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»» label_group | body | object | false | none |
| »»»» href | body | string | true* | Label group URI |
| »»» workload | body | object | false | none |
| »»»» href | body | string | true* | Workload URI |
| »»» virtual_service | body | object | false | none |
| »»»» href | body | string | true* | Virtual service URI |
| »»» virtual_server | body | object | false | none |
| »»»» href | body | string | true* | Virtual server URI |
| »»» ip_list | body | object | false | URI of associated IP List |
| »»»» href | body | string | true* | IP List URI |
| »»» consumers | body | [object] | false | Consumers |
| »»»» actors | body | string | false | Rule actors are all workloads or container host |
| »»»» label_dimension | body | string | false | Rule actors that are all workloads with a specific label dimension |
| »»»» exclusion | body | boolean | false | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| »»»» label | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»»» label_group | body | object | false | none |
| »»»»» href | body | string | true* | Label group URI |
| »»»» workload | body | object | false | none |
| »»»»» href | body | string | true* | Workload URI |
| »»»» virtual_service | body | object | false | none |
| »»»»» href | body | string | true* | Virtual service URI |
| »»»» ip_list | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»» consuming_security_principals | body | [object] | false | Hrefs of consuming security principals |
| »»»» href | body | string | true* | URI of security principal |
| »»» update_type | body | string | false | Type of update |
| »»» unscoped_consumers | body | boolean | false | Set the scope for rule consumers to All |
| »»» network_type | body | sec_policy_rule_sets_put/properties/rules/items/properties/network_type | false | Network types that this rule should apply to. |
| »»» use_workload_subnets | body | [string] | false | Whether to use workload subnets instead of IP addresses for the providers/consumers |
Enumerated Values
| Parameter | Value |
|---|---|
| »»» proto | 6 |
| »»» proto | 17 |
| »»» providers | workloads |
| »»» providers | virtual_services |
| »»» consumers | workloads |
| »»» consumers | virtual_services |
| »»» actors | ams |
| »»» label_dimension | app |
| »»»» actors | ams |
| »»»» actors | container_host |
| »»»» label_dimension | app |
| »»» update_type | create |
| »»» update_type | update |
| »»» update_type | delete |
| »»» network_type | brn |
| »»» network_type | non_brn |
| »»» network_type | all |
| »»» use_workload_subnets | providers |
| »»» use_workload_subnets | consumers |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Security Rule
Example Code
curl -X DELETE /orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}/sec_rules/{sec_rule_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/sec_policy/{pversion}/rule_sets/{rule_set_id}/sec_rules/{sec_rule_id}
Exposure: Public Stable
Auditable: Yes
Delete Rule
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| rule_set_id | path | integer | true* | Rule Set ID |
| sec_rule_id | path | integer | true* | Rule ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
SAML Configs
Get all SAML configurations
Example Code
curl -X GET /authentication_settings/saml_configs \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/authentication_settings/saml_configs
Exposure: Public Experimental
Auditable: No
Get all SAML configurations
Example Response Body
200 Response
{
"href": "string",
"cluster_fqdn": "string",
"idp_sso_target_url": "string",
"idp_slo_target_url": "string",
"idp_cert": "string",
"issuer": "string",
"consumer_service_url": "string",
"consumer_logout_url": "string",
"name_identifier_format": "string",
"authn_context": "string",
"force_authn": true,
"sign_authn_request": false,
"pce_signing_cert": "string",
"pce_signing_cert_expires_at": "2025-04-01T00:21:27Z",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"username": "string"
},
"updated_by": {
"username": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | authentication_settings_saml_configs_get |
Get SAML configuration
Example Code
curl -X GET /authentication_settings/saml_configs/{uuid} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/authentication_settings/saml_configs/{uuid}
Exposure: Public Experimental
Auditable: No
Get SAML configuration
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| uuid | path | string | true* | SAMLConfig UUID |
Example Response Body
200 Response
{
"href": "string",
"cluster_fqdn": "string",
"idp_sso_target_url": "string",
"idp_slo_target_url": "string",
"idp_cert": "string",
"issuer": "string",
"consumer_service_url": "string",
"consumer_logout_url": "string",
"name_identifier_format": "string",
"authn_context": "string",
"force_authn": true,
"sign_authn_request": false,
"pce_signing_cert": "string",
"pce_signing_cert_expires_at": "2025-04-01T00:21:27Z",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"username": "string"
},
"updated_by": {
"username": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | authentication_settings_saml_configs_get |
Update SAML configuration
Example Code
curl -X PUT /authentication_settings/saml_configs/{uuid} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/authentication_settings/saml_configs/{uuid}
Auditable: Yes
Exposure: Public Experimental
Update SAML configuration
Example Request Body
{
"idp_sso_target_url": "string",
"idp_slo_target_url": "string",
"idp_cert": "string",
"authn_context": "string",
"force_authn": true,
"sign_authn_request": false
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| uuid | path | string | true* | SAMLConfig UUID |
| body | body | authentication_settings_saml_configs_put | false | none |
| » idp_sso_target_url | body | string | false | The identity provider URL to which the authentication request should be sent |
| »» anonymous | body | string(url) | false | none |
| »» anonymous | body | string | false | none |
| » idp_slo_target_url | body | any | false | The identity provider URL to which the logout request should be sent |
| »» anonymous | body | string(url) | false | none |
| »» anonymous | body | string | false | none |
| » idp_cert | body | string | false | The certificate provided from the identity provider when setting up the relationship |
| » authn_context | body | string | false | The URI of the authentication context class you want the identity provider to use to authenticate user, with possible values being NULL (unspecified) or urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport |
| » force_authn | body | boolean | false | Defines whether or not the identity provider should force re-authentication of the user, even if the user has still a valid session |
| » sign_authn_request | body | boolean | false | Defines whether or not PCE should sign saml authN request to IdP; default is false |
Enumerated Values
| Parameter | Value |
|---|---|
| »» anonymous | |
| »» anonymous |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Generate a new cert for signing SAML authentication requests
Example Code
curl -X POST /authentication_settings/saml_configs/{uuid}/pce_signing_cert \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/authentication_settings/saml_configs/{uuid}/pce_signing_cert
Auditable: Yes
Exposure: Public Experimental
Generate a new cert for signing SAML AuthN requests
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| uuid | path | string | true* | SAMLConfig UUID |
| body | body | authentication_settings_saml_configs_pce_signing_cert_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Security Policies
Get Security Policy Versions
Example Code
curl -X GET /orgs/{org_id}/sec_policy \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy
Exposure: Public Stable
Auditable: No
Get the collection of committed security policies
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
{
"href": "string",
"version": 0,
"workloads_affected": null,
"commit_message": null,
"object_counts": {
"rule_sets": 0,
"ip_lists": 0,
"services": 0,
"virtual_services": 0,
"label_groups": 0,
"virtual_servers": 0,
"firewall_settings": 0,
"secure_connect_gateways": 0,
"enforcement_boundaries": 0
},
"created_at": "string",
"created_by": {
"href": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_get |
Get a Security Policy Version
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}
Exposure: Public Stable
Auditable: No
Get security policy by version
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
Example Response Body
200 Response
{
"href": "string",
"version": 0,
"workloads_affected": null,
"commit_message": null,
"object_counts": {
"rule_sets": 0,
"ip_lists": 0,
"services": 0,
"virtual_services": 0,
"label_groups": 0,
"virtual_servers": 0,
"firewall_settings": 0,
"secure_connect_gateways": 0,
"enforcement_boundaries": 0
},
"created_at": "string",
"created_by": {
"href": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_get |
Get Security Policy Modifications
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/modified_objects \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/modified_objects
Exposure: Public Experimental
Auditable: No
Get the collection of modified objects in the given version of the policy
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
Example Response Body
200 Response
{
"update_type": null,
"object_type": null,
"href": null,
"name": "string",
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"href": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_modified_objects_get |
Get Pending Security Policy
Example Code
curl -X GET /orgs/{org_id}/sec_policy/pending \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/pending
Exposure: Public Experimental
Auditable: No
Get the collection of pending uncommitted security policy objects.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| max_results | query | integer | false | Maximum number of policy objects to return (per type) |
Example Response Body
200 Response
{
"rule_sets": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "string",
"related_ip_lists": [
{
"href": "string"
}
],
"related_services": [
{
"href": "string"
}
]
}
],
"firewall_settings": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"ip_lists": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"services": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"virtual_servers": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"label_groups": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"secure_connect_gateways": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"virtual_services": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"enforcement_boundaries": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_pending_get |
Revert the collection of pending uncommitted security policy objects
Example Code
curl -X DELETE /orgs/{org_id}/sec_policy/pending
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/sec_policy/pending
Exposure: Public Experimental
Auditable: Yes
Revert the collection of pending uncommitted security policy objects.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Revert Pending Security Policy
Example Code
curl -X PUT /orgs/{org_id}/sec_policy/delete \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/sec_policy/delete
Auditable: Yes
Exposure: Public Experimental
Revert the given collection of pending uncommitted security policy objects. The request is rejected if the list does not constitute a dependency closure.
Example Request Body
{
"change_subset": {
"label_groups": [
{
"href": "string"
}
],
"services": [
{
"href": "string"
}
],
"rule_sets": [
{
"href": "string"
}
],
"ip_lists": [
{
"href": "string"
}
],
"virtual_services": [
{
"href": "string"
}
],
"firewall_settings": [
{
"href": "string"
}
],
"secure_connect_gateways": [
{
"href": "string"
}
],
"virtual_servers": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
]
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | sec_policy_delete_put | false | none |
| » change_subset | body | sec_policy_post/properties/change_subset | false | Hash of pending hrefs, organized by model |
| »» label_groups | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »»» href | body | string | true* | none |
| »» services | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» rule_sets | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» ip_lists | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» virtual_services | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» firewall_settings | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» secure_connect_gateways | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» virtual_servers | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» enforcement_boundaries | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get dependency info for a set of objects
Example Code
curl -X POST /orgs/{org_id}/sec_policy/{pversion}/dependencies \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/sec_policy/{pversion}/dependencies
Auditable: No
Exposure: Public Experimental
Get dependency info for a set of objects. The set can consist of any pending or draft (i.e., updated but not yet committed) policy objects.
Example Request Body
{
"operation": "commit",
"change_subset": {
"label_groups": [
{
"href": "string"
}
],
"services": [
{
"href": "string"
}
],
"rule_sets": [
{
"href": "string"
}
],
"ip_lists": [
{
"href": "string"
}
],
"virtual_services": [
{
"href": "string"
}
],
"firewall_settings": [
{
"href": "string"
}
],
"secure_connect_gateways": [
{
"href": "string"
}
],
"virtual_servers": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
]
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| body | body | sec_policy_dependencies_post | false | none |
| » operation | body | string | true* | Commit or revert |
| » change_subset | body | sec_policy_post/properties/change_subset | true* | Hash of pending hrefs, organized by model |
| »» label_groups | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »»» href | body | string | true* | none |
| »» services | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» rule_sets | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» ip_lists | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» virtual_services | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» firewall_settings | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» secure_connect_gateways | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» virtual_servers | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» enforcement_boundaries | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
Enumerated Values
| Parameter | Value |
|---|---|
| » operation | commit |
| » operation | revert |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Provision Security Policy Changes
Example Code
curl -X POST /orgs/{org_id}/sec_policy \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/sec_policy
Auditable: Yes
Exposure: Public Stable
Commit current draft. If a list of entities is supplied explicitly, only the entities in that list would be committed. The request would however be rejected if the list does not constitute a dependency closure.
Example Request Body
{
"update_description": "string",
"change_subset": {
"label_groups": [
{
"href": "string"
}
],
"services": [
{
"href": "string"
}
],
"rule_sets": [
{
"href": "string"
}
],
"ip_lists": [
{
"href": "string"
}
],
"virtual_services": [
{
"href": "string"
}
],
"firewall_settings": [
{
"href": "string"
}
],
"secure_connect_gateways": [
{
"href": "string"
}
],
"virtual_servers": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
]
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | sec_policy_post | false | none |
| » update_description | body | string | false | Optional description for the requested change or update. |
| » change_subset | body | sec_policy_post/properties/change_subset | false | Hash of pending hrefs, organized by model |
| »» label_groups | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »»» href | body | string | true* | none |
| »» services | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» rule_sets | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» ip_lists | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» virtual_services | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» firewall_settings | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» secure_connect_gateways | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» virtual_servers | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
| »» enforcement_boundaries | body | [sec_policy_virtual_servers_get/properties/created_by] | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Restore Previous Security Policy
Example Code
curl -X POST /orgs/{org_id}/sec_policy/{pversion}/restore \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/sec_policy/{pversion}/restore
Auditable: Yes
Exposure: Public Stable
Restore security policy to this version
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| body | body | sec_policy_restore_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Determine which rules allow or block communication
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/policy_check \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/policy_check
Exposure: Public Experimental
Auditable: No
Determine which rules allow or block communication
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| dst_container_workload | query | string | false | The URI of the destination container workload |
| dst_external_ip | query | string | false | The external IP of the destination workload |
| dst_workload | query | string | false | The URI of the destination workload |
| network_type | query | string | false | Type of network to check |
| port | query | integer | false | The specific port number to check |
| protocol | query | integer | false | The specific protocol number to check |
| service | query | string | false | The specific service to check |
| src_container_workload | query | string | false | The URI of the source container workload |
| src_external_ip | query | string | false | The external IP of the source workload |
| src_workload | query | string | false | The URI of the source workload |
Enumerated Values
| Parameter | Value |
|---|---|
| network_type | any |
| network_type | brn |
| network_type | non_brn |
Example Response Body
200 Response
{
"sec_rules": [
{
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"username": "string"
},
"updated_by": {
"username": "string"
},
"deleted_by": null,
"update_type": null,
"update_label": null,
"href": "string",
"enabled": true,
"description": null,
"ingress_services": [
{
"href": "string"
}
],
"egress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string",
"name": null
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string",
"name": null,
"hostname": null,
"deleted": null
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
],
"unscoped_consumers": true,
"use_workload_subnets": [
"providers"
],
"rule_set": {
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"username": "string"
},
"updated_by": {
"username": "string"
},
"deleted_by": null,
"update_type": null,
"update_label": null,
"href": "string",
"name": "string",
"enabled": true,
"external_data_set": null,
"external_data_reference": null,
"scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"caps": [
"write"
]
},
"log_flow": true,
"network_type": "brn"
}
],
"deny_rules": [
{
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": null,
"updated_by": null,
"deleted_by": null,
"update_type": "create",
"href": "string",
"providers": [
{
"actors": "ams",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"ingress_services": [
{
"href": "string"
}
],
"egress_services": [
{
"href": "string"
}
],
"caps": [
"write"
],
"enabled": true,
"description": null,
"network_type": "brn",
"override": false,
"unscoped_consumers": true
}
],
"override_deny_rules": [
{
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": null,
"updated_by": null,
"deleted_by": null,
"update_type": "create",
"href": "string",
"providers": [
{
"actors": "ams",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"ingress_services": [
{
"href": "string"
}
],
"egress_services": [
{
"href": "string"
}
],
"caps": [
"write"
],
"enabled": true,
"description": null,
"network_type": "brn",
"override": false,
"unscoped_consumers": true
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_policy_check_get |
Security Policy Check
Get Rules Allowing Communication
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/allow \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/allow
Exposure: Public Experimental
Auditable: No
Determine which rule(s) allow communication, if any
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| dst_container_workload | query | string | false | The URI of the destination container workload |
| dst_external_ip | query | string | false | The external IP of the destination workload |
| dst_workload | query | string | false | The URI of the destination workload |
| network_type | query | string | false | Type of network to check |
| port | query | integer | false | The specific port number to check |
| protocol | query | integer | false | The specific protocol number to check |
| service | query | string | false | The specific service to check |
| src_container_workload | query | string | false | The URI of the source container workload |
| src_external_ip | query | string | false | The external IP of the source workload |
| src_workload | query | string | false | The URI of the source workload |
Enumerated Values
| Parameter | Value |
|---|---|
| network_type | brn |
| network_type | non_brn |
Example Response Body
200 Response
[
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"enabled": true,
"description": null,
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string",
"name": null
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string",
"name": null,
"hostname": null,
"deleted": null
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
],
"unscoped_consumers": true,
"update_type": "create",
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_allow_get |
Security Principals
Get Security Principals
Example Code
curl -X GET /orgs/{org_id}/security_principals \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/security_principals
Exposure: Public Stable
Auditable: No
Get all security principals for an org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| max_results | query | integer | false | Maximum number of entries to return |
| name | query | string | false | Name of security principal to filter by |
| sid | query | string | false | SID of security principal to filter by |
Example Response Body
200 Response
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | security_principals_get |
Get a Security Principal
Example Code
curl -X GET /orgs/{org_id}/security_principals/{sid} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/security_principals/{sid}
Exposure: Public Stable
Auditable: No
Get the info for one SID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| sid | path | string | true* | Security principal SID |
Example Response Body
200 Response
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | security_principals_get |
Create a Security Principal
Example Code
curl -X POST /orgs/{org_id}/security_principals \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/security_principals
Auditable: Yes
Exposure: Public Stable
Create a new security principal for an org
Example Request Body
{
"sid": "string",
"name": "string",
"description": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | security_principals_post | false | none |
| » sid | body | string | true* | Active Directory SID |
| » name | body | string | true* | Name of the security principal |
| » description | body | string | false | A longer description of the security principal |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Bulk Create Security Principals
Example Code
curl -X PUT /orgs/{org_id}/security_principals/bulk_create \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/security_principals/bulk_create
Auditable: Yes
Exposure: Public Stable
Bulk create security principals for an org
Example Request Body
[
{
"sid": "string",
"name": "string",
"description": "string"
}
]
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | security_principals_bulk_create_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Update a Security Principal
Example Code
curl -X PUT /orgs/{org_id}/security_principals/{sid} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/security_principals/{sid}
Auditable: Yes
Exposure: Public Stable
Modify the security principal for one SID
Example Request Body
{
"name": "string",
"description": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| sid | path | string | true* | Security principal SID |
| body | body | security_principals_put | false | none |
| » name | body | string | false | Name of the security principal |
| » description | body | string | false | A longer description of the security principal |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Security Principal
Example Code
curl -X DELETE /orgs/{org_id}/security_principals/{sid}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/security_principals/{sid}
Exposure: Public Stable
Auditable: Yes
Delete a specific security principal
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| sid | path | string | true* | Security principal SID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Selective Enforcement Rules
Server Load Balancers
Get a List of Server Load Balancers
Example Code
curl -X GET /orgs/{org_id}/slbs \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/slbs
Exposure: Public Experimental
Auditable: No
Get the server load balancers
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| description | query | string | false | Description of the SLB to filter. Supports partial matches |
| device_type | query | string | false | Device type to filter |
| has_virtual_server | query | boolean | false | Filtering criteria - if the SLB has a virtual server |
| max_results | query | integer | false | Maximum number of SLBs to return. |
| name | query | string | false | Name on which to filter. Supports partial matches |
| num_devices | query | integer | false | Number of devices to filter |
| status | query | string | false | SLB status to filter |
Enumerated Values
| Parameter | Value |
|---|---|
| num_devices | 1 |
| num_devices | 2 |
| status | active |
| status | pending |
| status | error |
Example Response Body
200 Response
{
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"devices": [
{
"href": "string",
"config": {
"host": "string",
"port": 0,
"credential_type": "password",
"username": "string",
"credential": null,
"check_certificate": true
},
"status": {
"connection_state": "pending",
"software_version": "string",
"sync_state": "in_sync"
}
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | slbs_get |
Create a Server Load Balancer
Example Code
curl -X POST /orgs/{org_id}/slbs \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/slbs
Auditable: Yes
Exposure: Public Experimental
Create a server load balancer
Example Request Body
{
"name": "string",
"description": "string",
"nfc": {
"href": "string"
},
"network_enforcement_node": {
"href": "string"
},
"device_type": "string",
"devices": [
{
"config": {
"host": "string",
"port": 0,
"credential_type": "password",
"username": "string",
"credential": null,
"check_certificate": true
}
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | slbs_post | false | none |
| » name | body | string | true* | The short friendly name of the server load balancer |
| » description | body | string | false | The long description of the server load balancer |
| » nfc | body | object | false | DEPRECATED AND REPLACED (USE 'network_enforcement_node' INSTEAD) Network Function Controller that should manage this SLB. Can be skipped if there exists only 1 NFC in the system, or if there are no NFCs, in which case, the server would auto-deploy an NFC to manage the new SLB (and any SLBs created thereafter). Cannot be used along with network_enforcement_node |
| »» href | body | string | true* | NFC URI |
| » network_enforcement_node | body | object | false | Network enforcement node that should manage this SLB. Can be skipped if there exists only 1 NEN in the system, or if there are no NENs, in which case, the server would auto-deploy an NEN to manage the new SLB (and any SLBs created thereafter). Cannot be used along with nfc |
| »» href | body | string | true* | Network enforcement node URI |
| » device_type | body | slbs_post/properties/device_type | true* | Device type of the server load balancer |
| » devices | body | [object] | true* | Management configuration of the devices associated with this SLB Network VF. |
| »» config | body | slbs_post/properties/devices/items/properties/config | true* | Management configuration info for the SLB device. |
| »»» host | body | string | false | The IP or fqdn of the device |
| »»» port | body | integer | false | Host port |
| »»» credential_type | body | string | false | Type of the credentials |
| »»» username | body | string | false | username for credential |
| »»» credential | body | string,null | false | credential |
| »»» check_certificate | body | boolean | false | Whether enforce peer certificate verify |
Enumerated Values
| Parameter | Value |
|---|---|
| »»» credential_type | password |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Get the Specified Server Load Balancer Info
Example Code
curl -X GET /orgs/{org_id}/slbs/{slb_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/slbs/{slb_id}
Exposure: Public Experimental
Auditable: No
Get the server load balancer information
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| slb_id | path | string | true* | Slb UUID |
Example Response Body
200 Response
{
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"devices": [
{
"href": "string",
"config": {
"host": "string",
"port": 0,
"credential_type": "password",
"username": "string",
"credential": null,
"check_certificate": true
},
"status": {
"connection_state": "pending",
"software_version": "string",
"sync_state": "in_sync"
}
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | slbs_get |
Delete the Specified Server Load Balancer
Example Code
curl -X DELETE /orgs/{org_id}/slbs/{slb_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/slbs/{slb_id}
Exposure: Public Experimental
Auditable: Yes
Delete the server load balancer
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| slb_id | path | string | true* | Slb UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Update the Specified Server Load Balancer Info
Example Code
curl -X PUT /orgs/{org_id}/slbs/{slb_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/slbs/{slb_id}
Auditable: Yes
Exposure: Public Experimental
Update the server load balancer information
Example Request Body
{
"name": "string",
"description": "string",
"nfc": {
"href": "string"
},
"network_enforcement_node": {
"href": "string"
},
"device_type": "string",
"devices": [
{
"href": "string",
"config": {
"host": "string",
"port": 0,
"credential_type": "password",
"username": "string",
"credential": null,
"check_certificate": true
}
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| slb_id | path | string | true* | Slb UUID |
| body | body | slbs_put | false | none |
| » name | body | string | false | The short friendly name of the server load balancer |
| » description | body | string | false | The long description of the server load balancer |
| » nfc | body | object | false | DEPRECATED AND REPLACED (USE 'network_enforcement_node' INSTEAD) Network function controller managing this SLB |
| »» href | body | string | true* | NFC URI |
| » network_enforcement_node | body | object | false | Network enforcement node managing this SLB |
| »» href | body | string | true* | Network enforcement node URI |
| » device_type | body | slbs_post/properties/device_type | false | Device type of the server load balancer |
| » devices | body | [object] | false | Management configuration of the devices associated with this SLB Network VF. |
| »» href | body | string | true* | SLB device URI. |
| »» config | body | slbs_post/properties/devices/items/properties/config | false | Management configuration info for the SLB device. |
| »»» host | body | string | false | The IP or fqdn of the device |
| »»» port | body | integer | false | Host port |
| »»» credential_type | body | string | false | Type of the credentials |
| »»» username | body | string | false | username for credential |
| »»» credential | body | string,null | false | credential |
| »»» check_certificate | body | boolean | false | Whether enforce peer certificate verify |
Enumerated Values
| Parameter | Value |
|---|---|
| »»» credential_type | password |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Services
Get Security Policy Services
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/services \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/services
Exposure: Public Stable
Auditable: No
Get the collection of Services
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| description | query | string | false | Description of Service(s) to return. Supports partial matches |
| external_data_reference | query | string | false | A unique identifier within the external data source |
| external_data_set | query | string | false | The data source from which a resource originates |
| include_ransomware_protection_percent | query | boolean | false | Include average protection percent in ransomware object. |
| is_ransomware | query | boolean | false | Services associated with ransomware. |
| max_results | query | integer | false | Maximum number of Services to return. |
| name | query | string | false | Name of Service(s) to return. Supports partial matches |
| port | query | string | false | Specify port or port range to filter results. The range is from -1 to 65535 (0 is not supported). |
| proto | query | integer | false | Protocol to filter on |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"description": "string",
"risk_details": {
"ransomware": null
},
"description_url": "string",
"process_name": "string",
"service_ports": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"icmp_type": null,
"icmp_code": null
}
],
"windows_services": [
{
"service_name": null,
"process_name": null,
"port": 0,
"to_port": 0,
"proto": null,
"icmp_type": 0,
"icmp_code": 0
}
],
"external_data_set": null,
"external_data_reference": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": {
"href": "string"
},
"update_type": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_services_get |
Get a Security Policy Service
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/services/{service_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/services/{service_id}
Exposure: Public Stable
Auditable: No
Get Service by id
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| service_id | path | string | true* | Service ID |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"description": "string",
"risk_details": {
"ransomware": null
},
"description_url": "string",
"process_name": "string",
"service_ports": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"icmp_type": null,
"icmp_code": null
}
],
"windows_services": [
{
"service_name": null,
"process_name": null,
"port": 0,
"to_port": 0,
"proto": null,
"icmp_type": 0,
"icmp_code": 0
}
],
"external_data_set": null,
"external_data_reference": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": {
"href": "string"
},
"update_type": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_services_get |
Create a Security Policy Service
Example Code
curl -X POST /orgs/{org_id}/sec_policy/{pversion}/services \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/sec_policy/{pversion}/services
Auditable: Yes
Exposure: Public Stable
Create new Service
Example Request Body
{
"name": "string",
"description": "string",
"risk_details": {
"ransomware": {
"category": "admin",
"severity": "low",
"os_platforms": [
"windows"
]
}
},
"process_name": "string",
"service_ports": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"icmp_type": null,
"icmp_code": null
}
],
"windows_services": [
{
"service_name": null,
"process_name": null,
"port": 0,
"to_port": 0,
"proto": null,
"icmp_type": 0,
"icmp_code": 0
}
],
"external_data_set": null,
"external_data_reference": null
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| body | body | sec_policy_services_post | false | none |
| » name | body | string | true* | Name (does not need to be unique) |
| » description | body | string | false | Description |
| » risk_details | body | object | false | none |
| »» ransomware | body | object | false | none |
| »»» category | body | string | false | Categorization based on Admin or Legacy port used in the service |
| »»» severity | body | string | false | Severity of this service |
| »»» os_platforms | body | [string] | false | Operating system for this ransomware service |
| »» process_name | body | string | false | The process name |
| »» service_ports | body | [object] | false | Service ports |
| »»» port | body | integer | false | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»» proto | body | integer | true* | Transport protocol |
| »»» icmp_type | body | integer,null | false | ICMP Type (integer 0-255 for icmp protocol) |
| »»» icmp_code | body | integer,null | false | ICMP Code (integer 0-15 for icmp protocol) |
| »» windows_services | body | [sec_policy_services_get/properties/windows_services/items] | false | Windows services |
| »»» service_name | body | string,null | false | Name of Windows Service |
| »»» process_name | body | string,null | false | Name of running process |
| »»» port | body | integer | false | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»» proto | body | integer,null | false | Transport protocol |
| »»» icmp_type | body | integer | false | ICMP Type (integer 0-255 for icmp protocol) |
| »»» icmp_code | body | integer | false | ICMP Code (integer 0-15 for icmp protocol) |
| »» external_data_set | body | string,null | false | External data set identifier |
| »» external_data_reference | body | string,null | false | External data reference identifier |
Enumerated Values
| Parameter | Value |
|---|---|
| »»» category | admin |
| »»» category | legacy |
| »»» severity | low |
| »»» severity | medium |
| »»» severity | high |
| »»» severity | critical |
| »»» os_platforms | windows |
| »»» os_platforms | linux |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update a Security Policy Service
Example Code
curl -X PUT /orgs/{org_id}/sec_policy/{pversion}/services/{service_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/sec_policy/{pversion}/services/{service_id}
Auditable: Yes
Exposure: Public Stable
Modify Service
Example Request Body
{
"name": "string",
"description": "string",
"risk_details": {
"ransomware": {
"category": "admin",
"severity": "low",
"os_platforms": [
"windows"
]
}
},
"process_name": "string",
"service_ports": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"icmp_type": null,
"icmp_code": null
}
],
"windows_services": [
{
"service_name": null,
"process_name": null,
"port": 0,
"to_port": 0,
"proto": null,
"icmp_type": 0,
"icmp_code": 0
}
],
"external_data_set": null,
"external_data_reference": null
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| service_id | path | string | true* | Service ID |
| body | body | sec_policy_services_put | false | none |
| » name | body | string | false | Name (does not need to be unique) |
| » description | body | string | false | Description |
| » risk_details | body | object | false | none |
| »» ransomware | body | object | false | none |
| »»» category | body | string | false | Categorization based on Admin or Legacy port used in the service |
| »»» severity | body | string | false | Severity of this service |
| »»» os_platforms | body | [string] | false | Operating system for this ransomware service |
| »» process_name | body | string | false | The process name |
| »» service_ports | body | [object] | false | Service ports |
| »»» port | body | integer | false | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»» proto | body | integer | true* | Transport protocol |
| »»» icmp_type | body | integer,null | false | ICMP Type (integer 0-255 for icmp protocol) |
| »»» icmp_code | body | integer,null | false | ICMP Code (integer 0-15 for icmp protocol) |
| »» windows_services | body | [sec_policy_services_get/properties/windows_services/items] | false | Windows services |
| »»» service_name | body | string,null | false | Name of Windows Service |
| »»» process_name | body | string,null | false | Name of running process |
| »»» port | body | integer | false | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »»» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»» proto | body | integer,null | false | Transport protocol |
| »»» icmp_type | body | integer | false | ICMP Type (integer 0-255 for icmp protocol) |
| »»» icmp_code | body | integer | false | ICMP Code (integer 0-15 for icmp protocol) |
| »» external_data_set | body | string,null | false | External data set identifier |
| »» external_data_reference | body | string,null | false | External data reference identifier |
Enumerated Values
| Parameter | Value |
|---|---|
| »»» category | admin |
| »»» category | legacy |
| »»» severity | low |
| »»» severity | medium |
| »»» severity | high |
| »»» severity | critical |
| »»» os_platforms | windows |
| »»» os_platforms | linux |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Security Policy Service
Example Code
curl -X DELETE /orgs/{org_id}/sec_policy/{pversion}/services/{service_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/sec_policy/{pversion}/services/{service_id}
Exposure: Public Stable
Auditable: Yes
Delete Service
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| service_id | path | string | true* | Service ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Service Bindings
Return all virtual service bindings
Example Code
curl -X GET /orgs/{org_id}/service_bindings \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/service_bindings
Exposure: Public Experimental
Auditable: No
Return all virtual service bindings
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| external_data_reference | query | string | false | A unique identifier within the external data source |
| external_data_set | query | string | false | The data source from which a resource originates |
| max_results | query | integer | false | Maximum number of virtual service bindings to return. |
| virtual_service | query | string | false | Virtual service URI |
| workload | query | string | false | Workload URI |
Example Response Body
200 Response
[
{}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | service_bindings_get |
Create a virtual service binding
Example Code
curl -X POST /orgs/{org_id}/service_bindings \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/service_bindings
Auditable: Yes
Exposure: Public Experimental
Create a bound service binding
Example Request Body
[
{}
]
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | service_bindings_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Get service binding by ID
Example Code
curl -X GET /orgs/{org_id}/service_bindings/{service_binding_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/service_bindings/{service_binding_id}
Exposure: Public Experimental
Auditable: No
Get service binding by id
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| service_binding_id | path | string | true* | Service Binding ID |
Example Response Body
200 Response
[
{}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | service_bindings_get |
Delete a service binding by ID
Example Code
curl -X DELETE /orgs/{org_id}/service_bindings/{service_binding_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/service_bindings/{service_binding_id}
Exposure: Public Experimental
Auditable: Yes
Delete a service binding by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| service_binding_id | path | string | true* | Service Binding ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Support Bundle Requests
Return the collection of PCE support bundle requests
Example Code
curl -X GET /orgs/{org_id}/support_bundle_requests \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/support_bundle_requests
Exposure: Public Experimental
Auditable: No
Return the collection of PCE support bundle requests
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
{
"href": {
"href": "string"
},
"name": "string",
"download_url": {
"href": "string"
},
"requested_at": "2025-04-01T00:21:27Z",
"completed_at": null,
"status": "string",
"created_by": {
"href": "string"
},
"include_logs": true,
"starting_at": null,
"ending_at": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | support_bundle_requests_get |
Create a PCE support bundle request
Example Code
curl -X POST /orgs/{org_id}/support_bundle_requests \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/support_bundle_requests
Auditable: Yes
Exposure: Public Experimental
Create a PCE support bundle request
Example Request Body
{
"include_logs": true,
"starting_at": null,
"ending_at": null
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| ending_at | query | string | false | Time at which to exclude entries |
| include_logs | query | boolean | false | Indicate whether to include logs |
| starting_at | query | string | false | Time from which to include entries |
| body | body | support_bundle_requests_post | false | none |
| » include_logs | body | boolean | false | Set to true if logs are to be included |
| » starting_at | body | string,null(date-time) | false | Start date for log filtering |
| » ending_at | body | string,null(date-time) | false | End date for log filtering. |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Delete a PCE support bundle request
Example Code
curl -X DELETE /orgs/{org_id}/support_bundle_requests/{uuid}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/support_bundle_requests/{uuid}
Exposure: Public Experimental
Auditable: Yes
Delete a PCE support bundle request
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| uuid | path | string | true* | Support bundle request UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Return a specific PCE support bundle request
Example Code
curl -X GET /orgs/{org_id}/support_bundle_requests/{uuid} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/support_bundle_requests/{uuid}
Exposure: Public Experimental
Auditable: No
Return a specific PCE support bundle request
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| uuid | path | string | true* | Support bundle request UUID |
Example Response Body
200 Response
{
"href": {
"href": "string"
},
"name": "string",
"download_url": {
"href": "string"
},
"requested_at": "2025-04-01T00:21:27Z",
"completed_at": null,
"status": "string",
"created_by": {
"href": "string"
},
"include_logs": true,
"starting_at": null,
"ending_at": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | support_bundle_requests_get |
Syslog Destinations
Get Syslog Destinations
Example Code
curl -X GET /orgs/{org_id}/settings/syslog/destinations \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/settings/syslog/destinations
Exposure: Public Stable
Auditable: No
Get syslog destinations for the org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
Example Response Body
200 Response
[
{
"href": "string",
"pce_scope": [
"string"
],
"type": "string",
"description": "string",
"audit_event_logger": {
"configuration_event_included": true,
"system_event_included": true,
"min_severity": "error"
},
"traffic_event_logger": {
"traffic_flow_allowed_event_included": true,
"traffic_flow_potentially_blocked_event_included": true,
"traffic_flow_blocked_event_included": true
},
"node_status_logger": {
"node_status_included": true
},
"remote_syslog": {
"address": "string",
"port": 0,
"protocol": 0,
"tls_enabled": true,
"tls_ca_bundle": "string",
"tls_verify_cert": true
}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | settings_syslog_destinations_get |
Get a Syslog Destination
Example Code
curl -X GET /orgs/{org_id}/settings/syslog/destinations/{syslog_destination_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/settings/syslog/destinations/{syslog_destination_id}
Exposure: Public Stable
Auditable: No
Get a PCE destination by UUID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| syslog_destination_id | path | string | true* | PCE destination UUID |
Example Response Body
200 Response
[
{
"href": "string",
"pce_scope": [
"string"
],
"type": "string",
"description": "string",
"audit_event_logger": {
"configuration_event_included": true,
"system_event_included": true,
"min_severity": "error"
},
"traffic_event_logger": {
"traffic_flow_allowed_event_included": true,
"traffic_flow_potentially_blocked_event_included": true,
"traffic_flow_blocked_event_included": true
},
"node_status_logger": {
"node_status_included": true
},
"remote_syslog": {
"address": "string",
"port": 0,
"protocol": 0,
"tls_enabled": true,
"tls_ca_bundle": "string",
"tls_verify_cert": true
}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | settings_syslog_destinations_get |
Create a Syslog Destination
Example Code
curl -X POST /orgs/{org_id}/settings/syslog/destinations \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/settings/syslog/destinations
Auditable: Yes
Exposure: Public Stable
Post a new syslog destinations for org
Example Request Body
{
"pce_scope": [
"string"
],
"type": "local_syslog",
"description": "string",
"audit_event_logger": {
"configuration_event_included": true,
"system_event_included": true,
"min_severity": "error"
},
"traffic_event_logger": {
"traffic_flow_allowed_event_included": true,
"traffic_flow_potentially_blocked_event_included": true,
"traffic_flow_blocked_event_included": true
},
"node_status_logger": {
"node_status_included": true
},
"remote_syslog": {
"address": "string",
"port": 0,
"protocol": 0,
"tls_enabled": true,
"tls_ca_bundle": "string",
"tls_verify_cert": true
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| body | body | settings_syslog_destinations_post | false | none |
| » pce_scope | body | [string] | true* | none |
| » type | body | string | true* | Destination type |
| » description | body | string | true* | Description of the destination |
| » audit_event_logger | body | object | true* | none |
| »» configuration_event_included | body | boolean | true* | Configuration (Northbound) auditable events |
| »» system_event_included | body | boolean | true* | System (PCE) auditable events |
| »» min_severity | body | settings_syslog_destinations_post/properties/audit_event_logger/properties/min_severity | true* | Minimum severity level of audit event messages. |
| » traffic_event_logger | body | object | true* | none |
| »» traffic_flow_allowed_event_included | body | boolean | true* | Set to enable traffic flow events |
| »» traffic_flow_potentially_blocked_event_included | body | boolean | true* | Set to enable traffic flow events |
| »» traffic_flow_blocked_event_included | body | boolean | true* | Set to enable traffic flow events |
| » node_status_logger | body | object | true* | none |
| »» node_status_included | body | boolean | true* | Syslog messages regarding status of the nodes |
| » remote_syslog | body | object | false | none |
| »» address | body | string | true* | The remote syslog IP or DNS address |
| »» port | body | integer | true* | The remote syslog port |
| »» protocol | body | integer | true* | The protocol for streaming syslog messages |
| »» tls_enabled | body | boolean | true* | To enable TLS |
| »» tls_ca_bundle | body | string | false | Trustee CA bundle |
| »» tls_verify_cert | body | boolean | true* | Perform TLS verification |
Enumerated Values
| Parameter | Value |
|---|---|
| » type | local_syslog |
| » type | remote_syslog |
| »» min_severity | error |
| »» min_severity | warning |
| »» min_severity | informational |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update a Syslog Destination
Example Code
curl -X PUT /orgs/{org_id}/settings/syslog/destinations/{syslog_destination_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/settings/syslog/destinations/{syslog_destination_id}
Auditable: Yes
Exposure: Public Stable
Create or Update a syslog destination
Example Request Body
{
"href": "string",
"pce_scope": [
"string"
],
"type": "local_syslog",
"description": "string",
"audit_event_logger": {
"configuration_event_included": true,
"system_event_included": true,
"min_severity": "error"
},
"traffic_event_logger": {
"traffic_flow_allowed_event_included": true,
"traffic_flow_potentially_blocked_event_included": true,
"traffic_flow_blocked_event_included": true
},
"node_status_logger": {
"node_status_included": true
},
"remote_syslog": {
"address": "string",
"port": 0,
"protocol": 0,
"tls_enabled": true,
"tls_ca_bundle": "string",
"tls_verify_cert": true
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| syslog_destination_id | path | string | true* | PCE destination UUID |
| body | body | settings_syslog_destinations_put | false | none |
| » href | body | string | false | URI of the destination |
| » pce_scope | body | [string] | false | none |
| » type | body | string | false | Destination type |
| » description | body | string | false | Description of the destination |
| » audit_event_logger | body | object | false | none |
| »» configuration_event_included | body | boolean | false | Configuration (Northbound) auditable events |
| »» system_event_included | body | boolean | false | System (PCE) auditable events |
| »» min_severity | body | settings_syslog_destinations_post/properties/audit_event_logger/properties/min_severity | false | Minimum severity level of audit event messages. |
| » traffic_event_logger | body | object | false | none |
| »» traffic_flow_allowed_event_included | body | boolean | false | Set to enable traffic flow events |
| »» traffic_flow_potentially_blocked_event_included | body | boolean | false | Set to enable traffic flow events |
| »» traffic_flow_blocked_event_included | body | boolean | false | Set to enable traffic flow events |
| » node_status_logger | body | object | false | none |
| »» node_status_included | body | boolean | false | Syslog messages regarding status of the nodes |
| » remote_syslog | body | object | false | none |
| »» address | body | string | false | The remote syslog IP or DNS address |
| »» port | body | integer | false | The remote syslog port |
| »» protocol | body | integer | false | The protocol for streaming syslog messages |
| »» tls_enabled | body | boolean | false | To enable TLS |
| »» tls_ca_bundle | body | string | false | Trustee CA bundle |
| »» tls_verify_cert | body | boolean | false | Perform TLS verification |
Enumerated Values
| Parameter | Value |
|---|---|
| » type | local_syslog |
| » type | remote_syslog |
| »» min_severity | error |
| »» min_severity | warning |
| »» min_severity | informational |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Syslog Destination
Example Code
curl -X DELETE /orgs/{org_id}/settings/syslog/destinations/{syslog_destination_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/settings/syslog/destinations/{syslog_destination_id}
Exposure: Public Stable
Auditable: Yes
Delete destination by UUID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| syslog_destination_id | path | string | true* | PCE destination UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
System Events
Get System Events
Example Code
curl -X GET /system_events \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/system_events
Exposure: Public Stable
Auditable: No
Get a list of system events
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| created_by | query | string | false | User, agent, or system that created the event |
| event_type | query | string | false | Type of event |
| max_results | query | integer | false | Maximum number of results to return |
| severity | query | string | false | Severity of event |
| status | query | string | false | Status of event |
| timestamp[gte] | query | string | false | Earliest event date to return (RFC 3339 format) |
| timestamp[lte] | query | string | false | Latest event date to return (RFC 3339 format) |
Enumerated Values
| Parameter | Value |
|---|---|
| severity | emerg |
| severity | alert |
| severity | crit |
| severity | warning |
| severity | err |
| severity | notice |
| severity | info |
| severity | debug |
| status | success |
| status | failure |
| timestamp[gte] | success |
| timestamp[gte] | failure |
| timestamp[lte] | success |
| timestamp[lte] | failure |
Example Response Body
200 Response
{
"href": "string",
"org_id": 0,
"version": "string",
"event_id": "string",
"event_type": "string",
"status": "string",
"severity": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": {},
"action": null,
"resource_changes": [
{
"href": "string",
"version": "string",
"org_id": 0,
"uuid": "string",
"event": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": null,
"resource": null,
"changes": {},
"change_type": "string"
}
],
"notifications": [
{
"href": "string",
"event": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": null,
"notification_type": "string",
"severity": "err",
"info": null
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | system_events_get |
Get a System Event
Example Code
curl -X GET /system_events/{composite_log_event_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/system_events/{composite_log_event_id}
Exposure: Public Stable
Auditable: No
Get a system event by id
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| composite_log_event_id | path | string | true* | UUID of system event to return |
Example Response Body
200 Response
{
"href": "string",
"org_id": 0,
"version": "string",
"event_id": "string",
"event_type": "string",
"status": "string",
"severity": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": {},
"action": null,
"resource_changes": [
{
"href": "string",
"version": "string",
"org_id": 0,
"uuid": "string",
"event": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": null,
"resource": null,
"changes": {},
"change_type": "string"
}
],
"notifications": [
{
"href": "string",
"event": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": null,
"notification_type": "string",
"severity": "err",
"info": null
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | system_events_get |
Traffic Analysis Queries (deprecated)
DEPRECATED AND REPLACED (USE traffic_flows/async_queries INSTEAD)
Example Code
curl -X POST /orgs/{org_id}/traffic_flows/traffic_analysis_queries \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/traffic_flows/traffic_analysis_queries
Auditable: No
Exposure: Public Experimental
DEPRECATED AND REPLACED (USE traffic_flows/async_queries INSTEAD)
Example Request Body
null
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | traffic_flows_traffic_analysis_queries_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Traffic Collector Settings
Get Settings Traffic Collectors
Example Code
curl -X GET /orgs/{org_id}/settings/traffic_collector \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/settings/traffic_collector
Exposure: Public Stable
Auditable: No
Get traffic_collector settings for the org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
Example Response Body
200 Response
{
"href": "string",
"transmission": "string",
"data_source": "string",
"network": "string",
"target": {
"src_port": 0,
"dst_port": 0,
"proto": 0,
"dst_ip": "string",
"src_ip": "string"
},
"action": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | settings_traffic_collector_get |
Create a Settings Traffic Collector
Example Code
curl -X POST /orgs/{org_id}/settings/traffic_collector \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/settings/traffic_collector
Auditable: Yes
Exposure: Public Stable
Post a new traffic_collector setting for org
Example Request Body
{
"transmission": "broadcast",
"data_source": "any",
"network": "any",
"target": {
"src_port": 0,
"dst_port": 0,
"proto": 0,
"dst_ip": "string",
"src_ip": "string"
},
"action": "drop"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| body | body | settings_traffic_collector_post | false | none |
| » transmission | body | string | true* | transmission type: broadcast/multicast/unicast |
| » data_source | body | string | false | flow summary data source |
| » network | body | string | false | flow summary network |
| » target | body | object | false | none |
| »» src_port | body | integer | false | none |
| »» dst_port | body | integer | false | none |
| »» proto | body | integer | true* | none |
| »» dst_ip | body | string | false | single destination ip address or CIDR |
| »» src_ip | body | string | false | single source ip address or CIDR |
| » action | body | string | true* | drop or aggregate the target traffic |
Enumerated Values
| Parameter | Value |
|---|---|
| » transmission | broadcast |
| » transmission | multicast |
| » transmission | unicast |
| » data_source | any |
| » data_source | server |
| » data_source | endpoint |
| » network | any |
| » network | corporate |
| » network | external |
| » action | drop |
| » action | aggregate |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update a Settings Traffic Collector
Example Code
curl -X PUT /orgs/{org_id}/settings/traffic_collector/{traffic_collector_setting_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/settings/traffic_collector/{traffic_collector_setting_id}
Auditable: Yes
Exposure: Public Stable
Update a traffic_collector setting
Example Request Body
{
"transmission": "broadcast",
"data_source": "any",
"network": "any",
"target": {
"src_port": null,
"dst_port": null,
"proto": 0,
"dst_ip": "string",
"src_ip": "string"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| traffic_collector_setting_id | path | string | true* | traffic_collector setting UUID |
| body | body | settings_traffic_collector_put | false | none |
| » transmission | body | string | false | transmission type: broadcast/multicast/unicast |
| » data_source | body | string | false | flow summary data source |
| » network | body | string | false | flow summary network |
| » target | body | object | false | none |
| »» src_port | body | integer,null | false | none |
| »» dst_port | body | integer,null | false | none |
| »» proto | body | integer | false | none |
| »» dst_ip | body | string | false | single destination ip address or CIDR |
| »» src_ip | body | string | false | single source ip address or CIDR |
Enumerated Values
| Parameter | Value |
|---|---|
| » transmission | broadcast |
| » transmission | multicast |
| » transmission | unicast |
| » data_source | any |
| » data_source | server |
| » data_source | endpoint |
| » network | any |
| » network | corporate |
| » network | external |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get a Settings Traffic Collector
Example Code
curl -X GET /orgs/{org_id}/settings/traffic_collector/{traffic_collector_setting_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/settings/traffic_collector/{traffic_collector_setting_id}
Exposure: Public Stable
Auditable: No
Get a traffic collector setting by UUID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| traffic_collector_setting_id | path | string | true* | traffic_collector setting UUID |
Example Response Body
200 Response
{
"href": "string",
"transmission": "string",
"data_source": "string",
"network": "string",
"target": {
"src_port": 0,
"dst_port": 0,
"proto": 0,
"dst_ip": "string",
"src_ip": "string"
},
"action": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | settings_traffic_collector_get |
Delete a Settings Traffic Collector
Example Code
curl -X DELETE /orgs/{org_id}/settings/traffic_collector/{traffic_collector_setting_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/settings/traffic_collector/{traffic_collector_setting_id}
Exposure: Public Stable
Auditable: Yes
Delete a traffic_collector setting by UUID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| traffic_collector_setting_id | path | string | true* | traffic_collector setting UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Trusted Proxy IPs
Get Trusted Proxy IPs
Example Code
curl -X GET /orgs/{org_id}/settings/trusted_proxy_ips \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/settings/trusted_proxy_ips
Exposure: Public Stable
Auditable: No
Get Trusted Proxy IPs
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
Example Response Body
200 Response
{
"max_trusted_proxy_ips_per_region": 0,
"trusted_proxy_ips": [
{
"pce_fqdn": "string",
"ip": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | settings_trusted_proxy_ips_get |
Create or Update Trusted Proxy IPs
Example Code
curl -X PUT /orgs/{org_id}/settings/trusted_proxy_ips \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/settings/trusted_proxy_ips
Auditable: Yes
Exposure: Public Stable
Create or Update Trusted Proxy IPs
Example Request Body
{
"trusted_proxy_ips": [
{
"pce_fqdn": null,
"ip": null
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | settings_trusted_proxy_ips_put | false | none |
| » trusted_proxy_ips | body | [object] | true* | IPs or CIDRs trusted (per-region) for handling clients' X-Forwarded-For header |
| »» pce_fqdn | body | string,null | true* | FQDN of PCE region, or null if not in supercluster |
| »» ip | body | orgs_access_restrictions_post/properties/ips/items | true* | none |
| »»» anonymous | body | any | false | none |
| »»» anonymous | body | any | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Users
Get All Users' Information
Example Code
curl -X GET /users \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/users
Exposure: Public Stable
Auditable: No
Get all of the users
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| type | query | string | false | User type which to filter, (e.g. local or external) |
Example Response Body
200 Response
{
"href": "string",
"username": "string",
"last_login_on": "string",
"last_login_ip_address": "string",
"login_count": 0,
"full_name": "string",
"time_zone": "string",
"locked": true,
"effective_groups": [
"string"
],
"local_profile": {},
"updated_at": "2025-04-01T00:21:27Z",
"created_at": "2025-04-01T00:21:27Z",
"type": "string",
"presence_status": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | users_get |
Get All Org Users' Information
Example Code
curl -X GET /users/{id}/orgs \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/users/{id}/orgs
Exposure: Public Stable
Auditable: No
Get list of orgs the user has access to
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | integer | true* | User ID |
Example Response Body
200 Response
{
"href": "string",
"username": "string",
"last_login_on": "string",
"last_login_ip_address": "string",
"login_count": 0,
"full_name": "string",
"time_zone": "string",
"locked": true,
"effective_groups": [
"string"
],
"local_profile": {},
"updated_at": "2025-04-01T00:21:27Z",
"created_at": "2025-04-01T00:21:27Z",
"type": "string",
"presence_status": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | users_get |
Get a User's Information
Example Code
curl -X GET /users/{id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/users/{id}
Exposure: Public Stable
Auditable: No
Get the user information
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | integer | true* | User ID |
Example Response Body
200 Response
{
"href": "string",
"username": "string",
"last_login_on": "string",
"last_login_ip_address": "string",
"login_count": 0,
"full_name": "string",
"time_zone": "string",
"locked": true,
"effective_groups": [
"string"
],
"local_profile": {},
"updated_at": "2025-04-01T00:21:27Z",
"created_at": "2025-04-01T00:21:27Z",
"type": "string",
"presence_status": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | users_get |
Create a New User
Example Code
curl -X POST /users \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/users
Auditable: Yes
Exposure: Public Stable
Create a new local user
Example Request Body
{
"username": "[email protected]",
"full_name": "string",
"time_zone": "string",
"type": "local"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | users_post | false | none |
| » username | body | string(email) | true* | username is an email address e.g. [email protected] |
| » full_name | body | string | false | User's full name |
| » time_zone | body | string | false | Time Zone IANA Region Name |
| » type | body | string | true* | User's type, i.e. user authenticated local or remotely via SAML |
Enumerated Values
| Parameter | Value |
|---|---|
| » type | local |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Update User Information
Example Code
curl -X PUT /users/{id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/users/{id}
Auditable: Yes
Exposure: Public Stable
Update the user information
Example Request Body
{
"full_name": "string",
"time_zone": "string",
"locked": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | integer | true* | User ID |
| body | body | users_put | false | none |
| » full_name | body | string | false | User's full name |
| » time_zone | body | string | false | Time Zone IANA Region Name |
| » locked | body | boolean | false | Flag to indicate whether account is locked |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Login & Get Session Token
Example Code
curl -X GET /users/login \
-H 'Authorization: Token token=<auth_token>'
GET /api/v2/users/login
Exposure: Public Stable
Auditable: Yes
Login a specific user, and return a session token. Uses an authentication token. For implementation details see the Authentication section in the Illumio ASP REST API Guide.
Example Response Body
200 Response
{
"href": "string",
"auth_username": "string",
"session_token": "string",
"inactivity_expiration_minutes": 0,
"last_login_on": "2025-04-01T00:21:27Z",
"last_login_ip_address": "string",
"full_name": "string",
"type": "string",
"time_zone": "string",
"product_version": {
"product_version": {
"version": "string",
"build": 0,
"release_info": "string",
"engineering_info": "string",
"long_display": "string",
"short_display": "string",
"product_name": "string"
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | users_login_get |
Logout & Destroy Session Token
Example Code
curl -X PUT /users/{id}/logout \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/users/{id}/logout
Auditable: Yes
Exposure: Public Stable
Logout a specific user and destroy the access token
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| id | path | integer | true* | User ID |
| body | body | users_logout_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Users Local Profile
Create a Local User Profile from an External User ID
Example Code
curl -X POST /users/{user_id}/local_profile \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/users/{user_id}/local_profile
Auditable: Yes
Exposure: Public Stable
Create a local user profile from an external user ID.
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_id | path | integer | true* | User ID |
| body | body | users_local_profile_post | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Reinvite a User
Example Code
curl -X PUT /users/{user_id}/local_profile/reinvite \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/users/{user_id}/local_profile/reinvite
Auditable: Yes
Exposure: Public Stable
Resend invitation email for local user
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_id | path | integer | true* | User ID |
| body | body | users_local_profile_reinvite_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Change a User Password
Example Code
curl -X PUT /users/{user_id}/local_profile/password \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/users/{user_id}/local_profile/password
Auditable: Yes
Exposure: Public Stable
Change local user password
Example Request Body
{
"current_password": "string",
"new_password": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_id | path | integer | true* | User ID |
| body | body | users_local_profile_password_put | false | none |
| » current_password | body | string | true* | current password |
| » new_password | body | string | true* | new password |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Convert Local User to External User
Example Code
curl -X DELETE /users/{user_id}/local_profile
\ -u $KEY:$TOKEN
DELETE /api/v2/users/{user_id}/local_profile
Exposure: Public Stable
Auditable: Yes
Delete local user profile
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_id | path | integer | true* | User ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Vens
Get the collection of all VENs
Example Code
curl -X GET /orgs/{org_id}/vens \
-H 'Authorization: Token token=<auth_token>'
GET /api/v2/orgs/{org_id}/vens
Exposure: Public Experimental
Auditable: No
Get all VENs
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| activation_type | query | string | false | The method in which the VEN was activated |
| active_pce_fqdn | query | string | false | FQDN of the PCE |
| authentication_recovery | query | boolean | false | Return VENs in or not in authentication recovery |
| condition | query | string | false | A specific error condition to filter by |
| container_clusters | query | string | false | Array of container cluster URIs, encoded as a JSON string |
| description | query | string | false | Description of VEN(s) to return. Supports partial matches. |
| disconnected_before | query | string(date-time) | false | Return VENs that have been disconnected since the given time |
| health | query | string | false | The overall health (condition) of the VEN |
| hostname | query | string | false | Hostname of VEN(s) to return. Supports partial matches. |
| ip_address | query | string | false | IP address of VEN(s) to return. Supports partial matches |
| labels | query | string | false | 2D Array of label URIs, encoded as a JSON string |
| last_goodbye_at[gte] | query | string | false | Greater than or equal to value for last goodbye at timestamp |
| last_goodbye_at[lte] | query | string | false | Less than or equal to value for last goodbye at timestamp |
| last_heartbeat_at[gte] | query | string | false | Greater than or equal to value for last heartbeat timestamp |
| last_heartbeat_at[lte] | query | string | false | Less than or equal to value for last heartbeat timestamp |
| max_results | query | integer | false | Maximum number of VENs to return. |
| name | query | string | false | Name of VEN(s) to return. Supports partial matches. |
| os | query | string | false | Operating System of VEN(s) to return. Supports partial matches. |
| status | query | string | false | The current status of the VEN |
| upgrade_pending | query | boolean | false | Only return VENs with/without a pending upgrade |
| ven_type | query | string | false | Return only VENs of the specific type: server, endpoint, or containerized |
| version[gte] | query | string | false | Greater than or equal to value for version |
| version[lte] | query | string | false | Less than or equal to value for version |
Enumerated Values
| Parameter | Value |
|---|---|
| activation_type | pairing_key |
| activation_type | kerberos |
| activation_type | ca_signed_certificate |
| activation_type | self_signed_certificate |
| condition | agent.upgrade_time_out |
| condition | agent.missing_heartbeats_after_upgrade |
| condition | agent.clone_detected |
| condition | agent.missed_heartbeats |
| condition | agent.too_many_interfaces_reported |
| condition | agent.authentication_recovery |
| condition | agent.self_signed_certificate_in_grace_period |
| condition | agent.self_signed_certificate_expired |
| condition | agent.unauthenticated_clone_detected |
| condition | agent.weak_tls_ciphers_used |
| health | healthy |
| health | unhealthy |
| health | error |
| health | warning |
| last_goodbye_at[gte] | server |
| last_goodbye_at[gte] | endpoint |
| last_goodbye_at[gte] | containerized |
| last_goodbye_at[lte] | server |
| last_goodbye_at[lte] | endpoint |
| last_goodbye_at[lte] | containerized |
| last_heartbeat_at[gte] | server |
| last_heartbeat_at[gte] | endpoint |
| last_heartbeat_at[gte] | containerized |
| last_heartbeat_at[lte] | server |
| last_heartbeat_at[lte] | endpoint |
| last_heartbeat_at[lte] | containerized |
| status | active |
| status | suspended |
| status | stopped |
| status | uninstalled |
| ven_type | server |
| ven_type | endpoint |
| ven_type | containerized |
Example Response Body
200 Response
{
"href": "string",
"name": null,
"description": null,
"hostname": "string",
"uid": null,
"os_id": null,
"os_detail": null,
"os_platform": null,
"version": "string",
"status": "string",
"activation_type": "string",
"active_pce_fqdn": null,
"target_pce_fqdn": null,
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"interfaces": [
{
"name": "string",
"link_state": null,
"address": "string",
"cidr_block": null,
"default_gateway_address": null,
"network": {
"href": "string",
"name": null
},
"network_detection_mode": null,
"friendly_name": null,
"href": "string"
}
],
"workloads": [
{
"href": "string",
"name": null,
"managed": true,
"hostname": null,
"instance_id": null,
"data_center": null,
"data_center_zone": null,
"service_principal_name": null,
"os_id": null,
"os_detail": null,
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"public_ip": null,
"interfaces": [
{
"name": "string",
"link_state": null,
"address": "string",
"cidr_block": null,
"default_gateway_address": null,
"network": {
"href": "string",
"name": null
},
"network_detection_mode": null,
"friendly_name": null,
"href": "string"
}
],
"security_policy_applied_at": null,
"security_policy_received_at": null,
"security_policy_sync_state": "string",
"log_traffic": true,
"mode": "idle",
"enforcement_mode": "idle",
"visibility_level": "string",
"online": true
}
],
"container_cluster": null,
"secure_connect": null,
"last_heartbeat_at": null,
"last_goodbye_at": null,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"href": "string"
},
"conditions": [
{
"first_reported_timestamp": "2025-04-01T00:21:27Z",
"latest_event": {
"notification_type": "string",
"severity": "err",
"href": "string",
"info": {},
"timestamp": "2025-04-01T00:21:27Z"
}
}
],
"authentication_recovery": true,
"caps": [
"string"
],
"ven_type": "server",
"upgrade_expires_at": null,
"upgrade_target_version": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | vens_get |
Start unpairing of one or more VENs
Example Code
curl -X PUT /orgs/{org_id}/vens/unpair \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/vens/unpair
Auditable: Yes
Exposure: Public Experimental
Sent by the user to unpair multiple agents
Example Request Body
{
"vens": [
{
"href": "string"
}
],
"firewall_restore": "default"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | vens_unpair_put | false | none |
| » vens | body | [object] | true* | VENs to unpair |
| »» href | body | string | true* | URI of VEN to unpair |
| » firewall_restore | body | string | false | The strategy to use to restore the firewall state after the VEN is uninstalled. |
Enumerated Values
| Parameter | Value |
|---|---|
| » firewall_restore | saved |
| » firewall_restore | default |
| » firewall_restore | disable |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Sent by the user to upgrade VENs
Example Code
curl -X PUT /orgs/{org_id}/vens/upgrade \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/vens/upgrade
Auditable: Yes
Exposure: Public Experimental
Sent by the user to upgrade VENs.
Example Request Body
{
"release": "string",
"vens": [
{
"href": "string"
}
],
"upgrade_timeout_seconds": 900
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | vens_upgrade_put | false | none |
| » release | body | string | true* | The software release to upgrade to. |
| » vens | body | [object] | true* | An array of VENs to upgrade |
| »» href | body | string | true* | VEN URI |
| » upgrade_timeout_seconds | body | integer | false | Number of seconds during which the PCE tries to trigger the agent upgrade. |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Enable or disable authentication recovery for a list of VENs
Example Code
curl -X PUT /orgs/{org_id}/vens/authentication_recovery \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/vens/authentication_recovery
Auditable: Yes
Exposure: Public Experimental
Enable or disable authentication recovery for a list of VENs
Example Request Body
{
"vens": [
{
"href": "string"
}
],
"recovery_enabled": false,
"recovery_duration_seconds": 3600
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | vens_authentication_recovery_put | false | none |
| » vens | body | [object] | true* | List of VENs to be put in or out of recovery |
| »» href | body | string | true* | URI of the VEN |
| » recovery_enabled | body | boolean | true* | Enable/disable recovery for the VENs |
| » recovery_duration_seconds | body | integer | true* | Put the VENs in recovery for the specified duration in seconds |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get details on a VEN instance
Example Code
curl -X GET /orgs/{org_id}/vens/{ven_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/vens/{ven_id}
Exposure: Public Experimental
Auditable: No
Get one VEN
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| ven_id | path | string | true* | VEN id |
Example Response Body
200 Response
{
"href": "string",
"name": null,
"description": null,
"hostname": "string",
"uid": null,
"os_id": null,
"os_detail": null,
"os_platform": null,
"version": "string",
"status": "string",
"activation_type": "string",
"active_pce_fqdn": null,
"target_pce_fqdn": null,
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"interfaces": [
{
"name": "string",
"link_state": null,
"address": "string",
"cidr_block": null,
"default_gateway_address": null,
"network": {
"href": "string",
"name": null
},
"network_detection_mode": null,
"friendly_name": null,
"href": "string"
}
],
"workloads": [
{
"href": "string",
"name": null,
"managed": true,
"hostname": null,
"instance_id": null,
"data_center": null,
"data_center_zone": null,
"service_principal_name": null,
"os_id": null,
"os_detail": null,
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"public_ip": null,
"interfaces": [
{
"name": "string",
"link_state": null,
"address": "string",
"cidr_block": null,
"default_gateway_address": null,
"network": {
"href": "string",
"name": null
},
"network_detection_mode": null,
"friendly_name": null,
"href": "string"
}
],
"security_policy_applied_at": null,
"security_policy_received_at": null,
"security_policy_sync_state": "string",
"log_traffic": true,
"mode": "idle",
"enforcement_mode": "idle",
"visibility_level": "string",
"online": true
}
],
"container_cluster": null,
"secure_connect": null,
"last_heartbeat_at": null,
"last_goodbye_at": null,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"href": "string"
},
"conditions": [
{
"first_reported_timestamp": "2025-04-01T00:21:27Z",
"latest_event": {
"notification_type": "string",
"severity": "err",
"href": "string",
"info": {},
"timestamp": "2025-04-01T00:21:27Z"
}
}
],
"authentication_recovery": true,
"caps": [
"string"
],
"ven_type": "server",
"upgrade_expires_at": null,
"upgrade_target_version": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | vens_get |
Set the target_pce_fqdn on a VEN
Example Code
curl -X PUT /orgs/{org_id}/vens/{ven_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/vens/{ven_id}
Auditable: Yes
Exposure: Public Experimental
Update VENs name, description, or target PCE FQDN
Example Request Body
{
"target_pce_fqdn": "string",
"name": null,
"description": null,
"status": "active"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| ven_id | path | string | true* | VEN id |
| body | body | vens_put | false | none |
| » target_pce_fqdn | body | string | false | cluster FQDN for target PCE |
| » name | body | string,null | false | Friendly name of the VEN |
| » description | body | string,null | false | Description of the VEN |
| » status | body | string | false | VEN Status |
Enumerated Values
| Parameter | Value |
|---|---|
| » status | active |
| » status | suspended |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Post VEN statistics for later analysis
Example Code
curl -X POST /orgs/{org_id}/vens/statistics \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/vens/statistics
Auditable: No
Exposure: Public Experimental
Post VEN statistics for later analysis.
Example Request Body
{
"property_counts": [
{
"property": "status",
"values": [
"string"
],
"filters": [
{
"filter_property": "status",
"values": [
"string"
]
}
]
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | vens_statistics_post | false | none |
| » property_counts | body | [object] | true* | none |
| »» property | body | string | true* | none |
| »» values | body | [string] | false | none |
| »» filters | body | [object] | false | none |
| »»» filter_property | body | string | true* | none |
| »»» values | body | [string] | false | none |
Enumerated Values
| Parameter | Value |
|---|---|
| »» property | status |
| »» property | version |
| »» property | health |
| »» property | condition |
| »» property | os_id |
| »» property | enforcement_mode |
| »» property | ven_type |
| »»» filter_property | status |
| »»» filter_property | version |
| »»» filter_property | health |
| »»» filter_property | condition |
| »»» filter_property | os_id |
| »»» filter_property | enforcement_mode |
| »»» filter_property | ven_type |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Sent by the user to execute remote action on VEN
Example Code
curl -X PUT /orgs/{org_id}/vens/remote_action \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/vens/remote_action
Auditable: Yes
Exposure: Public Experimental
Sent by the user to execute remote action on VEN.
Example Request Body
{
"action": "restart",
"vens": [
{
"href": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | vens_remote_action_put | false | none |
| » action | body | string | true* | Remote action type |
| » vens | body | [object] | true* | An array of VENs to restart |
| »» href | body | string | true* | VEN URI |
Enumerated Values
| Parameter | Value |
|---|---|
| » action | restart |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Ven Software Releases
Get Available Releases for an Organization
Example Code
curl -X GET /orgs/{org_id}/software/ven/releases \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/software/ven/releases
Exposure: Public Experimental
Auditable: No
Get available releases for org
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| ven_type | query | string | false | Return releases that support a specific VEN type (server or endpoint) or releases that only support both servers and endpoints (all) |
Enumerated Values
| Parameter | Value |
|---|---|
| ven_type | server |
| ven_type | endpoint |
| ven_type | all |
Example Response Body
200 Response
{
"release": "string",
"href": "string",
"default": true,
"default_release_ven_types": [
"string"
],
"org_id": 0,
"ven_types": [
"server"
],
"images": [
{
"release": "string",
"distribution": "string",
"architecture": "string",
"major_version": 0,
"min_minor_version": 0,
"max_minor_version": null,
"filename": "string",
"href": "string",
"ven_types": [
"server"
]
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | software_ven_releases_get |
DEPRECATED. Set the Default Release for this Organization
Example Code
curl -X PUT /orgs/{org_id}/software/ven/releases/default \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/software/ven/releases/default
Auditable: Yes
Exposure: Public Experimental
DEPRECATED. Set the default release for this org
Example Request Body
{
"release": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | software_ven_releases_default_put | false | none |
| » release | body | string | true* | The software release to set as the default for this org. |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Set the Default Release for this Organization
Example Code
curl -X PUT /orgs/{org_id}/software/ven/releases/defaults \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/software/ven/releases/defaults
Auditable: Yes
Exposure: Public Experimental
Set the default release for this org
Example Request Body
[
{
"href": "string",
"ven_type": "server"
}
]
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | software_ven_releases_defaults_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get Details about a VEN Release
Example Code
curl -X GET /orgs/{org_id}/software/ven/releases/{release} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/software/ven/releases/{release}
Exposure: Public Experimental
Auditable: No
Get details about a VEN release
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| release | path | string | true* | Release identifier |
Example Response Body
200 Response
{
"release": "string",
"href": "string",
"default": true,
"default_release_ven_types": [
"string"
],
"org_id": 0,
"ven_types": [
"server"
],
"images": [
{
"release": "string",
"distribution": "string",
"architecture": "string",
"major_version": 0,
"min_minor_version": 0,
"max_minor_version": null,
"filename": "string",
"href": "string",
"ven_types": [
"server"
]
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | software_ven_releases_get |
Remove a release from the org/repo
Example Code
curl -X DELETE /orgs/{org_id}/software/ven/releases/{release}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/software/ven/releases/{release}
Exposure: Public Experimental
Auditable: Yes
Remove a release from the org/repo
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| release | path | string | true* | Release identifier |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get the List of VEN Software Images for a Given Release
Example Code
curl -X GET /orgs/{org_id}/software/ven/releases/{release}/images \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/software/ven/releases/{release}/images
Exposure: Public Experimental
Auditable: No
Get the list of VEN software images for a given release
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| release | path | string | true* | Release identifier |
Example Response Body
200 Response
[
{
"release": "string",
"distribution": "string",
"architecture": "string",
"major_version": 0,
"min_minor_version": 0,
"max_minor_version": null,
"filename": "string",
"href": "string",
"ven_types": [
"server"
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | software_ven_releases_images_get |
Virtual Servers
Get a List of Virtual Servers
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/virtual_servers \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/virtual_servers
Exposure: Public Experimental
Auditable: No
Get the virtual servers
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| active_pce_fqdn | query | string | false | FQDN of the PCE |
| discovered_virtual_server | query | string | false | URI of discovered virtual server to filter by |
| external_data_reference | query | string | false | A unique identifier within the external data source |
| external_data_set | query | string | false | The data source from which a resource originates |
| labels | query | string | false | 2D array of label URIs, encoded as a JSON string. Filter by virtual server labels. |
| max_results | query | integer | false | Maximum number of discovered virtual servers to return |
| mode | query | string | false | Mode of the virtual server(s) to return |
| name | query | string | false | Name of virtual server(s) to return. Supports partial matches |
| network_enforcement_node.hostname | query | string | false | Hostname of NEN object to filter virtual server(s) |
| slb | query | string | false | URI of SLB object to filter virtual server(s) |
| vip | query | string | false | Frontend (VIP) address of the virtual server(s). Supports suffix-wildcard matches |
| vip_port | query | integer | false | Port of frontend VIP of the virtual server(s) |
| vip_proto | query | integer | false | Protocol of frontend VIP of the virtual server(s) |
Enumerated Values
| Parameter | Value |
|---|---|
| mode | unmanaged |
| mode | enforced |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"service": {
"href": "string"
},
"providers": [
{}
],
"mode": "string",
"description": null,
"external_data_set": null,
"external_data_reference": null,
"discovered_virtual_server": null,
"update_type": "create",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_virtual_servers_get |
Create a Virtual Server
Example Code
curl -X POST /orgs/{org_id}/sec_policy/{pversion}/virtual_servers \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/sec_policy/{pversion}/virtual_servers
Auditable: Yes
Exposure: Public Experimental
Create a virtual server
Example Request Body
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"labels": [
{
"href": "string"
}
],
"service": {
"href": "string"
},
"providers": [
{
"label": {
"href": "string"
}
}
],
"discovered_virtual_server": {
"href": "string"
},
"mode": "unmanaged"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| body | body | sec_policy_virtual_servers_post | false | none |
| » name | body | string | true* | The short friendly name of the virtual server |
| » description | body | string | false | The long description of the virtual server |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
| » labels | body | [object] | true* | Assigned labels |
| »» href | body | string | true* | Label URI |
| » service | body | object | true* | URI of associated service |
| »» href | body | string | true* | Service URI |
| » providers | body | [oneOf] | true* | none |
| »» anonymous | body | object | false | none |
| »»» label | body | object | true* | none |
| »»»» href | body | string | true* | Label URI |
| »»» anonymous | body | object | false | none |
| »»»» workload | body | object | true* | none |
| »»»»» href | body | string | true* | Workload URI |
| »»»» discovered_virtual_server | body | object | true* | Corresponding discovered virtual server |
| »»»»» href | body | string | true* | Discovered virtual server URI |
| »»»» mode | body | string | true* | Management mode of the virtual server |
Enumerated Values
| Parameter | Value |
|---|---|
| »»»» mode | unmanaged |
| »»»» mode | enforced |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Get the Specified Virtual Server
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/virtual_servers/{virtual_server_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/virtual_servers/{virtual_server_id}
Exposure: Public Experimental
Auditable: No
Get the virtual server
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| virtual_server_id | path | string | true* | Virtual server UUID |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"service": {
"href": "string"
},
"providers": [
{}
],
"mode": "string",
"description": null,
"external_data_set": null,
"external_data_reference": null,
"discovered_virtual_server": null,
"update_type": "create",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_virtual_servers_get |
Delete the Specified Virtual Server
Example Code
curl -X DELETE /orgs/{org_id}/sec_policy/{pversion}/virtual_servers/{virtual_server_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/sec_policy/{pversion}/virtual_servers/{virtual_server_id}
Exposure: Public Experimental
Auditable: Yes
Delete the virtual server
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| virtual_server_id | path | string | true* | Virtual server UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Update the Specified Virtual Server
Example Code
curl -X PUT /orgs/{org_id}/sec_policy/{pversion}/virtual_servers/{virtual_server_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/sec_policy/{pversion}/virtual_servers/{virtual_server_id}
Auditable: Yes
Exposure: Public Experimental
Update the virtual server
Example Request Body
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"labels": [
{
"href": "string"
}
],
"service": {
"href": "string"
},
"providers": [
{
"label": {
"href": "string"
}
}
],
"discovered_virtual_server": {
"href": "string"
},
"mode": "unmanaged"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| virtual_server_id | path | string | true* | Virtual server UUID |
| body | body | sec_policy_virtual_servers_put | false | none |
| » name | body | string | false | The short friendly name of the virtual server |
| » description | body | string | false | The long description of the virtual server |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
| » labels | body | [object] | false | Assigned labels |
| »» href | body | string | true* | Label URI |
| » service | body | object | false | URI of associated service |
| »» href | body | string | true* | Service URI |
| » providers | body | [oneOf] | false | none |
| »» anonymous | body | object | false | none |
| »»» label | body | object | true* | none |
| »»»» href | body | string | true* | Label URI |
| »»» anonymous | body | object | false | none |
| »»»» workload | body | object | true* | none |
| »»»»» href | body | string | true* | Workload URI |
| »»»» discovered_virtual_server | body | object | false | Corresponding discovered virtual server |
| »»»»» href | body | string | true* | Discovered virtual server URI |
| »»»» mode | body | string | false | Management mode of the virtual server |
Enumerated Values
| Parameter | Value |
|---|---|
| »»»» mode | unmanaged |
| »»»» mode | enforced |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Virtual Services
Get Virtual Services
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/virtual_services \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/virtual_services
Exposure: Public Stable
Auditable: No
Return the set of Virtual Services
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| description | query | string | false | Description on which to filter. Supports partial matches |
| external_data_reference | query | string | false | A unique identifier within the external data source |
| external_data_set | query | string | false | The data source from which a resource originates |
| labels | query | string | false | List of lists of label URIs, encoded as a JSON string |
| max_results | query | integer | false | Maximum number of Virtual Services to return. |
| name | query | string | false | Name on which to filter. Supports partial matches |
| service | query | string | false | Service URI |
| service_address.fqdn | query | string | false | FQDN configured under service_address property, supports partial matches |
| service_address.ip | query | string | false | IP address configured under service_address property, supports partial matches |
| service_ports.port | query | string | false | Specify port or port range to filter results. The range is from -1 to 65535. |
| service_ports.proto | query | integer | false | Protocol to filter on |
| usage | query | boolean | false | Include Virtual Service usage flags |
Example Response Body
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_virtual_services_get |
Get a Virtual Service
Example Code
curl -X GET /orgs/{org_id}/sec_policy/{pversion}/virtual_services/{virtual_service_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/sec_policy/{pversion}/virtual_services/{virtual_service_id}
Exposure: Public Stable
Auditable: No
Get Virtual Service by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| virtual_service_id | path | string | true* | Virtual Service ID |
| usage | query | boolean | false | Include Virtual Service usage flags |
Example Response Body
200 Response
{}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | sec_policy_virtual_services_get |
Create a Virtual Service
Example Code
curl -X POST /orgs/{org_id}/sec_policy/{pversion}/virtual_services \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/sec_policy/{pversion}/virtual_services
Auditable: Yes
Exposure: Public Stable
Create a virtual service
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| body | body | sec_policy_virtual_services_post | false | none |
| » name | body | string | true* | Name |
| » description | body | string | false | Description |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
| » labels | body | [object] | false | Assigned labels |
| »» href | body | string | true* | Label URI |
| » service_ports | body | [object] | false | Service ports |
| »» port | body | integer | false | Port Number (integer 0-65535 or -1 for any port). Also the startng port when specifying a range. |
| »» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »» proto | body | integer | true* | none |
| » service | body | object | false | URI of associated service |
| » apply_to | body | string | false | Firewall rule target for workloads bound to this virtual service: host_only or internal_bridge_network |
| » ip_overrides | body | [string] | false | Array of IPs or CIDRs as IP overrides |
| » service_addresses | body | [oneOf] | false | none |
| »» anonymous | body | object | false | none |
| »»» ip | body | string | true* | IP address to assign to the virtual service |
| »»» network | body | object | false | none |
| »»»» href | body | string | true* | Network URI for this IP address |
| »»» port | body | integer | false | Port associated with the IP address for the service (1-65535 integer) |
| »»» anonymous | body | object | false | none |
| »»» anonymous | body | object | false | none |
| »» anonymous | body | object | false | none |
| »»» fqdn | body | string | true* | FQDN to assign to the virtual service |
| »»» description | body | string | false | none |
| »»» port | body | integer | false | Port associated with the FQDN for the service |
| »» anonymous | body | object | false | none |
| »» anonymous | body | object | false | none |
Enumerated Values
| Parameter | Value |
|---|---|
| »» proto | 6 |
| »» proto | 17 |
| » apply_to | host_only |
| » apply_to | internal_bridge_network |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Bulk Create Virtual Services
Example Code
curl -X PUT /orgs/{org_id}/sec_policy/{pversion}/virtual_services/bulk_create \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/sec_policy/{pversion}/virtual_services/bulk_create
Auditable: Yes
Exposure: Public Stable
Bulk create virtual services
Example Request Body
[
{}
]
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| body | body | sec_policy_virtual_services_bulk_create_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Update a Virtual Service
Example Code
curl -X PUT /orgs/{org_id}/sec_policy/{pversion}/virtual_services/{virtual_service_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/sec_policy/{pversion}/virtual_services/{virtual_service_id}
Auditable: Yes
Exposure: Public Stable
Modify a Virtual Service by ID
Example Request Body
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"labels": [
{
"href": "string"
}
],
"service_ports": [
{
"port": 0,
"to_port": 0,
"proto": 6
}
],
"service": {},
"apply_to": "host_only",
"ip_overrides": [
"string"
],
"service_addresses": [
{}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| virtual_service_id | path | string | true* | Virtual Service ID |
| body | body | sec_policy_virtual_services_put | false | none |
| » name | body | string | false | Name |
| » description | body | string | false | Description |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
| » labels | body | [object] | false | Assigned labels |
| »» href | body | string | true* | Label URI |
| » service_ports | body | [object] | false | Service ports |
| »» port | body | integer | false | Port Number (integer 0-65535 or -1 for any port). Also the startng port when specifying a range. |
| »» to_port | body | integer | false | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »» proto | body | integer | true* | none |
| » service | body | object | false | URI of associated service |
| » apply_to | body | string | false | Firewall rule target for workloads bound to this virtual service: host_only or internal_bridge_network |
| » ip_overrides | body | [string] | false | Array of IPs or CIDRs as IP overrides |
| » service_addresses | body | [oneOf] | false | none |
| »» anonymous | body | object | false | none |
| »»» ip | body | string | true* | IP address to assign to the virtual service |
| »»» network | body | object | false | none |
| »»»» href | body | string | true* | Network URI for this IP address |
| »»» port | body | integer | false | Port associated with the IP address for the service (1-65535 integer) |
| »»» anonymous | body | object | false | none |
| »»» anonymous | body | object | false | none |
| »» anonymous | body | object | false | none |
| »»» fqdn | body | string | true* | FQDN to assign to the virtual service |
| »»» description | body | string | false | none |
| »»» port | body | integer | false | Port associated with the FQDN for the service |
Enumerated Values
| Parameter | Value |
|---|---|
| »» proto | 6 |
| »» proto | 17 |
| » apply_to | host_only |
| » apply_to | internal_bridge_network |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Bulk Update Virtual Servcies
Example Code
curl -X PUT /orgs/{org_id}/sec_policy/{pversion}/virtual_services/bulk_update \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/sec_policy/{pversion}/virtual_services/bulk_update
Auditable: Yes
Exposure: Public Stable
Bulk update virtual services
Example Request Body
[
{
"href": "string",
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"labels": [
{
"href": "string"
}
],
"service": {},
"service_ports": [
{
"port": 0,
"to_port": 0,
"proto": 6
}
],
"apply_to": "host_only",
"ip_overrides": [
"string"
],
"service_addresses": [
{}
]
}
]
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| body | body | sec_policy_virtual_services_bulk_update_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Virtual Service
Example Code
curl -X DELETE /orgs/{org_id}/sec_policy/{pversion}/virtual_services/{virtual_service_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/sec_policy/{pversion}/virtual_services/{virtual_service_id}
Exposure: Public Stable
Auditable: Yes
Delete a Virtual Service by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| pversion | path | string | true* | Security Policy Version |
| virtual_service_id | path | string | true* | Virtual Service ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Vulnerabilities
Get Vulnerabilities
Example Code
curl -X GET /orgs/{org_id}/vulnerabilities \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/vulnerabilities
Exposure: Public Experimental
Auditable: No
Get the vulnerabilities collection
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| max_results | query | integer | false | Maximum number of vulnerabilities to return. |
Example Response Body
200 Response
[
{
"href": "string",
"score": 0,
"cve_ids": [
"string"
],
"description": "string",
"name": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | vulnerabilities_get |
Get a Vulnerability
Example Code
curl -X GET /orgs/{org_id}/vulnerabilities/{reference_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/vulnerabilities/{reference_id}
Exposure: Public Experimental
Auditable: No
Get Vulnerability by reference ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| reference_id | path | string | true* | Vulnerability Reference ID |
Example Response Body
200 Response
[
{
"href": "string",
"score": 0,
"cve_ids": [
"string"
],
"description": "string",
"name": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | vulnerabilities_get |
Create or Modify a Vulnerability
Example Code
curl -X PUT /orgs/{org_id}/vulnerabilities/{reference_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/vulnerabilities/{reference_id}
Auditable: Yes
Exposure: Public Experimental
Create or update the vulnerability
Example Request Body
{
"score": 0,
"cve_ids": [
"string"
],
"description": "string",
"name": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| reference_id | path | string | true* | Vulnerability Reference ID |
| body | body | vulnerabilities_put | false | none |
| » score | body | integer | true* | The normalized score of the vulnerability within the range of 0 to 100. CVSS Score can be used here with a 10x multiplier. |
| » cve_ids | body | [string] | false | The cve_ids for the vulnerability |
| » description | body | string | false | An arbitrary field to store some details of the vulnerability class |
| » name | body | string | true* | The title/name of the vulnerability |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Vulnerability
Example Code
curl -X DELETE /orgs/{org_id}/vulnerabilities/{reference_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/vulnerabilities/{reference_id}
Exposure: Public Experimental
Auditable: Yes
Delete Vulnerability by reference ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| reference_id | path | string | true* | Vulnerability Reference ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Vulnerability Reports
Get Vulnerability Report Collection
Example Code
curl -X GET /orgs/{org_id}/vulnerability_reports \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/vulnerability_reports
Exposure: Public Experimental
Auditable: No
Get the vulnerability report collection
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| max_results | query | integer | false | Maximum number of vulnerability_reports to return. |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"report_type": "string",
"num_vulnerabilities": 0,
"authoritative": true,
"scanned_ips": [
"string"
],
"exported_at": "2025-04-01T00:21:27Z",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | vulnerability_reports_get |
Get a Vulerability Report
Example Code
curl -X GET /orgs/{org_id}/vulnerability_reports/{reference_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/vulnerability_reports/{reference_id}
Exposure: Public Experimental
Auditable: No
Get Vulnerability Report by reference ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| reference_id | path | string | true* | Vulnerability Report Reference ID |
Example Response Body
200 Response
{
"href": "string",
"name": "string",
"report_type": "string",
"num_vulnerabilities": 0,
"authoritative": true,
"scanned_ips": [
"string"
],
"exported_at": "2025-04-01T00:21:27Z",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | vulnerability_reports_get |
Update a Vulerability Report
Example Code
curl -X PUT /orgs/{org_id}/vulnerability_reports/{reference_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/vulnerability_reports/{reference_id}
Auditable: Yes
Exposure: Public Experimental
Create a vulnerability_report
Example Request Body
{
"name": "string",
"report_type": "string",
"authoritative": true,
"scanned_ips": [
"2001:0db8:85a3:0000:0000:8a2e:0370:7334"
],
"detected_vulnerabilities": [
{
"ip_address": "2001:0db8:85a3:0000:0000:8a2e:0370:7334",
"port": 0,
"proto": 0,
"workload": {
"href": "string"
},
"vulnerability": {
"href": "string"
},
"external_data_reference": "string",
"state": "active"
}
],
"exported_at": "2025-04-01T00:21:27Z"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| reference_id | path | string | true* | Vulnerability Report Reference ID |
| body | body | vulnerability_reports_put | false | none |
| » name | body | string | true* | User generated name of the vulnerability report |
| » report_type | body | string | true* | A string representing the type of the report |
| » authoritative | body | boolean | false | Boolean value specifies whether a report is authoritative (or) not |
| » scanned_ips | body | [oneOf] | false | The ips on which the scan was performed |
| »» anonymous | body | number | false | none |
| »» anonymous | body | number | false | none |
| » detected_vulnerabilities | body | [object] | false | none |
| »» ip_address | body | any | true* | none |
| »» port | body | integer | false | The port which is associated with the vulnerability |
| »» proto | body | integer | false | The protocol which is associated with the vulnerability |
| »» workload | body | object | true* | none |
| »»» href | body | string | true* | The URI of the workload to which this vulnerability belongs |
| »» vulnerability | body | object | true* | none |
| »»» href | body | string | true* | The URI of the vulnerability class to which this vulnerability belongs |
| »» external_data_reference | body | string | false | external data reference json string for vulnerability |
| »» state | body | string | false | detected vulnerability state |
| » exported_at | body | string(date-time) | false | The timestamp (rfc3339 timestamp) at which this report was exported |
Enumerated Values
| Parameter | Value |
|---|---|
| »» state | active |
| »» state | fixed |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Vulerability Report
Example Code
curl -X DELETE /orgs/{org_id}/vulnerability_reports/{reference_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/vulnerability_reports/{reference_id}
Exposure: Public Experimental
Auditable: Yes
Delete a vulnerability report by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| reference_id | path | string | true* | Vulnerability Report Reference ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Workload Interfaces
DEPRECATED. Get All Workload Interface Statuses
Example Code
curl -X GET /orgs/{org_id}/workloads/{workload_id}/interfaces \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/workloads/{workload_id}/interfaces
Exposure: Public Stable
Auditable: No
DEPRECATED WITH NO REPLACEMENT. Get the interface statuses (all interfaces)
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| workload_id | path | string | true* | Workload UUID |
| name | query | string | false | Name of interface(s) to return. Supports partial matches |
Example Response Body
200 Response
{
"name": "string",
"link_state": null,
"address": "string",
"cidr_block": null,
"default_gateway_address": null,
"network": {
"href": "string",
"name": null
},
"network_detection_mode": null,
"friendly_name": null,
"href": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | workloads_interfaces_get |
DEPRECATED. Get Workload Interface Status
Example Code
curl -X GET /orgs/{org_id}/workloads/{workload_id}/interfaces/{name} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/workloads/{workload_id}/interfaces/{name}
Exposure: Public Stable
Auditable: No
DEPRECATED WITH NO REPLACEMENT. Get the interface status (single interface). Use get_collection API filtering by name.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| workload_id | path | string | true* | Workload UUID |
| name | path | string | true* | Interface Name |
Example Response Body
200 Response
{
"name": "string",
"link_state": null,
"address": "string",
"cidr_block": null,
"default_gateway_address": null,
"network": {
"href": "string",
"name": null
},
"network_detection_mode": null,
"friendly_name": null,
"href": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | workloads_interfaces_get |
DEPRECATED. Create an interface for a specific workload
Example Code
curl -X POST /orgs/{org_id}/workloads/{workload_id}/interfaces \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/workloads/{workload_id}/interfaces
Auditable: Yes
Exposure: Public Stable
DEPRECATED WITH NO REPLACEMENT. Create an interface for a specific workload.
Example Request Body
{
"name": "string",
"link_state": "up",
"address": "string",
"cidr_block": 0,
"default_gateway_address": "string",
"friendly_name": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| workload_id | path | string | true* | Workload UUID |
| body | body | workloads_interfaces_post | false | none |
| » name | body | string | true* | Interface name |
| » link_state | body | string | true* | Link State |
| » address | body | any | false | none |
| »» anonymous | body | number | false | none |
| »» anonymous | body | number | false | none |
| » cidr_block | body | integer | false | The number of bits in the subnet /24 is 255.255.255.0 |
| » default_gateway_address | body | any | false | none |
| » friendly_name | body | string | false | User-friendly name for interface |
Enumerated Values
| Parameter | Value |
|---|---|
| » link_state | up |
| » link_state | down |
| » link_state | unknown |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
DEPRECATED. Delete a Workload Interface
Example Code
curl -X DELETE /orgs/{org_id}/workloads/{workload_id}/interfaces/{name}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/workloads/{workload_id}/interfaces/{name}
Exposure: Public Stable
Auditable: Yes
DEPRECATED WITH NO REPLACEMENT. Delete an interface. Use the PUT /interfaces/delete to delete multiple interfaces.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| workload_id | path | string | true* | Workload UUID |
| name | path | string | true* | Interface Name |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Workload Settings
Get Workloads Settings
Example Code
curl -X GET /orgs/{org_id}/settings/workloads \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/settings/workloads
Exposure: Public Stable
Auditable: No
Get workload setting properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
Example Response Body
200 Response
{
"workload_disconnected_timeout_seconds": [
{
"scope": [
{
"href": "string"
}
],
"value": -1,
"ven_type": "server"
}
],
"workload_goodbye_timeout_seconds": [
{
"scope": [
{
"href": "string"
}
],
"value": -1,
"ven_type": "server"
}
],
"workload_disconnected_notification_seconds": [
{
"scope": [
{
"href": "string"
}
],
"warning": -1,
"ven_type": "server"
}
],
"ven_uninstall_timeout_hours": [
{
"scope": [
{
"href": "string"
}
],
"value": -1
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | settings_workloads_get |
Update Workloads Settings
Example Code
curl -X PUT /orgs/{org_id}/settings/workloads \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/settings/workloads
Auditable: Yes
Exposure: Public Stable
Update workload setting properties
Example Request Body
{
"workload_disconnected_timeout_seconds": [
{
"scope": [
{
"href": "string"
}
],
"value": -1,
"ven_type": "server"
}
],
"workload_goodbye_timeout_seconds": [
{
"scope": [
{
"href": "string"
}
],
"value": -1,
"ven_type": "server"
}
],
"workload_disconnected_notification_seconds": [
{
"scope": [
{
"href": "string"
}
],
"warning": -1,
"ven_type": "server"
}
],
"ven_uninstall_timeout_hours": [
{
"scope": [
{
"href": "string"
}
],
"value": -1
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Org ID |
| body | body | settings_workloads_put | false | none |
| » workload_disconnected_timeout_seconds | body | [object] | false | none |
| »» scope | body | [object] | true* | Assigned labels |
| »»» href | body | string | true* | Label URI |
| »» value | body | integer | true* | Property value associated with the scope |
| »» ven_type | body | string,null | false | The ven type that this property is applicable to |
| » workload_goodbye_timeout_seconds | body | [object] | false | none |
| » workload_disconnected_notification_seconds | body | [object] | false | none |
| »» scope | body | [object] | true* | Assigned labels |
| »» warning | body | integer | true* | Workload disconnect warning timeout |
| »» ven_type | body | string,null | false | The ven type that this property is applicable to |
| » ven_uninstall_timeout_hours | body | [object] | false | none |
| »» scope | body | [object] | true* | Assigned labels |
| »» value | body | integer | true* | Property value associated with the scope |
Enumerated Values
| Parameter | Value |
|---|---|
| »» ven_type | server |
| »» ven_type | endpoint |
| »» ven_type | null |
| »» ven_type | server |
| »» ven_type | endpoint |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Workloads
Get Workloads
Example Code
curl -X GET /orgs/{org_id}/workloads \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/workloads
Exposure: Public Stable
Auditable: No
Get the workload information
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| agent.active_pce_fqdn | query | string | false | FQDN of the PCE |
| container_clusters | query | string | false | List of container cluster URIs, encoded as a JSON string |
| description | query | string | false | Description of workload(s) to return. Supports partial matches |
| enforcement_mode | query | string | false | Enforcement mode of workload(s) to return |
| enforcement_modes | query | string | false | List of enforcement modes, encoded as a JSON string |
| external_data_reference | query | string | false | A unique identifier within the external data source |
| external_data_set | query | string | false | The data source from which a resource originates |
| hostname | query | string | false | Hostname of workload(s) to return. Supports partial matches |
| include_deleted | query | boolean | false | Include deleted workloads |
| ip_address | query | string | false | IP address of workload(s) to return. Supports partial matches |
| labels | query | string | false | List of lists of label URIs, encoded as a JSON string |
| last_heartbeat_on[gte] | query | string | false | Greater than or equal to value for last heartbeat on timestamp |
| last_heartbeat_on[lte] | query | string | false | Less than or equal to value for last heartbeat on timestamp |
| log_traffic | query | boolean | false | Whether we want to log traffic events from this workload |
| managed | query | boolean | false | Return managed or unmanaged workloads using this filter |
| max_results | query | integer | false | Maximum number of workloads to return. |
| mode | query | string | false | Management mode of workload(s) to return. DEPRECATED AND REPLACED (Use enforcement_mode) |
| name | query | string | false | Name of workload(s) to return. Supports partial matches |
| online | query | boolean | false | Return online/offline workloads using this filter |
| os_id | query | string | false | Operating System of workload(s) to return. Supports partial matches |
| policy_health | query | string | false | Policy of health of workload(s) to return. Valid values: active, warning, error, suspended |
| risk_summary.ransomware.workload_exposure_severity | query | string | false | The ransomware severity of the workload. Valid values: low, medium, high, critical, fully_protected |
| security_policy_sync_state | query | string | false | Advanced search option for workload based on policy sync state |
| security_policy_update_mode | query | string | false | Advanced search option for workload based on security policy update mode |
| soft_deleted | query | boolean | false | DEPRECATED WITH NO REPLACEMENT: Only soft-deleted workloads |
| ven | query | string | false | URI of VEN to filter by. |
| ven.ven_type | query | string | false | Return only Workloads with VENs of the specific type: server, endpoint, or containerized |
| visibility_level | query | string | false | Filter by visibility level |
| vulnerability_summary.vulnerability_exposure_score[gte] | query | integer | false | Greater than or equal to value for vulnerability_exposure_score |
| vulnerability_summary.vulnerability_exposure_score[lte] | query | integer | false | Less than or equal to value for vulnerability_exposure_score |
Enumerated Values
| Parameter | Value |
|---|---|
| enforcement_mode | visibility_only |
| enforcement_mode | full |
| enforcement_mode | idle |
| enforcement_mode | selective |
| last_heartbeat_on[gte] | server |
| last_heartbeat_on[gte] | endpoint |
| last_heartbeat_on[gte] | containerized |
| last_heartbeat_on[lte] | server |
| last_heartbeat_on[lte] | endpoint |
| last_heartbeat_on[lte] | containerized |
| security_policy_sync_state | staged |
| security_policy_update_mode | static |
| security_policy_update_mode | adaptive |
| ven.ven_type | server |
| ven.ven_type | endpoint |
| ven.ven_type | containerized |
| visibility_level | flow_full_detail |
| visibility_level | flow_summary |
| visibility_level | flow_drops |
| visibility_level | flow_off |
| visibility_level | enhanced_data_collection |
Example Response Body
200 Response
{
"href": "string",
"deleted": true,
"delete_type": "string",
"name": "string",
"description": "string",
"managed": true,
"hostname": "string",
"service_principal_name": "string",
"agent_to_pce_certificate_authentication_id": null,
"distinguished_name": "string",
"public_ip": "string",
"external_data_set": null,
"external_data_reference": null,
"interfaces": {
"name": "string",
"link_state": null,
"address": "string",
"cidr_block": null,
"default_gateway_address": null,
"network": {
"href": "string",
"name": null
},
"network_detection_mode": null,
"friendly_name": null,
"href": "string"
},
"service_provider": "string",
"data_center": "string",
"data_center_zone": "string",
"os_id": "string",
"os_detail": "string",
"online": true,
"firewall_coexistence": null,
"containers_inherit_host_policy": true,
"blocked_connection_action": "drop",
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"services": {
"uptime_seconds": 0,
"created_at": "2025-04-01T00:21:27Z",
"open_service_ports": [
{
"protocol": 0,
"address": "string",
"port": 0,
"process_name": "string",
"user": "string",
"package": "string",
"win_service_name": "string"
}
]
},
"vulnerabilities_summary": {
"num_vulnerabilities": 0,
"vulnerability_score": 0,
"max_vulnerability_score": 0,
"vulnerable_port_exposure": null,
"vulnerable_port_wide_exposure": {
"any": null,
"ip_list": null
},
"vulnerability_exposure_score": null,
"full_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"selective_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"visibility_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"current_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"max_vulnerability_exposure_score": null,
"vulnerability_computation_state": "not_applicable",
"last_updated_at": "2025-04-01T00:21:27Z"
},
"detected_vulnerabilities": {
"detected_vulnerability_summary": {
"num_vulnerabilities": 0,
"vulnerability_score": 0,
"max_vulnerability_score": 0,
"vulnerable_port_exposure": null,
"vulnerable_port_wide_exposure": {
"any": null,
"ip_list": null
},
"vulnerability_exposure_score": null,
"full_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"selective_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"visibility_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"current_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"max_vulnerability_exposure_score": null,
"vulnerability_computation_state": "not_applicable",
"last_updated_at": "2025-04-01T00:21:27Z"
},
"workload_detected_vulnerabilities": [
{
"ip_address": "string",
"port": 0,
"proto": 0,
"port_exposure": null,
"port_vulnerability_exposure_score": null,
"full_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"port_vulnerability_exposure_score": null
},
"selective_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"port_vulnerability_exposure_score": null
},
"visibility_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"port_vulnerability_exposure_score": null
},
"current_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"port_vulnerability_exposure_score": null
},
"port_wide_exposure": {
"any": null,
"ip_list": null
},
"workload": {
"href": "string"
},
"vulnerability": {
"href": "string",
"score": 0,
"name": "string"
},
"vulnerability_report": {
"href": "string"
}
}
],
"last_updated_at": "2025-04-01T00:21:27Z"
},
"risk_summary": {
"ransomware": null
},
"agent": {
"config": {
"mode": "string",
"log_traffic": true,
"security_policy_update_mode": "string"
},
"href": "string",
"secure_connect": {
"matching_issuer_name": "string"
},
"status": {
"uid": "string",
"last_heartbeat_on": null,
"uptime_seconds": null,
"agent_version": "string",
"managed_since": "2025-04-01T00:21:27Z",
"fw_config_current": true,
"firewall_rule_count": 0,
"security_policy_refresh_at": "2025-04-01T00:21:27Z",
"security_policy_applied_at": "2025-04-01T00:21:27Z",
"security_policy_received_at": "2025-04-01T00:21:27Z",
"agent_health_errors": {
"errors": [
"string"
],
"warnings": [
"string"
]
},
"agent_health": [
{
"type": "string",
"severity": "string",
"audit_event": "string"
}
],
"security_policy_sync_state": "string"
},
"active_pce_fqdn": "string",
"target_pce_fqdn": "string",
"type": "string"
},
"ven": {
"href": "string",
"hostname": "string",
"name": "string",
"status": "string",
"ven_type": "server"
},
"enforcement_mode": "idle",
"selectively_enforced_services": [
{
"port": 0,
"to_port": 0,
"proto": 0
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": {
"href": "string"
},
"container_cluster": {
"href": "string",
"name": "string"
},
"ike_authentication_certificate": {},
"datacenter_nat_1to1": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | workloads_get |
Get a Workload
Example Code
curl -X GET /orgs/{org_id}/workloads/{workload_id} \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/workloads/{workload_id}
Exposure: Public Stable
Auditable: No
Get the workload information
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| workload_id | path | string | true* | Workload UUID |
Example Response Body
200 Response
{
"href": "string",
"deleted": true,
"delete_type": "string",
"name": "string",
"description": "string",
"managed": true,
"hostname": "string",
"service_principal_name": "string",
"agent_to_pce_certificate_authentication_id": null,
"distinguished_name": "string",
"public_ip": "string",
"external_data_set": null,
"external_data_reference": null,
"interfaces": {
"name": "string",
"link_state": null,
"address": "string",
"cidr_block": null,
"default_gateway_address": null,
"network": {
"href": "string",
"name": null
},
"network_detection_mode": null,
"friendly_name": null,
"href": "string"
},
"service_provider": "string",
"data_center": "string",
"data_center_zone": "string",
"os_id": "string",
"os_detail": "string",
"online": true,
"firewall_coexistence": null,
"containers_inherit_host_policy": true,
"blocked_connection_action": "drop",
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"services": {
"uptime_seconds": 0,
"created_at": "2025-04-01T00:21:27Z",
"open_service_ports": [
{
"protocol": 0,
"address": "string",
"port": 0,
"process_name": "string",
"user": "string",
"package": "string",
"win_service_name": "string"
}
]
},
"vulnerabilities_summary": {
"num_vulnerabilities": 0,
"vulnerability_score": 0,
"max_vulnerability_score": 0,
"vulnerable_port_exposure": null,
"vulnerable_port_wide_exposure": {
"any": null,
"ip_list": null
},
"vulnerability_exposure_score": null,
"full_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"selective_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"visibility_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"current_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"max_vulnerability_exposure_score": null,
"vulnerability_computation_state": "not_applicable",
"last_updated_at": "2025-04-01T00:21:27Z"
},
"detected_vulnerabilities": {
"detected_vulnerability_summary": {
"num_vulnerabilities": 0,
"vulnerability_score": 0,
"max_vulnerability_score": 0,
"vulnerable_port_exposure": null,
"vulnerable_port_wide_exposure": {
"any": null,
"ip_list": null
},
"vulnerability_exposure_score": null,
"full_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"selective_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"visibility_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"current_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"max_vulnerability_exposure_score": null,
"vulnerability_computation_state": "not_applicable",
"last_updated_at": "2025-04-01T00:21:27Z"
},
"workload_detected_vulnerabilities": [
{
"ip_address": "string",
"port": 0,
"proto": 0,
"port_exposure": null,
"port_vulnerability_exposure_score": null,
"full_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"port_vulnerability_exposure_score": null
},
"selective_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"port_vulnerability_exposure_score": null
},
"visibility_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"port_vulnerability_exposure_score": null
},
"current_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"port_vulnerability_exposure_score": null
},
"port_wide_exposure": {
"any": null,
"ip_list": null
},
"workload": {
"href": "string"
},
"vulnerability": {
"href": "string",
"score": 0,
"name": "string"
},
"vulnerability_report": {
"href": "string"
}
}
],
"last_updated_at": "2025-04-01T00:21:27Z"
},
"risk_summary": {
"ransomware": null
},
"agent": {
"config": {
"mode": "string",
"log_traffic": true,
"security_policy_update_mode": "string"
},
"href": "string",
"secure_connect": {
"matching_issuer_name": "string"
},
"status": {
"uid": "string",
"last_heartbeat_on": null,
"uptime_seconds": null,
"agent_version": "string",
"managed_since": "2025-04-01T00:21:27Z",
"fw_config_current": true,
"firewall_rule_count": 0,
"security_policy_refresh_at": "2025-04-01T00:21:27Z",
"security_policy_applied_at": "2025-04-01T00:21:27Z",
"security_policy_received_at": "2025-04-01T00:21:27Z",
"agent_health_errors": {
"errors": [
"string"
],
"warnings": [
"string"
]
},
"agent_health": [
{
"type": "string",
"severity": "string",
"audit_event": "string"
}
],
"security_policy_sync_state": "string"
},
"active_pce_fqdn": "string",
"target_pce_fqdn": "string",
"type": "string"
},
"ven": {
"href": "string",
"hostname": "string",
"name": "string",
"status": "string",
"ven_type": "server"
},
"enforcement_mode": "idle",
"selectively_enforced_services": [
{
"port": 0,
"to_port": 0,
"proto": 0
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": {
"href": "string"
},
"container_cluster": {
"href": "string",
"name": "string"
},
"ike_authentication_certificate": {},
"datacenter_nat_1to1": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | workloads_get |
Create a Workload
Example Code
curl -X POST /orgs/{org_id}/workloads \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
POST /api/v2/orgs/{org_id}/workloads
Auditable: Yes
Exposure: Public Stable
Used to create a workload
Example Request Body
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | workloads_post | false | none |
| » name | body | string | false | The short friendly name of the workload |
| » description | body | string | false | The long description of the workload |
| » external_data_set | body | string,null | false | External data set identifier |
| » external_data_reference | body | string,null | false | External data reference identifier |
| » hostname | body | string | false | The hostname reported from the host itself |
| » service_principal_name | body | string,null | false | The Kerberos Service Principal Name (SPN) |
| » agent_to_pce_certificate_authentication_id | body | string,null | false | PKI Certificate identifier to be used by the PCE for authenticating the VEN |
| » distinguished_name | body | string | false | X.509 Subject distinguished name |
| » public_ip | body | string,null | false | The public IP address of the server |
| » interfaces | body | [object] | false | Workload network interfaces |
| »» name | body | string | true* | Interface name |
| »» link_state | body | string | false | Link State |
| »» address | body | any | true* | none |
| »»» anonymous | body | number | false | none |
| »»» anonymous | body | number | false | none |
| »» cidr_block | body | integer | false | The number of bits in the subnet /24 is 255.255.255.0 |
| »» default_gateway_address | body | any | false | none |
| »» friendly_name | body | string | false | User-friendly name for interface |
| »» network | body | sec_policy_virtual_servers_get/properties/created_by | false | none |
| »»» href | body | string | true* | none |
| »» service_provider | body | string | false | Service provider |
| »» data_center | body | string | false | Data center |
| »» data_center_zone | body | string | false | Data center zone |
| »» os_id | body | string | false | Our OS identifier |
| »» os_detail | body | string | false | Additional OS details - just displayed to end user |
| »» online | body | boolean | false | If this workload is online |
| »» labels | body | [object] | false | Assigned labels |
| »»» href | body | string | true* | Label URI |
| »» agent | body | object | false | DEPRECATED AND REPLACED (USE enforcement_mode and visibility_level) Agent info |
| »»» config | body | workloads_post/properties/agent/properties/config | false | DEPRECATED AND REPLACED by 'ven', 'enforcement_mode', and 'visibility_level' |
| »»»» mode | body | pairing_profiles_get/properties/mode | false | DEPRECATED AND REPLACED (Use enforcement_mode instead) |
| »»»» log_traffic | body | boolean | false | DEPRECATED WITH NO REPLACEMENT True if we want to log traffic events from this workload |
| »»» enforcement_mode | body | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | Workload enforcement mode |
| »»» anonymous | body | object | false | none |
| »»» anonymous | body | object | false | none |
Enumerated Values
| Parameter | Value |
|---|---|
| »» link_state | up |
| »» link_state | down |
| »» link_state | unknown |
| »»»» mode | idle |
| »»»» mode | illuminated |
| »»»» mode | enforced |
| »»»» mode | selective |
| »»» enforcement_mode | idle |
| »»» enforcement_mode | visibility_only |
| »»» enforcement_mode | full |
| »»» enforcement_mode | selective |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Success | None |
Bulk Create Workloads
Example Code
curl -X PUT /orgs/{org_id}/workloads/bulk_create \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/workloads/bulk_create
Auditable: Yes
Exposure: Public Stable
Bulk create workloads
Example Request Body
[
{}
]
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | workloads_bulk_create_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Bulk update workloads using csv file
Example Code
curl -X PUT /orgs/{org_id}/workloads/bulk_import
PUT /api/v2/orgs/{org_id}/workloads/bulk_import
Exposure: Public Experimental
Auditable: Yes
Bulk update workloads using csv file
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| create_labels | query | boolean | false | When updating labels via csv, create new labels if they do not exist |
| delete_token | query | string | false | delete token is used to specify the value in the csv which indicates the deletion of a label |
| dry_run | query | boolean | false | in draft mode, api will only return the statistics of the potential changes but not making any changes |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Unpair a Workload
Example Code
curl -X PUT /orgs/{org_id}/workloads/unpair \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/workloads/unpair
Auditable: Yes
Exposure: Public Stable
DEPRECATED AND REPLACED (USE /orgs/:org_id/vens/unpair INSTEAD)
Example Request Body
{
"workloads": [
{
"href": "string"
}
],
"ip_table_restore": "default"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | workloads_unpair_put | false | none |
| » workloads | body | [object] | true* | Workloads to update |
| »» href | body | string | true* | URI of workload to update |
| » ip_table_restore | body | string | false | The desired state of IP tables after the agent is uninstalled. |
Enumerated Values
| Parameter | Value |
|---|---|
| » ip_table_restore | saved |
| » ip_table_restore | default |
| » ip_table_restore | disable |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Update a Workload
Example Code
curl -X PUT /orgs/{org_id}/workloads/{workload_id} \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/workloads/{workload_id}
Auditable: Yes
Exposure: Public Stable
Update the workload information
Example Request Body
{
"href": "string",
"name": "string",
"description": null,
"external_data_set": null,
"external_data_reference": null,
"service_principal_name": null,
"agent_to_pce_certificate_authentication_id": null,
"service_provider": "string",
"data_center": "string",
"data_center_zone": "string",
"labels": [
{
"href": "string"
}
],
"agent": {
"href": "string",
"config": {
"mode": "idle",
"log_traffic": true
},
"status": {
"status": "active"
}
},
"enforcement_mode": "idle",
"datacenter_nat_1to1": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| workload_id | path | string | true* | Workload UUID |
| body | body | workloads_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Bulk Update Workloads
Example Code
curl -X PUT /orgs/{org_id}/workloads/bulk_update \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/workloads/bulk_update
Auditable: Yes
Exposure: Public Stable
Bulk update workloads
Example Request Body
[]
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | workloads_bulk_update_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Delete a Workload
Example Code
curl -X DELETE /orgs/{org_id}/workloads/{workload_id}
\ -u $KEY:$TOKEN
DELETE /api/v2/orgs/{org_id}/workloads/{workload_id}
Exposure: Public Stable
Auditable: Yes
Delete the workload record
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| workload_id | path | string | true* | Workload UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Get ransomware details for this workload
Example Code
curl -X GET /orgs/{org_id}/workloads/{workload_id}/risk_details \
-u $KEY:$TOKEN -H 'Accept: application/json'
GET /api/v2/orgs/{org_id}/workloads/{workload_id}/risk_details
Exposure: Public Experimental
Auditable: No
Get ransomware details for this workload
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| workload_id | path | string | true* | Workload UUID |
Example Response Body
200 Response
{
"risk_details": {}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | workloads_risk_details_get |
Bulk Delete Workloads
Example Code
curl -X PUT /orgs/{org_id}/workloads/bulk_delete \
-u $KEY:$TOKEN -H 'Content-Type: application/json'
PUT /api/v2/orgs/{org_id}/workloads/bulk_delete
Auditable: Yes
Exposure: Public Stable
Bulk delete workloads
Example Request Body
[
{
"href": "string"
}
]
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| org_id | path | integer | true* | Organization |
| body | body | workloads_bulk_delete_put | false | none |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Success | None |
Schemas
network_devices_network_endpoints_get
[
{
"href": "string",
"config": {
"endpoint_type": "string",
"name": "string",
"traffic_flow_id": "string",
"workload_discovery": true
},
"workload_discovery": true,
"network_device": {
"href": "string"
},
"workloads": [
{
"href": "string"
}
],
"status": "string"
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URL of device endpoint |
| config | network_devices_network_endpoints_post/properties/config | false | none | none |
| workload_discovery | boolean | false | none | Flag to indicate if workload discovery is enabled |
| network_device | object | false | none | Associated network device |
| » href | string | false | none | URI of network device |
| workloads | [object] | false | none | List of managed workloads |
| » href | string | false | none | URI of workload |
| status | string | false | none | Endpoint status |
network_devices_network_endpoints_post
{
"config": {
"endpoint_type": "string",
"name": "string",
"traffic_flow_id": "string",
"workload_discovery": true
},
"workloads": [
{
"href": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| config | object | true* | none | none |
| » endpoint_type | string | false | none | The type of endpoint |
| » name | string | false | none | The name of the endpoint e.g. interface name |
| » traffic_flow_id | string | false | none | A traffic flow identifier for this endpoint e.g. switch port IfIndex |
| » workload_discovery | boolean | false | none | Flag to indicate if workload discovery is enabled |
| workloads | [object] | false | none | List of managed workloads |
| » href | string | true* | none | URI of workload |
network_devices_network_endpoints_put
{
"config": {
"endpoint_type": "string",
"name": "string",
"traffic_flow_id": "string",
"workload_discovery": true
},
"workloads": [
{
"href": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| config | network_devices_network_endpoints_post/properties/config | false | none | none |
| workloads | [object] | false | none | List of managed workloads |
| » href | string | true* | none | URI of workload |
network_devices_get
[
{
"href": "string",
"config": {
"name": "string",
"description": "string",
"device_type": "string",
"manufacturer": "string",
"model": "string",
"ip_address": "string",
"credentials": {
"type": "cli",
"port": 0,
"username": "string",
"password": "string"
}
},
"configure": true,
"enforcement_instructions_generation_in_progress": true,
"enforcement_instructions_data_href": "string",
"enforcement_instructions_data_timestamp": "2025-04-01T00:21:27Z",
"enforcement_instructions_ack_href": "string",
"enforcement_instructions_ack_timestamp": "2025-04-01T00:21:27Z",
"supported_endpoint_type": "string",
"endpoints": [
{
"href": "string"
}
],
"network_enforcement_node": {
"href": "string"
},
"status": "string"
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | URI of network device |
| config | network_enforcement_nodes_network_devices_post | true* | none | none |
| configure | boolean | false | none | Enable configuration of the device by the network enforcement platform |
| enforcement_instructions_generation_in_progress | boolean | false | none | Flag to indicate if an enforceement instructions generation is in progress for this network_device |
| enforcement_instructions_data_href | string | false | none | href to download the enforcement instructions data (this expires 7 days after data uploaded from network enforcement node) |
| enforcement_instructions_data_timestamp | string(date-time) | false | none | Timestamp indicating when enforcement instructions data were received from network enforcement node |
| enforcement_instructions_ack_href | string | false | none | href to download the enforcement instructions ack log (this expires 7 days after data uploaded from network enforcement node) |
| enforcement_instructions_ack_timestamp | string(date-time) | false | none | Timestamp indicating when enforcement instructions ack log was received from network enforcement node |
| supported_endpoint_type | string | true* | none | Type of endpoint supported by this device |
| endpoints | [object] | false | none | none |
| » href | string | false | none | URI of endpoint |
| network_enforcement_node | object | true* | none | none |
| » href | string | false | none | URI of owning network_enforcement_agent |
| status | string | false | none | Status of device |
network_devices_multi_enforcement_instructions_request_post
{}
Supply one of the following properties
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| all_devices | boolean | false | none | Flag to indicate that enforcement instructions are required for all network devices |
| network_devices | [object] | false | none | none |
| » href | string | false | none | href of network device |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| all_devices | true* |
network_devices_multi_enforcement_instructions_applied_post
{}
Supply one of the following properties
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| all_devices | boolean | false | none | Flag to indicate that enforcement instructions are required for all network devices |
| network_devices | [object] | false | none | none |
| » href | string | false | none | href of network device |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| all_devices | true* |
network_enforcement_nodes_network_devices_post
{
"name": "string",
"description": "string",
"device_type": "string",
"manufacturer": "string",
"model": "string",
"ip_address": "string",
"credentials": {
"type": "cli",
"port": 0,
"username": "string",
"password": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | The name of the device |
| description | string | false | none | Description of the device |
| device_type | string | false | none | Type of device |
| manufacturer | string | false | none | The manufacturer of the device |
| model | string | false | none | The model of the device |
| ip_address | string | false | none | The IP address of the device |
| credentials | object | false | none | none |
| » type | string | false | none | The type of credential used to access the device |
| » port | integer | false | none | The device port, if non-standard for credential type |
| » username | string | false | none | The username used to access the device |
| » password | string | false | none | The password used to access the device |
Enumerated Values
| Property | Value |
|---|---|
| type | cli |
| type | api |
network_devices_put
{
"name": "string",
"description": "string",
"device_type": "string",
"manufacturer": "string",
"model": "string",
"ip_address": "string",
"credentials": {
"type": "cli",
"port": 0,
"username": "string",
"password": "string"
}
}
Properties
None
network_devices_enforcement_instructions_request_post
{}
Properties
None
network_devices_enforcement_instructions_applied_post
{}
Properties
None
network_enforcement_nodes_get
[
{
"uuid": "string",
"org_id": 0,
"hostname": "string",
"name": "string",
"public_ip": "string",
"software_version": "string",
"last_status_at": null,
"uptime_seconds": null,
"network_devices": [],
"supported_devices": [
{
"device_type": "string",
"manufacturers": [
{
"manufacturer": "string",
"models": [
{
"model": "string",
"endpoint_type": "string"
}
]
}
]
}
],
"conditions": [
{
"first_reported_timestamp": "2025-04-01T00:21:27Z",
"latest_event": {
"notification_type": "string",
"severity": "err",
"href": "string",
"info": {},
"timestamp": "2025-04-01T00:21:27Z"
}
}
],
"target_pce_fqdn": null,
"active_pce_fqdn": null
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| uuid | string | false | none | The uuid for this network enforcement node |
| org_id | integer | false | none | The org id for this network enforcement node |
| hostname | string | false | none | The hostname for this network enforcement node |
| name | string | false | none | User friendly name for this network enforcement node |
| public_ip | string | false | none | Public ip of this network enforcement node |
| software_version | string | false | none | Network enforcement node software version string |
| last_status_at | string,null(date-time) | false | none | The last time (rfc3339 timestamp) a status was received from this node |
| uptime_seconds | integer,null | false | none | How long since the last restart of this service. |
| network_devices | array | false | none | Managed network devices |
| supported_devices | [object] | false | none | none |
| » device_type | string | false | none | Type of network device |
| » manufacturers | [object] | false | none | none |
| »» manufacturer | string | false | none | Device manufacturer |
| »» models | [object] | false | none | none |
| »»» model | string | true* | none | Device model |
| »»» endpoint_type | string | false | none | Type of supported endpoint |
| »» conditions | vens_get/properties/conditions | false | none | Resource errors. If there are no errors or warnings, then the array value will be empty. |
| »» target_pce_fqdn | string,null | false | none | The FQDN of the PCE the Network Enforcement Node will use for future connections |
| »» active_pce_fqdn | string,null | false | none | The FQDN of the PCE that received the Network Enforcement Node's last heartbeat |
network_enforcement_nodes_virtual_server_discovery_jobs_get
{
"href": "string",
"status": "string",
"created_at": "2025-04-01T00:21:27Z",
"completed_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"connection_state": "string",
"virtual_server_infos": [
{
"ip_address": "string",
"port": 0,
"discovered_virtual_server": {
"href": "string"
}
}
]
}
Details of virtual servers discovery
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | URI of the requested Virtual Servers discovery job |
| status | string | true* | none | The current state of the request |
| created_at | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this job was created |
| completed_at | string(date-time) | false | none | The time (rfc3339 timestamp) at which this job was completed |
| created_by | object | true* | none | none |
| » href | string | true* | none | User who originally created this Virtual Server discovery job |
| connection_state | string | false | none | Status of most recent connection to the SLB device |
| virtual_server_infos | [object] | false | none | Information of job completion |
| » ip_address | string | false | none | Virtual server IP address |
| » port | integer | false | none | Virtual server port |
| » discovered_virtual_server | object | false | none | Discovered Virtual Server. Null indicates not found |
| »» href | string | true* | none | URI of Discovered Virtual Server |
network_enforcement_nodes_put
{
"target_pce_fqdn": "string"
}
Update a NEN's target PCE.
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| target_pce_fqdn | string | false | none | cluster FQDN for target PCE |
login_users_authenticate_post
{
"one_time_password": "string"
}
Properties
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » one_time_password | string | false | none | The time-based one-time password for two-factor authentication. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | null | false | none | none |
login_users_password_put
{
"password": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| password | string | true* | none | New password |
traffic_flows_database_metrics_get
{
"flows_days": 0,
"flows_days_limit": 0,
"flows_oldest_day": "2025-04-01",
"flows_size_gb": 0,
"flows_size_gb_limit": 0,
"server": {
"num_flows_days": 0,
"num_flows_days_limit": 0,
"flows_oldest_day": "2025-04-01",
"flows_size_gb": 0,
"flows_size_gb_limit": 0,
"num_daily_tables": 0,
"num_weekly_tables": 0
},
"endpoint": {
"num_flows_days": 0,
"num_flows_days_limit": 0,
"flows_oldest_day": "2025-04-01",
"flows_size_gb": 0,
"flows_size_gb_limit": 0,
"num_daily_tables": 0,
"num_weekly_tables": 0
},
"backlog": {
"total_disk_used_gb": 0,
"total_file_count": 0
},
"updated_at": "2025-04-01T00:21:27Z"
}
Organization flow database usage metrics
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| flows_days | integer | true* | none | Organization's total number of days of flow data. |
| flows_days_limit | integer | true* | none | Organization's limit on total number of days of flow data. |
| flows_oldest_day | string(date) | false | none | Organization's oldest day of flow data (yyyy-mm-dd). |
| flows_size_gb | number | true* | none | Organization's total number of gigabytes of flow data. |
| flows_size_gb_limit | number | true* | none | Organization's limit on total number of gigabytes of flow data. |
| server | object | false | none | none |
| » num_flows_days | integer | false | none | Organization's total number of days of server flow data. |
| » num_flows_days_limit | integer | false | none | Organization's limit on total number of days of server flow data. |
| » flows_oldest_day | string(date) | false | none | Organization's oldest day of server flow data (yyyy-mm-dd). |
| » flows_size_gb | number | false | none | Organization's total number of gigabytes of server flow data. |
| » flows_size_gb_limit | number | false | none | Organization's limit on total number of gigabytes of server flow data. |
| » num_daily_tables | number | false | none | The number of server daily tables, including FlowLink and CloudSecure, counted once for each unique day. |
| » num_weekly_tables | number | false | none | The number of server weekly tables, including FlowLink and CloudSecure, counted once for each unique week. |
| endpoint | object | false | none | none |
| » num_flows_days | integer | false | none | Organization's total number of days of endpoint flow data. |
| » num_flows_days_limit | integer | false | none | Organization's limit on total number of days of endpoint flow data. |
| » flows_oldest_day | string(date) | false | none | Organization's oldest day of endpoint flow data (yyyy-mm-dd). |
| » flows_size_gb | number | false | none | Organization's total number of gigabytes of endpoint flow data. |
| » flows_size_gb_limit | number | false | none | Organization's limit on total number of gigabytes of endpoint flow data. |
| » num_daily_tables | number | false | none | The number of endpoint daily tables, counted once for each unique day. |
| » num_weekly_tables | number | false | none | The number of endpoint weekly tables, counted once for each unique week. |
| backlog | object | false | none | none |
| » total_disk_used_gb | number | false | none | total gigabytes used to store flow data input files. |
| » total_file_count | integer | false | none | total number of flow data input files |
| updated_at | string(date-time) | true* | none | Timestamp in UTC when these flow metrics were generated |
traffic_flows_async_queries_post
{
"query_name": "string",
"start_date": "2025-04-01",
"end_date": "2025-04-01",
"sources_destinations_query_op": "and",
"sources": {
"include": [
[
{
"label": {
"href": "string"
}
}
]
],
"exclude": [
{
"label": {
"href": "string"
}
}
]
},
"destinations": {
"include": [
[
{
"label": {
"href": "string"
}
}
]
],
"exclude": [
{
"label": {
"href": "string"
}
}
]
},
"data_sources": {
"include": [
"server"
],
"exclude": [
"server"
]
},
"services": {
"include": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"process_name": "string",
"windows_service_name": "string"
}
],
"exclude": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"process_name": "string",
"windows_service_name": "string"
}
]
},
"policy_decisions": [
"allowed"
],
"boundary_decisions": [
"blocked"
],
"max_results": 0,
"exclude_workloads_from_ip_list_query": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| query_name | string | true* | none | Query Name |
| start_date | string(date) | false | none | Starting date for query |
| end_date | string(date) | false | none | Ending date for query |
| sources_destinations_query_op | string | false | none | Query logical operator between sources and destinations |
| sources | object | true* | none | Source labels, workloads, IP addresses to include or exclude |
| » include | [array] | true* | none | List of included sources or targets |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | object | false | none | A label parameter for a traffic query |
| »»» label | object | true* | none | none |
| »»»» href | string | true* | none | Label URI |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | object | false | none | A label group parameter for a traffic query |
| »»»» label_group | object | true* | none | none |
| »»»»» href | string | true* | none | Label group URI |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»» anonymous | object | false | none | A workload parameter for a traffic query |
| »»»»» workload | object | true* | none | none |
| »»»»»» href | string | true* | none | Workload URI |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»» anonymous | object | false | none | An IP address parameter for a traffic query |
| »»»»»» ip_address | string | true* | none | IP address value |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»» anonymous | object | false | none | An IP List parameter for a traffic query |
| »»»»»» ip_list | object | true* | none | none |
| »»»»»»» href | string | true* | none | IP List draft URI |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»» anonymous | object | false | none | Explorer filter for all managed services (workloads, virtual_services etc) |
| »»»»»»» actors | string | false | none | All managed workloads ('ams') |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»» anonymous | object | false | none | Cloud resource Id parameter for a traffic query |
| »»»»»»» cloud_resource | object | true* | none | none |
| »»»»»»»» resource_uuid | string | true* | none | UUID of cloud resource |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»» anonymous | object | false | none | Data-center parameter for a traffic query |
| »»»»»»»» data_center | object | true* | none | none |
| »»»»»»»»» type | string | true* | none | Type of the datacenter, such as core/cloud/aws/azure/gcp |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»» exclude | [anyOf] | true* | none | List of excluded sources or targets |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | none | A label parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | none | A label group parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | none | A workload parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | none | An IP address parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | none | An IP List parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | none | Cloud resource Id parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | none | Data-center parameter for a traffic query |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»» destinations | object | true* | none | Target labels, workloads, IP addresses, domain names, transmission to include or exclude |
| »»»»»»»»» include | [array] | true* | none | List of included sources or targets |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | none | A label parameter for a traffic query |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | none | A label group parameter for a traffic query |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | none | A workload parameter for a traffic query |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | none | An IP address parameter for a traffic query |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | object | false | none | An DNS parameter for a traffic query |
| »»»»»»»»»»» fqdn | string | true* | none | parameter for querying the matched fqdn |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | none | An IP List parameter for a traffic query |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/5 | false | none | Explorer filter for all managed services (workloads, virtual_services etc) |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | none | Cloud resource Id parameter for a traffic query |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | none | Data-center parameter for a traffic query |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»» exclude | [anyOf] | true* | none | List of excluded sources or targets |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/0 | false | none | A label parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/1 | false | none | A label group parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/2 | false | none | A workload parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/3 | false | none | An IP address parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/destinations/properties/include/items/items/oneOf/4 | false | none | An DNS parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | object | false | none | Parameter representing broadcast/multiccast |
| »»»»»»»»»»» transmission | string | true* | none | transmission type |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/4 | false | none | An IP List parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/6 | false | none | Cloud resource Id parameter for a traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» anonymous | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | none | Data-center parameter for a traffic query |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»» data_sources | object | false | none | Data sources of the flows to include or exclude |
| »»»»»»»»»» include | [string] | false | none | List of included services |
| »»»»»»»»»» exclude | [string] | false | none | List of excluded data sources |
| »»»»»»»»» services | object | true* | none | Services (5-tuple of port/to_port/proto/process/service) to include or exclude |
| »»»»»»»»»» include | [object] | true* | none | List of included services (5-tuple of port/to_port/proto/process/service) |
| »»»»»»»»»»» port | integer | false | none | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»»»» to_port | integer | false | none | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»»»»»»»» proto | integer | false | none | protocol number |
| »»»»»»»»»»» process_name | string | false | none | Process Name |
| »»»»»»»»»»» windows_service_name | string | false | none | Windows Service Name |
| »»»»»»»»»» exclude | [object] | true* | none | List of excluded services (5-tuple of port/to_port/proto/process/service) |
| »»»»»»»»»»» port | integer | false | none | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»»»» to_port | integer | false | none | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»»»»»»»» proto | integer | false | none | protocol number |
| »»»»»»»»»»» process_name | string | false | none | Process Name |
| »»»»»»»»»»» windows_service_name | string | false | none | Windows Service Name |
| »»»»»»»»»» policy_decisions | [string] | true* | none | List of policy decisions |
| »»»»»»»»»» boundary_decisions | [string] | false | none | List of boundary decisions |
| »»»»»»»»»» max_results | integer | true* | none | maximum number of flows to return |
| »»»»»»»»»» exclude_workloads_from_ip_list_query | boolean | false | none | exclude workload traffic when IP List is provided either in consumer or provider part of traffic query |
Enumerated Values
| Property | Value |
|---|---|
| sources_destinations_query_op | and |
| sources_destinations_query_op | or |
| actors | ams |
| type | core |
| type | cloud |
| type | aws |
| type | azure |
| type | gcp |
| transmission | broadcast |
| transmission | multicast |
| transmission | unicast |
traffic_flows_async_queries_get
{
"href": "http://example.com",
"result": "http://example.com",
"status": "string",
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "http://example.com"
},
"query_parameters": {
"query_name": "string",
"start_date": "2025-04-01",
"end_date": "2025-04-01",
"sources_destinations_query_op": "and",
"sources": {
"include": [
[
{
"label": {
"href": "string"
}
}
]
],
"exclude": [
{
"label": {
"href": "string"
}
}
]
},
"destinations": {
"include": [
[
{
"label": {
"href": "string"
}
}
]
],
"exclude": [
{
"label": {
"href": "string"
}
}
]
},
"data_sources": {
"include": [
"server"
],
"exclude": [
"server"
]
},
"services": {
"include": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"process_name": "string",
"windows_service_name": "string"
}
],
"exclude": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"process_name": "string",
"windows_service_name": "string"
}
]
},
"policy_decisions": [
"allowed"
],
"boundary_decisions": [
"blocked"
],
"max_results": 0,
"exclude_workloads_from_ip_list_query": true
},
"updated_at": "2025-04-01T00:21:27Z",
"matches_count": 0,
"flows_count": 0,
"regions": [
{
"pce_fqdn": "string",
"responded": true,
"matches_count": 0,
"flows_count": 0
}
]
}
Asynchronous explorer query status
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string(uri) | true* | none | Query URI |
| result | string(uri) | false | none | Result download URI, availble only if status is completed |
| status | string | true* | none | Current query status |
| created_at | string(date-time) | true* | none | Timestamp in UTC when this query was created |
| created_by | object | true* | none | none |
| » href | string(uri) | true* | none | User who created this query |
| query_parameters | object | true* | none | none |
| » query_name | string | true* | none | Query Name |
| » start_date | string(date) | false | none | Starting date for query |
| » end_date | string(date) | false | none | Ending date for query |
| » sources_destinations_query_op | string | false | none | Query logical operator between sources and destinations |
| » sources | object | true* | none | Source labels, workloads, IP addresses to include or exclude |
| »» include | traffic_flows_async_queries_post/properties/sources/properties/include | true* | none | List of included sources or targets |
| »» exclude | traffic_flows_async_queries_post/properties/sources/properties/exclude | true* | none | List of excluded sources or targets |
| » destinations | object | true* | none | Target labels, workloads, IP addresses, domain names, transmission to include or exclude |
| »» include | traffic_flows_async_queries_post/properties/destinations/properties/include | true* | none | List of included sources or targets |
| »» exclude | traffic_flows_async_queries_post/properties/destinations/properties/exclude | true* | none | List of excluded sources or targets |
| » data_sources | object | false | none | Data sources of the flows to include or exclude |
| »» include | [string] | false | none | List of included services |
| »» exclude | [string] | false | none | List of excluded data sources |
| » services | object | true* | none | Services (5-tuple of port/to_port/proto/process/service) to include or exclude |
| »» include | [object] | true* | none | List of included services (5-tuple of port/to_port/proto/process/service) |
| »»» port | integer | false | none | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»» to_port | integer | false | none | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»» proto | integer | false | none | protocol number |
| »»» process_name | string | false | none | Process Name |
| »»» windows_service_name | string | false | none | Windows Service Name |
| »» exclude | [object] | true* | none | List of excluded services (5-tuple of port/to_port/proto/process/service) |
| »»» port | integer | false | none | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»» to_port | integer | false | none | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»» proto | integer | false | none | protocol number |
| »»» process_name | string | false | none | Process Name |
| »»» windows_service_name | string | false | none | Windows Service Name |
| »» policy_decisions | [string] | true* | none | List of policy decisions |
| »» boundary_decisions | [string] | false | none | List of boundary decisions |
| »» max_results | integer | true* | none | maximum number of flows to return |
| »» exclude_workloads_from_ip_list_query | boolean | false | none | exclude workload traffic when IP List is provided either in consumer or provider part of traffic query |
| » updated_at | string(date-time) | false | none | Timestamp in UTC when this async query was last updated. |
| » matches_count | integer | false | none | query result count |
| » flows_count | integer | false | none | result count after query limits and RBAC filtering are applied |
| » regions | [object] | false | none | Region-specific response metadata |
| »» pce_fqdn | string | true* | none | FQDN of PCE region |
| »» responded | boolean | true* | none | supercluster region responded with query results |
| »» matches_count | integer | false | none | region query result count |
| »» flows_count | integer | false | none | region result count after query limits and RBAC filtering are applied |
Enumerated Values
| Property | Value |
|---|---|
| sources_destinations_query_op | and |
| sources_destinations_query_op | or |
traffic_flows_async_queries_download_get
[
{
"src": {
"ip": "string",
"workload": {
"href": "string",
"hostname": "string",
"name": "string",
"os_type": "windows",
"enforcement_mode": "idle",
"labels": [
{
"href": "string"
}
],
"managed": true
},
"cloud_resource": {
"resource_uuid": "string",
"labels": [
{
"href": "string"
}
],
"type": "aws"
},
"data_center": {
"data_center": {
"type": "core"
}
},
"ip_lists": [
{
"name": "string",
"href": "string",
"size": 0,
"rules": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
],
"override_deny_rules": [
{
"href": "string"
}
]
}
],
"virtual_server": {
"name": "string",
"href": "string",
"enforcement_mode": "unmanaged",
"labels": [
{
"href": "string"
}
]
},
"virtual_service": {
"name": "string",
"href": "string",
"labels": [
{
"href": "string"
}
],
"workload_enforcement_mode": "idle"
},
"fqdn_name": "string"
},
"dst": {
"ip": "string",
"workload": {
"href": "string",
"hostname": "string",
"name": "string",
"os_type": "windows",
"enforcement_mode": "idle",
"labels": [
{
"href": "string"
}
],
"managed": true
},
"cloud_resource": {
"resource_uuid": "string",
"labels": [
{
"href": "string"
}
],
"type": "aws"
},
"data_center": {
"data_center": {
"type": "core"
}
},
"ip_lists": [
{
"name": "string",
"href": "string",
"size": 0,
"rules": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
],
"override_deny_rules": [
{
"href": "string"
}
]
}
],
"virtual_server": {
"name": "string",
"href": "string",
"enforcement_mode": "unmanaged",
"labels": [
{
"href": "string"
}
]
},
"virtual_service": {
"name": "string",
"href": "string",
"labels": [
{
"href": "string"
}
],
"workload_enforcement_mode": "idle"
},
"fqdn_name": "string"
},
"service": {
"port": 0,
"proto": 0,
"process_name": "string",
"windows_service_name": "string",
"user_name": "string"
},
"num_connections": 0,
"policy_decision": "string",
"boundary_decision": "string",
"draft_policy_decision": "string",
"flow_direction": "string",
"transmission": "string",
"timestamp_range": {
"first_detected": "2025-04-01T00:21:27Z",
"last_detected": "2025-04-01T00:21:27Z"
},
"state": "string",
"dst_bo": 0,
"dst_bi": 0,
"icmp_type": 0,
"icmp_code": 0,
"network": {
"name": "string",
"href": "string"
},
"rules": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
],
"override_deny_rules": [
{
"href": "string"
}
],
"caps": [
"write"
],
"client_type": "string"
}
]
The list of traffic flows matching the query
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| src | object | true* | none | Traffic flow endpoint details |
| » ip | string | false | none | IP v4 or v6 address |
| » workload | detected_core_services_get/properties/workload | false | none | Workload details of the traffic-flow endpoint |
| » cloud_resource | object | false | none | Cloud Resource details of the traffic-flow endpoint |
| »» resource_uuid | string | true* | none | The UUID of the resource |
| »» labels | detected_core_services_get/properties/workload/properties/labels | true* | none | Assigned labels |
| »» type | string | true* | none | none |
| » data_center | traffic_flows_async_queries_post/properties/sources/properties/include/items/items/oneOf/7 | false | none | Data-center parameter for a traffic query |
| » ip_lists | [object] | false | none | none |
| »» name | string | false | none | Name of the ip_list |
| »» href | string | true* | none | The resource(URI) representation of the ip list. This is always the draft version. |
| »» size | integer | false | none | The number of ip addresses that the ip list covers |
| »» rules | traffic_flows_async_queries_download_get/items/properties/rules | false | none | Explorer query parameters |
| »» enforcement_boundaries | traffic_flows_async_queries_download_get/items/properties/enforcement_boundaries | false | none | Explorer query parameters |
| »» override_deny_rules | traffic_flows_async_queries_download_get/items/properties/enforcement_boundaries | false | none | List of override deny rules for the traffic flow. This is always the draft version |
| » virtual_server | object | false | none | virtual server details of the traffic-flow endpoint |
| »» name | string | false | none | Name of the virtual server |
| »» href | string | true* | none | The resource(URI) representation of the virtual server |
| »» enforcement_mode | string | false | none | virtual server enforcement mode |
| »» labels | detected_core_services_get/properties/workload/properties/labels | false | none | Assigned labels |
| » virtual_service | object | false | none | virtual service details of the traffic-flow endpoint |
| »» name | string | false | none | Name of the virtual service |
| »» href | string | true* | none | The resource(URI) representation of the virtual service |
| »» labels | detected_core_services_get/properties/workload/properties/labels | false | none | Assigned labels |
| »» workload_enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| » fqdn_name | string | false | none | fqdn name of the provider |
| dst | traffic_flows_async_queries_download_get/items/properties/src | true* | none | Traffic flow endpoint details |
| service | object | true* | none | Port, protocol, process, service name and user_name for a traffic flow |
| » port | integer | true* | none | Destination port |
| » proto | integer | true* | none | IANA protocol number |
| » process_name | string | false | none | Process Name for this flow |
| » windows_service_name | string | false | none | Windows Service Name for this flow |
| » user_name | string | false | none | User Name for this flow |
| num_connections | integer | true* | none | The number of times this flow was seen |
| policy_decision | string | true* | none | Policy decision made |
| boundary_decision | string | false | none | Boundary indicates if the flow was blocked due to an enforcement boundary |
| draft_policy_decision | string | false | none | draft policy decision of the flow |
| flow_direction | string | true* | none | Flow direction |
| transmission | string | false | none | transmission type: broadcast/multicast |
| timestamp_range | object | true* | none | Timestamp ranges for the flow detected |
| » first_detected | string(date-time) | true* | none | The first time this flow was detected within the time range specified by the query |
| » last_detected | string(date-time) | true* | none | The last time this flow was detected within the time range specified by the query |
| state | string | false | none | state of the flow |
| dst_bo | integer | false | none | Bytes sent till now by the destination over the flow during the interval |
| dst_bi | integer | false | none | Bytes received till now by the destination over the flow during the interval |
| icmp_type | integer | false | none | ICMP type for the flow |
| icmp_code | integer | false | none | ICMP code for the flow |
| network | object | false | none | PCE network on which this flow was observed. |
| » name | string | false | none | The network name. |
| » href | string | false | none | network href |
| rules | [oneOf] | false | none | Allow rules for specific policy objects |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» href | string | true* | none | The resource (URI) representation of an allow rule. This is always the draft version. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» essential_service_rule | string | true* | none | The name of an essential service rule. |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » enforcement_boundaries | [object] | false | none | List of enforcement_boundaries details of the traffic-flow endpoint. This is always the draft version |
| »» href | string | true* | none | The resource (URI) representation of an enforcement boundary. This is always the draft version. |
| » override_deny_rules | traffic_flows_async_queries_download_get/items/properties/enforcement_boundaries | false | none | List of enforcement_boundaries details of the traffic-flow endpoint. This is always the draft version |
| » caps | [string] | true* | none | Array of permissions for the flow for the current user |
| » client_type | string | false | none | type of client which reported this flow |
Enumerated Values
| Property | Value |
|---|---|
| type | aws |
| type | azure |
| type | ocp |
| type | gcp |
| type | unknown |
| enforcement_mode | unmanaged |
| enforcement_mode | enforced |
traffic_flows_async_queries_update_rules_put
null
Properties
None
traffic_flows_async_queries_put
{
"status": "cancel_requested"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| status | string | true* | none | Query status |
Enumerated Values
| Property | Value |
|---|---|
| status | cancel_requested |
traffic_flows_traffic_analysis_queries_post
null
Properties
None
workloads_post
{}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | The short friendly name of the workload |
| description | string | false | none | The long description of the workload |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| hostname | string | false | none | The hostname reported from the host itself |
| service_principal_name | string,null | false | none | The Kerberos Service Principal Name (SPN) |
| agent_to_pce_certificate_authentication_id | string,null | false | none | PKI Certificate identifier to be used by the PCE for authenticating the VEN |
| distinguished_name | string | false | none | X.509 Subject distinguished name |
| public_ip | string,null | false | none | The public IP address of the server |
| interfaces | [object] | false | none | Workload network interfaces |
| » name | string | true* | none | Interface name |
| » link_state | string | false | none | Link State |
| » address | vulnerability_reports_put/properties/scanned_ips/items | true* | none | The IP Address to assign to this interface |
| » cidr_block | integer | false | none | The number of bits in the subnet /24 is 255.255.255.0 |
| » default_gateway_address | vulnerability_reports_put/properties/scanned_ips/items | false | none | The IP Address of the default gateway |
| » friendly_name | string | false | none | User-friendly name for interface |
| » network | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| service_provider | string | false | none | Service provider |
| data_center | string | false | none | Data center |
| data_center_zone | string | false | none | Data center zone |
| os_id | string | false | none | Our OS identifier |
| os_detail | string | false | none | Additional OS details - just displayed to end user |
| online | boolean | false | none | If this workload is online |
| labels | [object] | false | none | Assigned labels |
| » href | string | true* | none | Label URI |
| agent | object | false | none | DEPRECATED AND REPLACED (USE enforcement_mode and visibility_level) Agent info |
| » config | object | false | none | DEPRECATED AND REPLACED by 'ven', 'enforcement_mode', and 'visibility_level' |
| »» mode | pairing_profiles_get/properties/mode | false | none | DEPRECATED AND REPLACED (Use enforcement_mode instead) |
| »» log_traffic | boolean | false | none | DEPRECATED WITH NO REPLACEMENT True if we want to log traffic events from this workload |
| » enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| link_state | up |
| link_state | down |
| link_state | unknown |
workloads_get
{
"href": "string",
"deleted": true,
"delete_type": "string",
"name": "string",
"description": "string",
"managed": true,
"hostname": "string",
"service_principal_name": "string",
"agent_to_pce_certificate_authentication_id": null,
"distinguished_name": "string",
"public_ip": "string",
"external_data_set": null,
"external_data_reference": null,
"interfaces": {
"name": "string",
"link_state": null,
"address": "string",
"cidr_block": null,
"default_gateway_address": null,
"network": {
"href": "string",
"name": null
},
"network_detection_mode": null,
"friendly_name": null,
"href": "string"
},
"service_provider": "string",
"data_center": "string",
"data_center_zone": "string",
"os_id": "string",
"os_detail": "string",
"online": true,
"firewall_coexistence": null,
"containers_inherit_host_policy": true,
"blocked_connection_action": "drop",
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"services": {
"uptime_seconds": 0,
"created_at": "2025-04-01T00:21:27Z",
"open_service_ports": [
{
"protocol": 0,
"address": "string",
"port": 0,
"process_name": "string",
"user": "string",
"package": "string",
"win_service_name": "string"
}
]
},
"vulnerabilities_summary": {
"num_vulnerabilities": 0,
"vulnerability_score": 0,
"max_vulnerability_score": 0,
"vulnerable_port_exposure": null,
"vulnerable_port_wide_exposure": {
"any": null,
"ip_list": null
},
"vulnerability_exposure_score": null,
"full_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"selective_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"visibility_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"current_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"max_vulnerability_exposure_score": null,
"vulnerability_computation_state": "not_applicable",
"last_updated_at": "2025-04-01T00:21:27Z"
},
"detected_vulnerabilities": {
"detected_vulnerability_summary": {
"num_vulnerabilities": 0,
"vulnerability_score": 0,
"max_vulnerability_score": 0,
"vulnerable_port_exposure": null,
"vulnerable_port_wide_exposure": {
"any": null,
"ip_list": null
},
"vulnerability_exposure_score": null,
"full_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"selective_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"visibility_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"current_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"vulnerability_exposure_score": null
},
"max_vulnerability_exposure_score": null,
"vulnerability_computation_state": "not_applicable",
"last_updated_at": "2025-04-01T00:21:27Z"
},
"workload_detected_vulnerabilities": [
{
"ip_address": "string",
"port": 0,
"proto": 0,
"port_exposure": null,
"port_vulnerability_exposure_score": null,
"full_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"port_vulnerability_exposure_score": null
},
"selective_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"port_vulnerability_exposure_score": null
},
"visibility_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"port_vulnerability_exposure_score": null
},
"current_enforcement_vulnerability_exposure": {
"vulnerable_port_exposure": null,
"port_vulnerability_exposure_score": null
},
"port_wide_exposure": {
"any": null,
"ip_list": null
},
"workload": {
"href": "string"
},
"vulnerability": {
"href": "string",
"score": 0,
"name": "string"
},
"vulnerability_report": {
"href": "string"
}
}
],
"last_updated_at": "2025-04-01T00:21:27Z"
},
"risk_summary": {
"ransomware": null
},
"agent": {
"config": {
"mode": "string",
"log_traffic": true,
"security_policy_update_mode": "string"
},
"href": "string",
"secure_connect": {
"matching_issuer_name": "string"
},
"status": {
"uid": "string",
"last_heartbeat_on": null,
"uptime_seconds": null,
"agent_version": "string",
"managed_since": "2025-04-01T00:21:27Z",
"fw_config_current": true,
"firewall_rule_count": 0,
"security_policy_refresh_at": "2025-04-01T00:21:27Z",
"security_policy_applied_at": "2025-04-01T00:21:27Z",
"security_policy_received_at": "2025-04-01T00:21:27Z",
"agent_health_errors": {
"errors": [
"string"
],
"warnings": [
"string"
]
},
"agent_health": [
{
"type": "string",
"severity": "string",
"audit_event": "string"
}
],
"security_policy_sync_state": "string"
},
"active_pce_fqdn": "string",
"target_pce_fqdn": "string",
"type": "string"
},
"ven": {
"href": "string",
"hostname": "string",
"name": "string",
"status": "string",
"ven_type": "server"
},
"enforcement_mode": "idle",
"selectively_enforced_services": [
{
"port": 0,
"to_port": 0,
"proto": 0
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": {
"href": "string"
},
"container_cluster": {
"href": "string",
"name": "string"
},
"ike_authentication_certificate": {},
"datacenter_nat_1to1": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI of workload |
| deleted | boolean | true* | none | This workload has been deleted |
| delete_type | string | false | none | DEPRECATED WITH NO REPLACEMENT: Workload deletion type |
| name | string | true* | none | Interface name |
| description | string | true* | none | The description of this workload |
| managed | boolean | true* | none | True if the workload is managed, else false |
| hostname | string | true* | none | The hostname of this workload |
| service_principal_name | string | true* | none | The Kerberos Service Principal Name (SPN) |
| agent_to_pce_certificate_authentication_id | string,null | false | none | PKI Certificate identifier to be used by the PCE for authenticating the VEN |
| distinguished_name | string | false | none | X.509 Subject distinguished name |
| public_ip | string | true* | none | The public IP address of the server |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| interfaces | object | true* | none | Workload network interfaces |
| » name | string | true* | none | Interface name |
| » link_state | string,null | true* | none | Link State |
| » address | string | true* | none | The IP Address to assign to this interface |
| » cidr_block | integer,null | true* | none | The number of bits in the subnet /24 is 255.255.255.0 |
| » default_gateway_address | string,null | true* | none | The IP Address of the default gateway |
| » network | object,null | true* | none | Network that the interface belongs to |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | workloads_interfaces_get/properties/network/anyOf/0 | false | none | Network object used in workloads and workload interfaces |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | null | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » network_detection_mode | string,null | true* | none | Network Detection Mode |
| » friendly_name | string,null | true* | none | User-friendly name for interface |
| » href | string | false | none | DEPRECATED WITH NO REPLACEMENT |
| service_provider | string | true* | none | Service provider |
| data_center | string | true* | none | Data center |
| data_center_zone | string | true* | none | Data center zone |
| os_id | string | true* | none | Our OS identifier |
| os_detail | string | true* | none | Additional OS details - just displayed to end user |
| online | boolean | true* | none | If this workload is online |
| firewall_coexistence | object,null | false | none | Firewall coexistence mode |
| » illumio_primary | boolean | false | none | Illumio is the primary firewall if set to true |
| containers_inherit_host_policy | boolean | false | none | This workload will apply the policy it receives both to itself and the containers hosted by it |
| blocked_connection_action | string | false | none | firewall action for blocked connections |
| labels | [object] | true* | none | List of labels associated with this workload |
| » href | string | true* | none | The URI of the VEN that manages this workload. This replaces the 'agent' field of this object. |
| » key | string | true* | none | Key in key-value pair |
| » value | string | true* | none | Value in key-value pair |
| services | object | true* | none | Service report |
| » uptime_seconds | integer | false | none | How long since the last reboot of this box - used as a timestamp for this |
| » created_at | string(date-time) | false | none | Timestamp when this service was first created |
| » open_service_ports | [object] | false | none | A list of open ports |
| »» protocol | integer | true* | none | Transport protocol |
| »» address | string | true* | none | The local address this service is bound to |
| »» port | integer | true* | none | The local port this service is bound to |
| »» process_name | string | true* | none | The process name (including the full path) |
| »» user | string | true* | none | The user account that the process is running under |
| »» package | string | false | none | The RPM/DEB pacakge that the program is part of |
| »» win_service_name | string | false | none | Name of the Windows service |
| » vulnerabilities_summary | object | false | none | Vulnerabilities summary associated with the workload |
| »» num_vulnerabilities | integer | true* | none | Number of associated vulnerabilities |
| »» vulnerability_score | integer | false | none | The aggregated vulnerability score of the workload across all the vulnerable ports. |
| »» max_vulnerability_score | integer | true* | none | The maximum of all the vulnerability scores associated with the detected_vulnerabilities on the workload. |
| »» vulnerable_port_exposure | integer,null | false | none | The aggregated vulnerability port exposure score of the workload in full enforcement mode across all the vulnerable ports |
| »» vulnerable_port_wide_exposure | object | false | none | none |
| »»» any | boolean,null | false | none | The boolean value representing if at least one port is exposed to internet (any rule) on the workload |
| »»» ip_list | boolean,null | false | none | The boolean value representing if at least one port is exposed to ip_list(s) on the workload |
| »» vulnerability_exposure_score | integer,null | false | none | The aggregated vulnerability exposure score of the workload in full enforcement mode across all the vulnerable ports. |
| »» full_enforcement_vulnerability_exposure | object | false | none | Vulnerability exposure details |
| »»» vulnerable_port_exposure | integer,null | false | none | The aggregated vulnerability port exposure score of the workload in the specified mode across all the vulnerable ports |
| »»» vulnerability_exposure_score | integer,null | false | none | The aggregated vulnerability exposure score of the workload in the specified mode across all vulnerable ports |
| »» selective_enforcement_vulnerability_exposure | workloads_get/properties/vulnerabilities_summary/properties/full_enforcement_vulnerability_exposure | false | none | Vulnerability exposure details |
| »» visibility_enforcement_vulnerability_exposure | workloads_get/properties/vulnerabilities_summary/properties/full_enforcement_vulnerability_exposure | false | none | Vulnerability exposure details |
| »» current_enforcement_vulnerability_exposure | workloads_get/properties/vulnerabilities_summary/properties/full_enforcement_vulnerability_exposure | false | none | Vulnerability exposure details |
| »» max_vulnerability_exposure_score | integer,null | false | none | The maximum vulnerability exposure score of the workload in its current enforcement state across all vulnerable ports |
| »» vulnerability_computation_state | string | false | none | Indicates the computation state for the vulnerability exposure score for the workload. |
| »» last_updated_at | string(date-time) | false | none | Indicates when the vulnerability data was last updated |
| » detected_vulnerabilities | object | false | none | none |
| »» detected_vulnerability_summary | workloads_get/properties/vulnerabilities_summary | true* | none | Vulnerabilities summary associated with the workload |
| »» workload_detected_vulnerabilities | [object] | true* | none | Collection of the detected vulnerabilities associated with the workload |
| »»» ip_address | string | true* | none | The ip address of the host where the vulnerability is found |
| »»» port | integer | false | none | The port which is associated with the vulnerability |
| »»» proto | integer | false | none | The protocol which is associated with the vulnerability |
| »»» port_exposure | integer,null | false | none | The exposure of the port based on the current policy |
| »»» port_vulnerability_exposure_score | integer,null | false | none | The vulnerability exposure score calculated for the port, based on the port exposure and vulnerability |
| »»» full_enforcement_vulnerability_exposure | object | false | none | Vulnerability exposure details for workloads |
| »»»» vulnerable_port_exposure | integer,null | false | none | The exposure of the port based on the current policy for the specified enforcement mode |
| »»»» port_vulnerability_exposure_score | integer,null | false | none | The vulnerability exposure score calculated for the port, based on the port exposure and vulnerability for the specified enforcement mode |
| »»» selective_enforcement_vulnerability_exposure | workloads_get/properties/detected_vulnerabilities/properties/workload_detected_vulnerabilities/items/properties/full_enforcement_vulnerability_exposure | false | none | Vulnerability exposure details for workloads |
| »»» visibility_enforcement_vulnerability_exposure | workloads_get/properties/detected_vulnerabilities/properties/workload_detected_vulnerabilities/items/properties/full_enforcement_vulnerability_exposure | false | none | Vulnerability exposure details for workloads |
| »»» current_enforcement_vulnerability_exposure | workloads_get/properties/detected_vulnerabilities/properties/workload_detected_vulnerabilities/items/properties/full_enforcement_vulnerability_exposure | false | none | Vulnerability exposure details for workloads |
| »»» port_wide_exposure | object | false | none | none |
| »»»» any | boolean,null | false | none | The boolean value representing if the port is exposed to internet (any rule). |
| »»»» ip_list | boolean,null | false | none | The boolean value representing if the port is exposed to ip_list(s) |
| »»» workload | object | false | none | none |
| »»»» href | string | true* | none | The URI of the workload to which this vulnerability belongs to |
| »»» vulnerability | object | true* | none | none |
| »»»» href | string | true* | none | The URI of the vulnerability class to which this vulnerability belongs to |
| »»»» score | integer | false | none | The normalized score of the vulnerability within the range of 0 to 100 |
| »»»» name | string | false | none | The title/name of the vulnerability |
| »»» vulnerability_report | object | false | none | none |
| »»»» href | string | true* | none | The URI of the report to which this vulnerability belongs to |
| »»» last_updated_at | string(date-time) | false | none | Indicates when the vulnerability data was last updated |
| »» risk_summary | object | false | none | Risk Summary for this workload |
| »»» ransomware | object,null | true* | none | none |
| »»»» workload_exposure_severity | string | true* | none | Exposed ransomware severity for workload |
| »»»» ransomware_protection_percent | number | true* | none | Ransomware protection percentage for this workload |
| »»»» last_updated_at | string(date-time) | true* | none | The time at which the ransomware stats are last computed at |
| »»» agent | object | true* | none | DEPRECATED AND REPLACED (USE 'ven' INSTEAD). Information about the agent that manages this workload. |
| »»»» config | object | false | none | none |
| »»»»» mode | string | false | none | DEPRECATED AND REPLACED (Use workload enforcement_mode instead) |
| »»»»» log_traffic | boolean | false | none | True if we want to log traffic events from this workload |
| »»»»» security_policy_update_mode | string | false | none | Defines the current policy update mode which can be either adaptive or static based on static policy scopes |
| »»»» href | string | false | none | URI of agent |
| »»»» secure_connect | object | false | none | none |
| »»»»» matching_issuer_name | string | false | none | Issuer name match criteria for certificate used during establishing secure connections. |
| »»»» status | object | false | none | none |
| »»»»» uid | string | true* | none | The unique ID reported by the server |
| »»»»» last_heartbeat_on | string,null(date-time) | true* | none | The last time (rfc3339 timestamp) a heartbeat was received from this workload |
| »»»»» uptime_seconds | integer,null | true* | none | How long since the last reboot of this server. Recorded in DB at the time of the last heartbeat |
| »»»»» agent_version | string | false | none | Agent software version string |
| »»»»» managed_since | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this workload became managed by a VEN |
| »»»»» fw_config_current | boolean | true* | none | If this workload's firewall config is up to date' |
| »»»»» firewall_rule_count | integer | true* | none | DEPRECATED WITH NO REPLACEMENT: Number of firewall rules currently installed |
| »»»»» security_policy_refresh_at | string(date-time) | true* | none | DEPRECATED AND REPLACED (USE security_policy_applied_at and security_policy_received_at INSTEAD) |
| »»»»» security_policy_applied_at | string(date-time) | false | none | Last reported time when policy was applied (UTC) |
| »»»»» security_policy_received_at | string(date-time) | false | none | Last reported time when policy was received (UTC) |
| »»»»» agent_health_errors | object | true* | none | DEPRECATED AND REPLACED (USE agent_health property INSTEAD) |
| »»»»»» errors | [string] | false | none | Errors associated with the security policy |
| »»»»»» warnings | [string] | false | none | Warnings associated with the security policy |
| »»»»» agent_health | [object] | true* | none | VEN Health. If there are no errors or warnings, then the array value will be empty. |
| »»»»»» type | string | true* | none | This field describes the error or the warning type |
| »»»»»» severity | string | true* | none | severity of the error type |
| »»»»»» audit_event | string | false | none | The URI of the audit event that was generated for the corresponding error or warning |
| »»»»» security_policy_sync_state | string | false | none | Current state of security policy |
| »»»» active_pce_fqdn | string | false | none | The FQDN of the PCE that received the agent's last heartbeat |
| »»»» target_pce_fqdn | string | false | none | The FQDN of the PCE the agent will use for future connections |
| »»»» type | string | false | none | Agent type |
| »»» ven | object | false | none | none |
| »»»» href | string | true* | none | The URI of the VEN that manages this workload. This replaces the 'agent' field of this object. |
| »»»» hostname | string | true* | none | The hostname of the host managed by the VEN. |
| »»»» name | string | true* | none | The friendly name of the VEN. |
| »»»» status | string | true* | none | Status of the VEN. |
| »»»» ven_type | string | false | none | VEN type |
| »»» enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| »»» selectively_enforced_services | [object] | false | none | none |
| »»»» port | integer | false | none | Port number, or the starting port of a range. If unspecified, this will apply to all ports for the given protocol. |
| »»»» to_port | integer | false | none | Upper end of port range; this field should not be included if specifying an individual port. |
| »»»» proto | integer | true* | none | Transport protocol (numeric) |
| »»» created_at | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this workload was created |
| »»» updated_at | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this workload was last updated |
| »»» deleted_at | string(date-time) | false | none | The time (rfc3339 timestamp) at which this workload was deleted |
| »»» created_by | object | false | none | none |
| »»»» href | string | true* | none | The URI of the user who created this workload |
| »»» updated_by | object | false | none | none |
| »»»» href | string | true* | none | The URI of the user who last updated this workload |
| »»» deleted_by | object | false | none | none |
| »»»» href | string | true* | none | The URI of the user who deleted this workload |
| »»» container_cluster | object | false | none | Container Cluster |
| »»»» href | string | true* | none | URI |
| »»»» name | string | true* | none | Name |
| »»» ike_authentication_certificate | object | false | none | IKE authentication certificate for certificate-based Secure Connect and Machine Auth connections |
| »»» datacenter_nat_1to1 | boolean | false | none | Datacenter NAT 1to1 mode ON. Used for enforcing creation of pseudo public interface |
Enumerated Values
| Property | Value |
|---|---|
| vulnerability_computation_state | not_applicable |
| vulnerability_computation_state | syncing |
| vulnerability_computation_state | in_sync |
| workload_exposure_severity | critical |
| workload_exposure_severity | high |
| workload_exposure_severity | medium |
| workload_exposure_severity | low |
| workload_exposure_severity | fully_protected |
| ven_type | server |
| ven_type | endpoint |
| ven_type | containerized |
workloads_unpair_put
{
"workloads": [
{
"href": "string"
}
],
"ip_table_restore": "default"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| workloads | [object] | true* | none | Workloads to update |
| » href | string | true* | none | URI of workload to update |
| ip_table_restore | string | false | none | The desired state of IP tables after the agent is uninstalled. |
Enumerated Values
| Property | Value |
|---|---|
| ip_table_restore | saved |
| ip_table_restore | default |
| ip_table_restore | disable |
workloads_bulk_create_put
[
{}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | The short friendly name of the workload |
| description | string | false | none | The long description of the workload |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| hostname | string | false | none | The hostname reported from the host itself |
| service_principal_name | string,null | false | none | The Kerberos Service Principal Name (SPN) |
| agent_to_pce_certificate_authentication_id | string,null | false | none | PKI Certificate identifier to be used by the PCE for authenticating the VEN |
| distinguished_name | string | false | none | X.509 Subject distinguished name |
| public_ip | string,null | false | none | The public IP address of the server |
| interfaces | workloads_post/properties/interfaces | false | none | Workload network interfaces |
| service_provider | string | false | none | Service provider |
| data_center | string | false | none | Data center |
| data_center_zone | string | false | none | Data center zone |
| os_id | string | false | none | Our OS identifier |
| os_detail | string | false | none | Additional OS details - just displayed to end user |
| online | boolean | false | none | If this workload is online |
| labels | workloads_post/properties/labels | false | none | Assigned labels |
| agent | object | false | none | DEPRECATED AND REPLACED (USE enforcement_mode and visibility_level) Agent info |
| » config | workloads_post/properties/agent/properties/config | false | none | DEPRECATED AND REPLACED by 'ven', 'enforcement_mode', and 'visibility_level' |
| enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
workloads_bulk_update_put
[]
Workload bulk_update: Input must conform to one of: workloads_with_ven_put.schema.json, workloads_with_ven_interfaces_put.schema.json, workloads_without_ven_put.schema.json
Properties
None
workloads_bulk_delete_put
[
{
"href": "string"
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | URI of a specific workload or workload collection URI with query parameters external_data_set and external_data_reference |
workloads_risk_details_get
{
"risk_details": {}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| risk_details | object | false | none | none |
workloads_put
{
"href": "string",
"name": "string",
"description": null,
"external_data_set": null,
"external_data_reference": null,
"service_principal_name": null,
"agent_to_pce_certificate_authentication_id": null,
"service_provider": "string",
"data_center": "string",
"data_center_zone": "string",
"labels": [
{
"href": "string"
}
],
"agent": {
"href": "string",
"config": {
"mode": "idle",
"log_traffic": true
},
"status": {
"status": "active"
}
},
"enforcement_mode": "idle",
"datacenter_nat_1to1": true
}
Properties
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » href | string | false | none | Workload URI (bulk_update only) |
| » name | string | false | none | The short friendly name of the workload |
| » description | string,null | false | none | The long description of the workload |
| » external_data_set | string,null | false | none | External data set identifier |
| » external_data_reference | string,null | false | none | External data reference identifier |
| » service_principal_name | string,null | false | none | The Kerberos Service Principal Name (SPN) |
| » agent_to_pce_certificate_authentication_id | string,null | false | none | PKI Certificate identifier to be used by the PCE for authenticating the VEN |
| » service_provider | string | false | none | Service provider |
| » data_center | string | false | none | Data center |
| » data_center_zone | string | false | none | Data center zone |
| » labels | workloads_post/properties/labels | false | none | Assigned labels |
| » agent | object | false | none | DEPRECATED AND REPLACED (USE VEN INSTEAD for status, USE enforcement_mode and visibility_level for config) |
| »» href | string | false | none | URI of agent; will be ignored by the server |
| »» config | workloads_post/properties/agent/properties/config | false | none | DEPRECATED AND REPLACED by 'ven', 'enforcement_mode', and 'visibility_level' |
| »» status | object | false | none | none |
| »»» status | string | false | none | Updated agent status |
| »» enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| »» datacenter_nat_1to1 | boolean | false | none | Datacenter NAT 1to1 mode ON. Used for enforcing creation of pseudo public interface |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» href | string | false | none | Workload URI (bulk_update only) |
| »» name | string | false | none | The short friendly name of the workload |
| »» description | string | false | none | The long description of the workload |
| »» external_data_set | string,null | false | none | External data set identifier |
| »» external_data_reference | string,null | false | none | External data reference identifier |
| »» service_principal_name | string,null | false | none | The Kerberos Service Principal Name (SPN) |
| »» public_ip | string | false | none | The public IP address of the server |
| »» interfaces | workloads_post/properties/interfaces | false | none | Workload network interfaces |
| »» service_provider | string | false | none | Service provider |
| »» data_center | string | false | none | Data center |
| »» data_center_zone | string | false | none | Data center zone |
| »» labels | workloads_post/properties/labels | false | none | Assigned labels |
| »» agent | object | false | none | DEPRECATED AND REPLACED (USE VEN INSTEAD for status, USE enforcement_mode and visibility_level for config) |
| »»» href | string | false | none | URI of agent; will be ignored by the server |
| »»» config | workloads_post/properties/agent/properties/config | false | none | DEPRECATED AND REPLACED by 'ven', 'enforcement_mode', and 'visibility_level' |
| »»» status | workloads_put/anyOf/0/properties/agent/properties/status | false | none | none |
| »» enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| »» datacenter_nat_1to1 | boolean | false | none | Datacenter NAT 1to1 mode ON. Used for enforcing creation of pseudo public interface |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» href | string | false | none | Workload URI (bulk_update only) |
| »» name | string | false | none | The short friendly name of the workload |
| »» description | string | false | none | The long description of the workload |
| »» external_data_set | string,null | false | none | External data set identifier |
| »» external_data_reference | string,null | false | none | External data reference identifier |
| »» hostname | string | false | none | The hostname reported from the host itself |
| »» service_principal_name | string,null | false | none | The Kerberos Service Principal Name (SPN) |
| »» agent_to_pce_certificate_authentication_id | string,null | false | none | PKI Certificate identifier to be used by the PCE for authenticating the VEN |
| »» distinguished_name | string | false | none | X.509 Subject distinguished name |
| »» public_ip | string,null | false | none | The public IP address of the server |
| »» interfaces | workloads_post/properties/interfaces | false | none | Workload network interfaces |
| »» service_provider | string | false | none | Service provider |
| »» data_center | string | false | none | Data center |
| »» data_center_zone | string | false | none | Data center zone |
| »» os_id | string | false | none | Our OS identifier |
| »» os_detail | string | false | none | Additional OS details - just displayed to end user |
| »» online | boolean | false | none | If this workload is online |
| »» labels | workloads_post/properties/labels | false | none | Assigned labels |
| »» agent | object | false | none | Agent info |
| »»» href | string | false | none | URI of agent; will be ignored by the server |
| »»» config | workloads_post/properties/agent/properties/config | false | none | DEPRECATED AND REPLACED by 'ven', 'enforcement_mode', and 'visibility_level' |
| »» enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
Enumerated Values
| Property | Value |
|---|---|
| status | active |
| status | suspended |
labels_get
{
"href": "string",
"deleted": true,
"key": "string",
"value": "string",
"external_data_set": null,
"external_data_reference": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI of this label |
| deleted | boolean | false | none | This label has been deleted |
| key | string | true* | none | Key in key-value pair |
| value | string | true* | none | Value in key-value pair |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| created_at | string(date-time) | true* | none | Timestamp when this label was first created |
| updated_at | string(date-time) | true* | none | Timestamp when this label was last updated |
| created_by | object | false | none | none |
| » href | string | true* | none | User who originally created this label |
| updated_by | object | false | none | none |
| » href | string | true* | none | User who last updated this label |
labels_post
{
"key": "string",
"value": "string",
"external_data_set": null,
"external_data_reference": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| key | string | true* | none | Key in key-value pair |
| value | string | true* | none | Value in key-value pair |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
labels_put
{
"value": "string",
"external_data_set": null,
"external_data_reference": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| value | string | false | none | Value in key-value pair |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
security_principals_get
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | URI of security principal |
| sid | string | true* | none | Active Directory SID |
| name | string | true* | none | Name of the security principal |
| description | string | false | none | A longer description of the security principal |
| deleted | boolean | true* | none | Flag to indicate if security principal has been deleted |
| used_by_ruleset | boolean | true* | none | Flag to indicate if this security principal is being used by a ruleset |
security_principals_post
{
"sid": "string",
"name": "string",
"description": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| sid | string | true* | none | Active Directory SID |
| name | string | true* | none | Name of the security principal |
| description | string | false | none | A longer description of the security principal |
security_principals_bulk_create_put
[
{
"sid": "string",
"name": "string",
"description": "string"
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | [security_principals_post] | false | none | none |
security_principals_put
{
"name": "string",
"description": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | Name of the security principal |
| description | string | false | none | A longer description of the security principal |
pairing_profiles_get
{
"href": "string",
"name": "string",
"description": "string",
"mode": "idle",
"enforcement_mode": "idle",
"status": "string",
"enabled": true,
"total_use_count": 0,
"allowed_uses_per_key": 1,
"key_lifespan": 1,
"last_pairing_at": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"last_pairing_key_generated_at": null,
"last_pairing_key_generated_by": null,
"is_default": true,
"labels": [
{
"href": "string"
}
],
"env_label_lock": true,
"loc_label_lock": true,
"role_label_lock": true,
"app_label_lock": true,
"mode_lock": true,
"enforcement_mode_lock": true,
"log_traffic": true,
"log_traffic_lock": true,
"visibility_level": "flow_summary",
"visibility_level_lock": true,
"status_lock": true,
"external_data_set": null,
"external_data_reference": null,
"agent_software_release": null,
"ven_type": "specified_during_activation"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI of the Pairing Profile |
| name | string | true* | none | The short friendly name of the Pairing Profile |
| description | string | true* | none | The long description of the Pairing Profile |
| mode | string | true* | none | DEPRECATED AND REPLACED (Use enforcement_mode instead) |
| enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| status | string | false | none | VEN should be in idle state when it activates |
| enabled | boolean | true* | none | The enabled flag of the Pairing Profile |
| total_use_count | integer | true* | none | The number of times the Pairing Profile has been used |
| allowed_uses_per_key | any | true* | none | The number of times the Pairing Profile can be used |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | integer | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| key_lifespan | any | true* | none | Number of seconds Pairing Profile Keys will be valid for |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | integer | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| last_pairing_at | string,null | true* | none | Timestamp when this Pairing Profile was last used for pairing a Workload |
| created_at | string(date-time) | true* | none | Timestamp when this Pairing Profile was first created |
| updated_at | string(date-time) | true* | none | Timestamp when this Pairing Profile was last updated |
| created_by | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| updated_by | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| last_pairing_key_generated_at | string,null(date-time) | true* | none | Timestamp of when the last pairing key was generated |
| last_pairing_key_generated_by | any | true* | none | User who generated the last pairing key |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | null | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| is_default | boolean | true* | none | Flag indicating this is default auto-created Pairing Profile |
| labels | workloads_post/properties/labels | true* | none | Assigned labels |
| env_label_lock | boolean | true* | none | Flag that controls whether env Label can be overridden from pairing script |
| loc_label_lock | boolean | true* | none | Flag that controls whether loc Label can be overridden from pairing script |
| role_label_lock | boolean | true* | none | Flag that controls whether role Label can be overridden from pairing script |
| app_label_lock | boolean | true* | none | Flag that controls whether app Label can be overridden from pairing script |
| mode_lock | boolean | true* | none | DEPRECATED AND REPLACED (USE /enforcement_mode_lock INSTEAD) Flag that controls whether mode can be overridden from pairing script |
| enforcement_mode_lock | boolean | false | none | Flag that controls whether enforcement mode can be overridden from pairing script |
| log_traffic | boolean | true* | none | DEPRECATED AND REMOVED. Alerting status |
| log_traffic_lock | boolean | true* | none | DEPRECATED AND REMOVED. Flag that controls whether log_traffic can be overridden from pairing script |
| visibility_level | any | true* | none | Visibility level of the Workload (DEPRECATED VALUE: 'flow_full_detail') |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string | false | none | Visibility level of the workload |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| visibility_level_lock | boolean | true* | none | Flag that controls whether visibility_level can be overridden from pairing script |
| status_lock | boolean | false | none | Flag that controls whether status can be overridden from pairing script |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| agent_software_release | string,null | false | none | Agent Software Release associated with this Pairing Profile |
| ven_type | string | false | none | Type of VEN that this pairing profile will enforce. specified_during_activation option is deprecated and will be removed in the next API version. |
Enumerated Values
| Property | Value |
|---|---|
| mode | idle |
| mode | illuminated |
| mode | enforced |
| mode | selective |
| anonymous | flow_summary |
| anonymous | flow_drops |
| anonymous | flow_off |
| anonymous | enhanced_data_collection |
| ven_type | specified_during_activation |
| ven_type | server |
| ven_type | endpoint |
pairing_profiles_post
{
"name": "string",
"description": "string",
"mode": "idle",
"mode_lock": true,
"enforcement_mode": "idle",
"enforcement_mode_lock": true,
"enabled": true,
"allowed_uses_per_key": 1,
"key_lifespan": 1,
"labels": [
{
"href": "string"
}
],
"env_label_lock": true,
"loc_label_lock": true,
"role_label_lock": true,
"app_label_lock": true,
"log_traffic": true,
"log_traffic_lock": true,
"visibility_level": "flow_full_detail",
"visibility_level_lock": true,
"external_data_set": null,
"external_data_reference": null,
"agent_software_release": null,
"ven_type": "specified_during_activation"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | The short friendly name of the pairing profile |
| description | string | false | none | The long description of the pairing profile |
| mode | string | false | none | DEPRECATED AND REPLACED (Use enforcement_mode instead) |
| mode_lock | boolean | false | none | DEPRECATED AND REPLACED (USE /enforcement_mode_lock INSTEAD) Flag that controls whether mode can be overridden from pairing script |
| enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| enforcement_mode_lock | boolean | false | none | Flag that controls whether enforcement mode can be overridden from pairing script |
| enabled | boolean | true* | none | The enabled flag of the pairing profile |
| allowed_uses_per_key | any | false | none | The number of times pairing profile keys can be used |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | integer | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| key_lifespan | any | false | none | Number of seconds pairing profile keys will be valid for |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | integer | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| labels | workloads_post/properties/labels | false | none | Assigned labels |
| env_label_lock | boolean | false | none | Flag that controls whether env label can be overridden from pairing script |
| loc_label_lock | boolean | false | none | Flag that controls whether loc label can be overridden from pairing script |
| role_label_lock | boolean | false | none | Flag that controls whether role label can be overridden from pairing script |
| app_label_lock | boolean | false | none | Flag that controls whether app label can be overridden from pairing script |
| log_traffic | boolean | false | none | DEPRECATED AND REMOVED. Alerting status |
| log_traffic_lock | boolean | false | none | DEPRECATED AND REMOVED. Flag that controls whether log_traffic can be overridden from pairing script |
| visibility_level | string | false | none | Visibility level of the agent (DEPRECATED VALUE: 'flow_full_detail') |
| visibility_level_lock | boolean | false | none | Flag that controls whether visibility_level can be overridden from pairing script |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| agent_software_release | string,null | false | none | Agent software release associated with this paring profile |
| ven_type | pairing_profiles_get/properties/ven_type | false | none | Type of VEN that this pairing profile will enforce. specified_during_activation option is deprecated and will be removed in the next API version. |
Enumerated Values
| Property | Value |
|---|---|
| mode | idle |
| mode | illuminated |
| mode | enforced |
| anonymous | unlimited |
| anonymous | unlimited |
| visibility_level | flow_full_detail |
| visibility_level | flow_summary |
| visibility_level | flow_drops |
| visibility_level | flow_off |
| visibility_level | enhanced_data_collection |
pairing_profiles_put
{
"name": "string",
"description": "string",
"mode": "idle",
"mode_lock": true,
"enforcement_mode": "idle",
"enforcement_mode_lock": true,
"enabled": true,
"allowed_uses_per_key": 1,
"key_lifespan": 1,
"labels": [
{
"href": "string"
}
],
"env_label_lock": true,
"loc_label_lock": true,
"role_label_lock": true,
"app_label_lock": true,
"log_traffic": true,
"log_traffic_lock": true,
"visibility_level": "flow_full_detail",
"visibility_level_lock": true,
"external_data_set": null,
"external_data_reference": null,
"agent_software_release": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | The short friendly name of the pairing profile |
| description | string | false | none | The long description of the pairing profile |
| mode | pairing_profiles_post/properties/mode | false | none | DEPRECATED AND REPLACED (Use enforcement_mode instead) |
| mode_lock | boolean | false | none | DEPRECATED AND REPLACED (USE /enforcement_mode_lock INSTEAD) Flag that controls whether mode can be overridden from pairing script |
| enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| enforcement_mode_lock | boolean | false | none | Flag that controls whether enforcement mode can be overridden from pairing script |
| enabled | boolean | false | none | The enabled flag of the pairing profile |
| allowed_uses_per_key | any | false | none | The number of times pairing profile keys can be used |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | integer | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| key_lifespan | any | false | none | Number of seconds pairing profile keys will be valid for |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | integer | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| labels | workloads_post/properties/labels | false | none | Assigned labels |
| env_label_lock | boolean | false | none | Flag that controls whether env label can be overridden from pairing script |
| loc_label_lock | boolean | false | none | Flag that controls whether loc label can be overridden from pairing script |
| role_label_lock | boolean | false | none | Flag that controls whether role label can be overridden from pairing script |
| app_label_lock | boolean | false | none | Flag that controls whether app label can be overridden from pairing script |
| log_traffic | boolean | false | none | DEPRECATED AND REMOVED. Alerting status |
| log_traffic_lock | boolean | false | none | DEPRECATED AND REMOVED. Flag that controls whether log_traffic can be overridden from pairing script |
| visibility_level | string | false | none | Visibility level of the agent (DEPRECATED VALUE: 'flow_full_detail') |
| visibility_level_lock | boolean | false | none | Flag that controls whether visibility_level can be overridden from pairing script |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| agent_software_release | string,null | false | none | Agent software release associated with this paring profile |
Enumerated Values
| Property | Value |
|---|---|
| anonymous | unlimited |
| anonymous | unlimited |
| visibility_level | flow_full_detail |
| visibility_level | flow_summary |
| visibility_level | flow_drops |
| visibility_level | flow_off |
| visibility_level | enhanced_data_collection |
pairing_profiles_pairing_key_post
{}
Properties
None
sec_policy_enforcement_boundaries_get
{
"href": "string",
"name": "string",
"providers": [
{
"actors": "ams",
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"ingress_services": [
{
"href": "string"
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": null,
"updated_by": null,
"deleted_by": null,
"update_type": "string",
"enabled": true
}
Enforcement boundary
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | The job URI. |
| name | string | true* | none | Name of the enforcement boundary |
| providers | [object] | true* | none | Enforcement boundary actor |
| » actors | string | false | none | Rule actors are all workloads ('ams') |
| » label | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| » label_group | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| » ip_list | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| » workload | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| consumers | sec_policy_enforcement_boundaries_get/properties/providers | true* | none | Enforcement boundary actor |
| ingress_services | [oneOf] | true* | none | Array of service URI and port/protocol combinations |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» port | integer | false | none | Port number, or the starting port of a range. If unspecified, this will apply to all ports for the given protocol. |
| »» to_port | integer | false | none | Upper end of port range; this field should not be included if specifying an individual port. |
| »» proto | integer | true* | none | Transport protocol (numeric) |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» name | string | true* | none | Name (does not need to be unique) |
| »» description | string | false | none | Description |
| »» service_ports | sec_policy_services_get/properties/service_ports | false | none | Service ports |
| »» windows_services | sec_policy_services_get/properties/windows_services | false | none | Windows services |
| »» external_data_set | string | true* | none | External data set identifier |
| »» external_data_reference | string | true* | none | External data reference identifier |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » created_at | string(date-time) | false | none | Timestamp when this Enforcement Boundary was first created |
| » updated_at | string(date-time) | false | none | Timestamp when this Enforcement Boundary was last updated |
| » deleted_at | string,null(date-time) | false | none | Timestamp when this Enforcement Boundary was deleted |
| » created_by | object,null | false | none | none |
| »» href | string | true* | none | User who originally created this Enforcement Boundary |
| » updated_by | object,null | false | none | none |
| »» href | string | true* | none | User who last updated this Enforcement Boundary |
| » deleted_by | object,null | false | none | none |
| »» href | string | true* | none | User who deleted this Enforcement Boundary |
| » update_type | string | false | none | Type of update |
| » enabled | boolean | false | none | Enabled flag |
Enumerated Values
| Property | Value |
|---|---|
| actors | ams |
| proto | 6 |
| proto | 17 |
sec_policy_enforcement_boundaries_post
{
"name": "string",
"enabled": true,
"providers": [
{
"actors": "ams",
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"ingress_services": [
{
"href": "string"
}
]
}
Create enforcement boundary
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | Name of the enforcement boundary |
| enabled | boolean | false | none | Enabled flag |
| providers | sec_policy_enforcement_boundaries_get/properties/providers | true* | none | Enforcement boundary actor |
| consumers | sec_policy_enforcement_boundaries_get/properties/providers | true* | none | Enforcement boundary actor |
| ingress_services | sec_policy_enforcement_boundaries_get/properties/ingress_services | true* | none | Array of service URI and port/protocol combinations |
sec_policy_enforcement_boundaries_put
{
"name": "string",
"enabled": true,
"providers": [
{
"actors": "ams",
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"ingress_services": [
{
"href": "string"
}
]
}
Update enforcement boundary
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | Name of the enforcement boundary |
| enabled | boolean | false | none | Enabled flag |
| providers | sec_policy_enforcement_boundaries_get/properties/providers | false | none | Enforcement boundary actor |
| consumers | sec_policy_enforcement_boundaries_get/properties/providers | false | none | Enforcement boundary actor |
| ingress_services | sec_policy_enforcement_boundaries_get/properties/ingress_services | false | none | Array of service URI and port/protocol combinations |
sec_policy_virtual_services_get
{}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | URI of the virtual service |
| created_at | string(date-time) | true* | none | Timestamp when this virtual service was first created |
| updated_at | string(date-time) | true* | none | Timestamp when this virtual service was last updated |
| deleted_at | string,null(date-time) | true* | none | Timestamp when this virtual service was deleted |
| created_by | object,null | false | none | none |
| » href | string | true* | none | none |
| updated_by | sec_policy_virtual_services_get/properties/created_by | false | none | none |
| deleted_by | sec_policy_virtual_services_get/properties/created_by | false | none | none |
| update_type | string,null | false | none | Versioned policy object update type |
| name | string | true* | none | Name |
| description | string,null | true* | none | Description |
| pce_fqdn | string,null | false | none | PCE FQDN for this container cluster. Used in Supercluster only |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| labels | [object] | true* | none | Virtual service labels |
| » href | string | true* | none | Label URI |
| » key | string | false | none | Key in key-value pair |
| » value | string | false | none | Value in key-value pair |
| service_ports | [object] | false | none | Service ports |
| » port | integer | false | none | Port Number (integer 0-65535 or -1 for any port). Also the startng port when specifying a range. |
| » to_port | integer | false | none | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| » proto | integer | true* | none | none |
| service | object | false | none | URI of associated service |
| apply_to | string | false | none | Firewall rule target for workloads bound to this virtual service: host_only or internal_bridge_network |
| ip_overrides | [string] | false | none | Array of IPs or CIDRs as IP overrides |
| service_addresses | [oneOf] | false | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» ip | string | true* | none | IP address to assign to the virtual service |
| »» network | object | false | none | none |
| »»» href | string | true* | none | Network URI for this IP address |
| »» port | integer | false | none | Port associated with the IP address for the service (1-65535 integer) |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | object | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» fqdn | string | true* | none | FQDN to assign to the virtual service |
| »» description | string | false | none | none |
| »» port | integer | false | none | Port associated with the FQDN for the service |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| update_type | create |
| update_type | update |
| update_type | delete |
| update_type | null |
| proto | 6 |
| proto | 17 |
sec_policy_virtual_services_post
{}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | Name |
| description | string | false | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| labels | [object] | false | none | Assigned labels |
| » href | string | true* | none | Label URI |
| service_ports | sec_policy_virtual_services_get/properties/service_ports | false | none | Service ports |
| service | object | false | none | URI of associated service |
| apply_to | string | false | none | Firewall rule target for workloads bound to this virtual service: host_only or internal_bridge_network |
| ip_overrides | [string] | false | none | Array of IPs or CIDRs as IP overrides |
| service_addresses | sec_policy_virtual_services_get/properties/service_addresses | false | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| apply_to | host_only |
| apply_to | internal_bridge_network |
sec_policy_virtual_services_bulk_create_put
[
{}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | Name |
| description | string | false | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| labels | sec_policy_virtual_services_post/properties/labels | false | none | Assigned labels |
| service_ports | sec_policy_virtual_services_get/properties/service_ports | false | none | Service ports |
| service | object | false | none | URI of associated service |
| apply_to | string | false | none | Firewall rule target for workloads bound to this virtual service: host_only or internal_bridge_network |
| ip_overrides | [string] | false | none | Array of IPs or CIDRs as IP overrides |
| service_addresses | sec_policy_virtual_services_get/properties/service_addresses | false | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| apply_to | host_only |
| apply_to | internal_bridge_network |
sec_policy_virtual_services_bulk_update_put
[
{
"href": "string",
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"labels": [
{
"href": "string"
}
],
"service": {},
"service_ports": [
{
"port": 0,
"to_port": 0,
"proto": 6
}
],
"apply_to": "host_only",
"ip_overrides": [
"string"
],
"service_addresses": [
{}
]
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | Virtual Service URI |
| name | string | false | none | Name |
| description | string | false | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| labels | sec_policy_virtual_services_post/properties/labels | false | none | Assigned labels |
| service | object | false | none | URI of associated service |
| service_ports | sec_policy_virtual_services_get/properties/service_ports | false | none | Service ports |
| apply_to | string | false | none | Firewall rule target for workloads bound to this bound service: host_only or internal_bridge_network |
| ip_overrides | [string] | false | none | Array of IPs or CIDRs as IP overrides |
| service_addresses | sec_policy_virtual_services_get/properties/service_addresses | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| apply_to | host_only |
| apply_to | internal_bridge_network |
sec_policy_virtual_services_put
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"labels": [
{
"href": "string"
}
],
"service_ports": [
{
"port": 0,
"to_port": 0,
"proto": 6
}
],
"service": {},
"apply_to": "host_only",
"ip_overrides": [
"string"
],
"service_addresses": [
{}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | Name |
| description | string | false | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| labels | sec_policy_virtual_services_post/properties/labels | false | none | Assigned labels |
| service_ports | sec_policy_virtual_services_get/properties/service_ports | false | none | Service ports |
| service | object | false | none | URI of associated service |
| apply_to | string | false | none | Firewall rule target for workloads bound to this virtual service: host_only or internal_bridge_network |
| ip_overrides | [string] | false | none | Array of IPs or CIDRs as IP overrides |
| service_addresses | sec_policy_virtual_services_get/properties/service_addresses | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| apply_to | host_only |
| apply_to | internal_bridge_network |
sec_policy_ip_lists_get
{
"href": "string",
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ip_ranges": [
{
"description": "string",
"from_ip": "string",
"to_ip": "string",
"exclusion": true
}
],
"fqdns": [
{
"fqdn": "string",
"description": "string"
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI of the ip list |
| name | string | true* | none | Name (must be unique) |
| description | string | false | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| ip_ranges | [object] | false | none | IP addresses or ranges |
| » description | string | false | none | Description |
| » from_ip | string | true* | none | IP address or a low end of IP range. Might be specified with CIDR notation |
| » to_ip | string | false | none | High end of an IP range |
| » exclusion | boolean | false | none | Whether this IP address is an exclusion. Exclusions must be a strict subset of inclusive IP addresses. |
| fqdns | [object] | false | none | Collection of FQDN |
| » fqdn | string | true* | none | none |
| » description | string | false | none | none |
| created_at | string(date-time) | false | none | Time stamp when this IP List was first created |
| updated_at | string(date-time) | false | none | Time stamp when this IP List was last updated |
| deleted_at | string,null(date-time) | false | none | Time stamp when this IP List was deleted |
| created_by | object | false | none | none |
| » href | string | true* | none | User who originally created this IP List |
| updated_by | object | false | none | none |
| » href | string | true* | none | User who last updated this IP List |
| deleted_by | object,null | false | none | none |
| » href | string | true* | none | User who deleted this IP List |
sec_policy_ip_lists_post
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ip_ranges": [
{
"description": "string",
"from_ip": "string",
"to_ip": "string",
"exclusion": true
}
],
"fqdns": [
{
"fqdn": "string",
"description": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | Name (must be unique) |
| description | string | false | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| ip_ranges | sec_policy_ip_lists_get/properties/ip_ranges | false | none | IP addresses or ranges |
| fqdns | [object] | false | none | Collection of FQDN |
| » fqdn | string | true* | none | none |
| » description | string | false | none | none |
sec_policy_ip_lists_put
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ip_ranges": [
{
"description": "string",
"from_ip": "string",
"to_ip": "string",
"exclusion": true
}
],
"fqdns": [
{
"fqdn": "string",
"description": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | Name (must be unique) |
| description | string | false | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| ip_ranges | sec_policy_ip_lists_get/properties/ip_ranges | false | none | IP addresses or ranges |
| fqdns | [object] | false | none | Collection of FQDN |
| » fqdn | string | true* | none | none |
| » description | string | false | none | none |
sec_policy_label_groups_post
{
"name": "string",
"description": null,
"key": "string",
"labels": [
{
"href": "string"
}
],
"sub_groups": [
{
"href": "string"
}
],
"external_data_set": null,
"external_data_reference": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | Name of the label group |
| description | string,null | false | none | The long description of the label group |
| key | string | true* | none | Key in key-value pair of contained labels or label groups |
| labels | [sec_policy_virtual_servers_get/properties/created_by] | false | none | Contained labels |
| sub_groups | [sec_policy_virtual_servers_get/properties/created_by] | false | none | Contained label groups |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
sec_policy_label_groups_get
{
"href": "string",
"name": "string",
"description": null,
"key": "string",
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"sub_groups": [
{
"href": "string",
"name": "string"
}
],
"usage": {
"label_group": true,
"ruleset": true,
"rule": true,
"static_policy_scopes": true,
"containers_inherit_host_policy_scopes": true,
"blocked_connection_reject_scopes": true,
"enforcement_boundary": true,
"loopback_interfaces_in_policy_scopes": true,
"ip_forwarding_enabled_scopes": true,
"rule_hit_count_enabled_scopes": true,
"protection_schema": true
},
"external_data_set": null,
"external_data_reference": null,
"update_type": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | URI of this Label Group |
| name | string | true* | none | Name of the Label Group |
| description | string,null | true* | none | The long description of the Label Group |
| key | string | true* | none | Key in key-value pair of contained Labels or Label Groups |
| labels | [object] | false | none | Contained Labels |
| » href | string | true* | none | Label URI |
| » key | string | true* | none | Label key (same as Label Group key) |
| » value | string | true* | none | Label value in key-value pair |
| sub_groups | [object] | false | none | Contained Label Groups |
| » href | string | true* | none | Contained Label Group URI |
| » name | string | true* | none | Name of sub Label Group |
| usage | object | false | none | none |
| » label_group | boolean | true* | none | Label Group is referenced by another Label Group |
| » ruleset | boolean | true* | none | Label Group is referenced by at least one Ruleset |
| » rule | boolean | true* | none | Label Group is referenced by at least one Rule |
| » static_policy_scopes | boolean | true* | none | Label Group is referenced by Static Policy Scopes |
| » containers_inherit_host_policy_scopes | boolean | true* | none | Label Group is referenced by Containers Inherit Host Policy Scopes |
| » blocked_connection_reject_scopes | boolean | true* | none | Label Group is referenced by Blocked Connection Reject Scopes |
| » enforcement_boundary | boolean | true* | none | Label Group is referenced by at least one Enforcement Boundary |
| » loopback_interfaces_in_policy_scopes | boolean | true* | none | Label Group is referenced by Loopback Interfaces in Policy Scopes |
| » ip_forwarding_enabled_scopes | boolean | true* | none | Label Group is referenced by IP Forwarding Enabled Scopes |
| » rule_hit_count_enabled_scopes | boolean | true* | none | Label Group is referenced by Rule Hit Count Enabled Scopes |
| » protection_schema | boolean | false | none | Label Group is referenced by Protection Schema objects (Xpress) |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| update_type | string,null | false | none | Type of update |
| created_at | string(date-time) | true* | none | Timestamp when this Label Group was first created |
| updated_at | string(date-time) | true* | none | Timestamp when this Label Group was last updated |
| deleted_at | string,null(date-time) | true* | none | Timestamp when this Label Group was deleted |
| created_by | sec_policy_virtual_servers_get/properties/created_by | true* | none | none |
| updated_by | sec_policy_virtual_servers_get/properties/created_by | true* | none | none |
| deleted_by | any | true* | none | User who deleted this Label Group |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | null | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
sec_policy_label_groups_member_of_get
[
{
"href": "string",
"name": "string"
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | Parent label group URI |
| name | string | false | none | Name of parent label group |
labels_summary
[
{
"href": "string",
"key": "string",
"value": "string"
}
]
Assigned labels summary
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | Label URI |
| key | string | false | none | Key in key-value pair |
| value | string | false | none | Value in key-value pair |
sec_policy_label_groups_put
{
"name": "string",
"description": null,
"labels": [
{
"href": "string"
}
],
"sub_groups": [
{
"href": "string"
}
],
"external_data_set": null,
"external_data_reference": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | Name of the label group |
| description | string,null | false | none | The long description of the label group |
| labels | [sec_policy_virtual_servers_get/properties/created_by] | false | none | Contained labels |
| sub_groups | [sec_policy_virtual_servers_get/properties/created_by] | false | none | Contained label groups |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
sec_policy_services_get
{
"href": "string",
"name": "string",
"description": "string",
"risk_details": {
"ransomware": null
},
"description_url": "string",
"process_name": "string",
"service_ports": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"icmp_type": null,
"icmp_code": null
}
],
"windows_services": [
{
"service_name": null,
"process_name": null,
"port": 0,
"to_port": 0,
"proto": null,
"icmp_type": 0,
"icmp_code": 0
}
],
"external_data_set": null,
"external_data_reference": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": {
"href": "string"
},
"update_type": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI of the service |
| name | string | true* | none | Name (does not need to be unique) |
| description | string | false | none | Description |
| risk_details | object | false | none | none |
| » ransomware | object,null | true* | none | none |
| »» category | string | true* | none | Categorization based on Admin or Legacy port used in the service |
| »» severity | string | true* | none | Severity of this service |
| »» average_protection_percent | number | false | none | This is the average of ransomware protection percentage for all the service ports in this service. |
| »» os_platforms | [string] | true* | none | Operating system for this ransomware service |
| » description_url | string | false | none | Description URL Read-only to prevent XSS attacks |
| » process_name | string | false | none | The process name |
| » service_ports | [object] | false | none | Service ports |
| »» port | integer | false | none | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »» to_port | integer | false | none | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »» proto | integer | true* | none | Transport protocol |
| »» icmp_type | integer,null | false | none | ICMP Type (integer 0-255 for icmp protocol) |
| »» icmp_code | integer,null | false | none | ICMP Code (integer 0-15 for icmp protocol) |
| » windows_services | [object] | false | none | Windows services |
| »» service_name | string,null | false | none | Name of Windows Service |
| »» process_name | string,null | false | none | Name of running process |
| »» port | integer | false | none | Port Number (integer 1-65535). If not provided and proto needs ports it defaults to any.Also the starting port when specifying a range. |
| »» to_port | integer | false | none | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »» proto | integer,null | false | none | Transport protocol |
| »» icmp_type | integer | false | none | ICMP Type (integer 0-255 for icmp protocol) |
| »» icmp_code | integer | false | none | ICMP Code (integer 0-15 for icmp protocol) |
| » external_data_set | string,null | false | none | External data set identifier |
| » external_data_reference | string,null | false | none | External data reference identifier |
| » created_at | string(date-time) | false | none | Time stamp when this Service was first created |
| » updated_at | string(date-time) | false | none | Time stamp when this Service was last updated |
| » deleted_at | string(date-time) | false | none | Time stamp when this Service was deleted |
| » created_by | object | false | none | none |
| »» href | string | true* | none | User who originally created this Service |
| » updated_by | object | false | none | none |
| »» href | string | true* | none | User who last updated this Service |
| » deleted_by | object | false | none | none |
| »» href | string | true* | none | User who deleted this Service |
| » update_type | string | true* | none | Type of update |
sec_policy_services_post
{
"name": "string",
"description": "string",
"risk_details": {
"ransomware": {
"category": "admin",
"severity": "low",
"os_platforms": [
"windows"
]
}
},
"process_name": "string",
"service_ports": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"icmp_type": null,
"icmp_code": null
}
],
"windows_services": [
{
"service_name": null,
"process_name": null,
"port": 0,
"to_port": 0,
"proto": null,
"icmp_type": 0,
"icmp_code": 0
}
],
"external_data_set": null,
"external_data_reference": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | Name (does not need to be unique) |
| description | string | false | none | Description |
| risk_details | object | false | none | none |
| » ransomware | object | false | none | none |
| »» category | string | false | none | Categorization based on Admin or Legacy port used in the service |
| »» severity | string | false | none | Severity of this service |
| »» os_platforms | [string] | false | none | Operating system for this ransomware service |
| » process_name | string | false | none | The process name |
| » service_ports | sec_policy_services_get/properties/service_ports | false | none | Service ports |
| » windows_services | sec_policy_services_get/properties/windows_services | false | none | Windows services |
| » external_data_set | string,null | false | none | External data set identifier |
| » external_data_reference | string,null | false | none | External data reference identifier |
Enumerated Values
| Property | Value |
|---|---|
| category | admin |
| category | legacy |
| severity | low |
| severity | medium |
| severity | high |
| severity | critical |
sec_policy_services_put
{
"name": "string",
"description": "string",
"risk_details": {
"ransomware": {
"category": "admin",
"severity": "low",
"os_platforms": [
"windows"
]
}
},
"process_name": "string",
"service_ports": [
{
"port": 0,
"to_port": 0,
"proto": 0,
"icmp_type": null,
"icmp_code": null
}
],
"windows_services": [
{
"service_name": null,
"process_name": null,
"port": 0,
"to_port": 0,
"proto": null,
"icmp_type": 0,
"icmp_code": 0
}
],
"external_data_set": null,
"external_data_reference": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | Name (does not need to be unique) |
| description | string | false | none | Description |
| risk_details | object | false | none | none |
| » ransomware | object | false | none | none |
| »» category | string | false | none | Categorization based on Admin or Legacy port used in the service |
| »» severity | string | false | none | Severity of this service |
| »» os_platforms | [string] | false | none | Operating system for this ransomware service |
| » process_name | string | false | none | The process name |
| » service_ports | sec_policy_services_get/properties/service_ports | false | none | Service ports |
| » windows_services | sec_policy_services_get/properties/windows_services | false | none | Windows services |
| » external_data_set | string,null | false | none | External data set identifier |
| » external_data_reference | string,null | false | none | External data reference identifier |
Enumerated Values
| Property | Value |
|---|---|
| category | admin |
| category | legacy |
| severity | low |
| severity | medium |
| severity | high |
| severity | critical |
sec_policy_virtual_servers_post
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"labels": [
{
"href": "string"
}
],
"service": {
"href": "string"
},
"providers": [
{
"label": {
"href": "string"
}
}
],
"discovered_virtual_server": {
"href": "string"
},
"mode": "unmanaged"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | The short friendly name of the virtual server |
| description | string | false | none | The long description of the virtual server |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| labels | workloads_post/properties/labels | true* | none | Assigned labels |
| service | object | true* | none | URI of associated service |
| » href | string | true* | none | Service URI |
| providers | [oneOf] | true* | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» label | object | true* | none | none |
| »»» href | string | true* | none | Label URI |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | object | false | none | none |
| »»» workload | object | true* | none | none |
| »»»» href | string | true* | none | Workload URI |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» discovered_virtual_server | object | true* | none | Corresponding discovered virtual server |
| »»»» href | string | true* | none | Discovered virtual server URI |
| »»» mode | string | true* | none | Management mode of the virtual server |
Enumerated Values
| Property | Value |
|---|---|
| mode | unmanaged |
| mode | enforced |
sec_policy_virtual_servers_get
{
"href": "string",
"name": "string",
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"service": {
"href": "string"
},
"providers": [
{}
],
"mode": "string",
"description": null,
"external_data_set": null,
"external_data_reference": null,
"discovered_virtual_server": null,
"update_type": "create",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | href of virtual server |
| name | string | true* | none | The short friendly name of the virtual server |
| labels | [sec_policy_virtual_services_get/properties/labels/items] | true* | none | none |
| service | sec_policy_virtual_servers_get/properties/created_by | true* | none | none |
| providers | [object] | true* | none | none |
| mode | string | true* | none | Management mode of the virtual server |
| description | string,null | false | none | The long description of the virtual server |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| discovered_virtual_server | object,null | true* | none | Corresponding discovered virtual server |
| » href | string | true* | none | Discovered virtual server URI |
| » dvs_identifier | string | true* | none | NFC-generated unique identifier for virtual server |
| » mode | string | true* | none | Virtual server mode of operation |
| » name | string | true* | none | Configured name of virtual server |
| » vip_port | object | true* | none | none |
| »» vip | string(ipv4) | true* | none | Virtual server IP |
| »» protocol | workloads_get/properties/services/properties/open_service_ports/items/properties/protocol | true* | none | Transport protocol |
| »» port | string | true* | none | Virtual server port(s) |
| » update_type | sec_policy_virtual_services_get/properties/update_type | true* | none | Versioned policy object update type |
| » created_at | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this virtual server was created |
| » updated_at | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this virtual server was last updated |
| » deleted_at | string,null(date-time) | true* | none | The time (rfc3339 timestamp) at which this virtual server was deleted |
| » created_by | object | true* | none | none |
| »» href | string | true* | none | none |
| » updated_by | sec_policy_virtual_servers_get/properties/created_by | true* | none | none |
| » deleted_by | sec_policy_virtual_services_get/properties/created_by | true* | none | none |
sec_policy_virtual_servers_put
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"labels": [
{
"href": "string"
}
],
"service": {
"href": "string"
},
"providers": [
{
"label": {
"href": "string"
}
}
],
"discovered_virtual_server": {
"href": "string"
},
"mode": "unmanaged"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | The short friendly name of the virtual server |
| description | string | false | none | The long description of the virtual server |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| labels | workloads_post/properties/labels | false | none | Assigned labels |
| service | object | false | none | URI of associated service |
| » href | string | true* | none | Service URI |
| providers | [oneOf] | false | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» label | object | true* | none | none |
| »»» href | string | true* | none | Label URI |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | object | false | none | none |
| »»» workload | object | true* | none | none |
| »»»» href | string | true* | none | Workload URI |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» discovered_virtual_server | object | false | none | Corresponding discovered virtual server |
| »»»» href | string | true* | none | Discovered virtual server URI |
| »»» mode | string | false | none | Management mode of the virtual server |
Enumerated Values
| Property | Value |
|---|---|
| mode | unmanaged |
| mode | enforced |
sec_policy_rule_sets_get
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string",
"description": null,
"external_data_set": null,
"external_data_reference": null,
"enabled": true,
"scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"rules": [
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"enabled": true,
"description": null,
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string",
"name": null
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string",
"name": null,
"hostname": null,
"deleted": null
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
],
"unscoped_consumers": true,
"update_type": "create",
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
],
"ip_tables_rules": [
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"enabled": true,
"description": null,
"statements": [
{
"table_name": "nat",
"chain_name": "PREROUTING",
"parameters": "string"
}
],
"actors": [
{
"actors": "string",
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"ip_version": "4"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI of the rule set |
| created_at | string(date-time) | true* | none | Timestamp when this rule set was first created |
| updated_at | string(date-time) | true* | none | Timestamp when this rule set was last updated |
| deleted_at | string,null(date-time) | true* | none | Timestamp when this rule set was deleted |
| created_by | object | false | none | none |
| » href | string | true* | none | User who originally created this rule set |
| updated_by | object | false | none | none |
| » href | string | true* | none | User who last updated this rule set |
| deleted_by | object,null | false | none | none |
| » href | string | true* | none | User who deleted this rule set |
| update_type | sec_policy_virtual_services_get/properties/update_type | false | none | Versioned policy object update type |
| name | string | true* | none | Name (must be unique) |
| description | string,null | true* | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| enabled | boolean | true* | none | Enabled flag |
| scopes | [sec_policy_firewall_settings_get/properties/blocked_connection_reject_scopes/items] | true* | none | Rule set scopes |
| rules | [object] | false | none | Array of rules in this rule set |
| » href | string | false | none | URI of object |
| » created_at | string(date-time) | false | none | Timestamp when this rule set was first created |
| » updated_at | string(date-time) | false | none | Timestamp when this rule set was last updated |
| » deleted_at | string,null(date-time) | false | none | Timestamp when this rule set was deleted |
| » created_by | object | false | none | none |
| »» href | string | true* | none | User who originally created this rule set |
| » updated_by | object | false | none | none |
| »» href | string | true* | none | User who last updated this rule set |
| » deleted_by | object,null | false | none | none |
| »» href | string | true* | none | User who deleted this rule set |
| » enabled | boolean | true* | none | Enabled flag |
| » description | string,null | false | none | Description |
| » external_data_set | string,null | false | none | External data set identifier |
| » external_data_reference | string,null | false | none | External data reference identifier |
| » ingress_services | sec_policy_enforcement_boundaries_get/properties/ingress_services | true* | none | Array of service URI and port/protocol combinations |
| » resolve_labels_as | sec_policy_rule_sets_put/properties/rules/items/properties/resolve_labels_as | true* | none | none |
| » sec_connect | boolean | false | none | Whether a secure connection is established |
| » stateless | boolean | false | none | Whether packet filtering is stateless for the rule |
| » machine_auth | boolean | false | none | Whether machine authentication is enabled |
| » providers | sec_policy_rule_sets_sec_rules_get/properties/providers | true* | none | Providers |
| » consumers | sec_policy_rule_sets_sec_rules_get/properties/consumers | true* | none | Consumers |
| » consuming_security_principals | sec_policy_rule_sets_sec_rules_get/properties/consuming_security_principals | false | none | Hrefs of consuming security principals |
| » unscoped_consumers | boolean | false | none | Set the scope for rule consumers to All |
| » update_type | sec_policy_virtual_services_get/properties/update_type | false | none | Versioned policy object update type |
| » network_type | sec_policy_rule_sets_put/properties/rules/items/properties/network_type | false | none | Network types that this rule should apply to. |
| » use_workload_subnets | sec_policy_rule_sets_put/properties/rules/items/properties/use_workload_subnets | false | none | Whether to use workload subnets instead of IP addresses for the providers/consumers |
| ip_tables_rules | [object] | false | none | Array of iptables rules in this rule set |
| » href | string | true* | none | URI of object |
| » created_at | string(date-time) | false | none | Timestamp when this rule set was first created |
| » updated_at | string(date-time) | false | none | Timestamp when this rule set was last updated |
| » deleted_at | string,null(date-time) | false | none | Timestamp when this rule set was deleted |
| » created_by | object | false | none | none |
| »» href | string | true* | none | User who originally created this rule set |
| » updated_by | object | false | none | none |
| »» href | string | true* | none | User who last updated this rule set |
| » deleted_by | object,null | false | none | none |
| »» href | string | true* | none | User who deleted this rule set |
| » update_type | sec_policy_virtual_services_get/properties/update_type | false | none | Versioned policy object update type |
| » enabled | boolean | true* | none | Enabled flag |
| » description | string,null | false | none | Description |
| » statements | [sec_policy_rule_sets_put/properties/ip_tables_rules/items/properties/statements/items] | true* | none | list of the iptables statements in this rule |
| » actors | [object] | true* | none | none |
| »» actors | string | false | none | Rule Actors are all workloads ('ams') |
| »» label | sec_policy_virtual_services_get/properties/labels/items | false | none | none |
| »» label_group | object | false | none | none |
| »»» href | string | true* | none | Label group URI |
| »» workload | object | false | none | none |
| »»» href | string | true* | none | Workload URI |
| »» ip_version | string | true* | none | IP version for the rules to be applied to |
Enumerated Values
| Property | Value |
|---|---|
| ip_version | 4 |
| ip_version | 6 |
sec_policy_rule_sets_post
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"enabled": true,
"scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"rules": [
{
"enabled": true,
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string"
}
],
"unscoped_consumers": true,
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
],
"ip_tables_rules": [
{
"enabled": true,
"description": "string",
"statements": [
{
"table_name": "nat",
"chain_name": "PREROUTING",
"parameters": "string"
}
],
"actors": [
{
"actors": "string",
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"ip_version": "4"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | Name (must be unique) |
| description | string | false | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| enabled | boolean | false | none | Enabled flag |
| scopes | [sec_policy_firewall_settings_put/properties/blocked_connection_reject_scopes/items] | true* | none | Rule set scopes |
| rules | [object] | false | none | Array of sec rules (access rules) in this rule set |
| » enabled | boolean | true* | none | Enabled flag |
| » description | string | false | none | Description |
| » external_data_set | string,null | false | none | External data set identifier |
| » external_data_reference | string,null | false | none | External data reference identifier |
| » ingress_services | sec_policy_enforcement_boundaries_get/properties/ingress_services | true* | none | Array of service URI and port/protocol combinations |
| » resolve_labels_as | sec_policy_rule_sets_put/properties/rules/items/properties/resolve_labels_as | true* | none | none |
| » sec_connect | boolean | false | none | Whether a secure connection is established |
| » stateless | boolean | false | none | Whether packet filtering is stateless for the rule |
| » machine_auth | boolean | false | none | Whether machine authentication is enabled |
| » providers | sec_policy_rule_sets_put/properties/rules/items/properties/providers | true* | none | Providers |
| » consumers | sec_policy_rule_sets_put/properties/rules/items/properties/consumers | true* | none | Consumers |
| » consuming_security_principals | sec_policy_rule_sets_put/properties/rules/items/properties/consuming_security_principals | false | none | Hrefs of consuming security principals |
| » unscoped_consumers | boolean | false | none | Set the scope for rule consumers to All |
| » network_type | sec_policy_rule_sets_put/properties/rules/items/properties/network_type | false | none | Network types that this rule should apply to. |
| » use_workload_subnets | sec_policy_rule_sets_put/properties/rules/items/properties/use_workload_subnets | false | none | Whether to use workload subnets instead of IP addresses for the providers/consumers |
| ip_tables_rules | [object] | false | none | Array of custom iptables rules in this rule set |
| » enabled | boolean | true* | none | Enabled flag |
| » description | string | false | none | Description |
| » statements | [sec_policy_rule_sets_put/properties/ip_tables_rules/items/properties/statements/items] | true* | none | list of the iptables statements in this rule |
| » actors | sec_policy_rule_sets_put/properties/ip_tables_rules/items/properties/actors | true* | none | none |
| » ip_version | string | true* | none | IP version for the rules to be applied to |
Enumerated Values
| Property | Value |
|---|---|
| ip_version | 4 |
| ip_version | 6 |
sec_policy_rule_sets_put
{
"name": "string",
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"enabled": true,
"update_type": "create",
"scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"rules": [
{}
],
"ip_tables_rules": [
{}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | Name (must be unique) |
| description | string | false | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| enabled | boolean | false | none | Enabled flag |
| update_type | string | false | none | Type of update |
| scopes | sec_policy_rule_sets_post/properties/scopes | false | none | Rule set scopes |
| rules | [anyOf] | false | none | Array of rules in this rule set |
| » href | string | false | none | URI of Rule |
| » enabled | boolean | false | none | Enabled flag |
| » description | string | false | none | Description |
| » external_data_set | string,null | false | none | External data set identifier |
| » external_data_reference | string | false | none | External data reference identifier |
| » ingress_services | sec_policy_enforcement_boundaries_get/properties/ingress_services | false | none | Array of service URI and port/protocol combinations |
| » resolve_labels_as | object | false | none | none |
| »» providers | [string] | true* | none | none |
| »» consumers | [string] | true* | none | none |
| » sec_connect | boolean | false | none | Whether a secure connection is established |
| » stateless | boolean | false | none | Whether packet filtering is stateless for the rule |
| » machine_auth | boolean | false | none | Whether machine authentication is enabled |
| » providers | [object] | false | none | Providers |
| »» actors | string | false | none | Rule actors are all workloads ('ams') |
| »» label_dimension | string | false | none | Rule actors that are all workloads with a specific label dimension |
| »» exclusion | boolean | false | none | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| »» label | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| »» label_group | object | false | none | none |
| »»» href | string | true* | none | Label group URI |
| »» workload | object | false | none | none |
| »»» href | string | true* | none | Workload URI |
| »» virtual_service | object | false | none | none |
| »»» href | string | true* | none | Virtual service URI |
| »» virtual_server | object | false | none | none |
| »»» href | string | true* | none | Virtual server URI |
| »» ip_list | object | false | none | URI of associated IP List |
| »»» href | string | true* | none | IP List URI |
| »» consumers | [object] | false | none | Consumers |
| »»» actors | string | false | none | Rule actors are all workloads or container host |
| »»» label_dimension | string | false | none | Rule actors that are all workloads with a specific label dimension |
| »»» exclusion | boolean | false | none | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| »»» label | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| »»» label_group | object | false | none | none |
| »»»» href | string | true* | none | Label group URI |
| »»» workload | object | false | none | none |
| »»»» href | string | true* | none | Workload URI |
| »»» virtual_service | object | false | none | none |
| »»»» href | string | true* | none | Virtual service URI |
| »»» ip_list | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| »» consuming_security_principals | [object] | false | none | Hrefs of consuming security principals |
| »»» href | string | true* | none | URI of security principal |
| »» update_type | string | false | none | Type of update |
| »» unscoped_consumers | boolean | false | none | Set the scope for rule consumers to All |
| »» network_type | string | false | none | Network types that this rule should apply to. |
| »» use_workload_subnets | [string] | false | none | Whether to use workload subnets instead of IP addresses for the providers/consumers |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | object | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | object | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » ip_tables_rules | [anyOf] | false | none | Array of iptables rules in this ruleset |
| »» href | string | false | none | URI of Rule |
| »» enabled | boolean | false | none | Enabled flag |
| »» description | string | false | none | Description |
| »» statements | [object] | false | none | list of the iptables statements in this rule |
| »»» table_name | string | true* | none | name of the iptables table for this rule |
| »»» chain_name | string | true* | none | name of the iptables chain for this rule |
| »»» parameters | string | true* | none | the remainder of the iptables rules (excluding table/chain) |
| »» actors | [object] | false | none | none |
| »»» actors | string | false | none | Rule Actors are all workloads ('ams') |
| »»» label | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| »»» label_group | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| »»» workload | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| »» ip_version | string | false | none | IP version for the rules to be applied to |
| »» update_type | string | false | none | Type of update |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | object | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | object | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| update_type | create |
| update_type | update |
| update_type | delete |
| actors | ams |
| label_dimension | app |
| actors | ams |
| actors | container_host |
| label_dimension | app |
| update_type | create |
| update_type | update |
| update_type | delete |
| network_type | brn |
| network_type | non_brn |
| network_type | all |
| table_name | nat |
| table_name | mangle |
| table_name | filter |
| chain_name | PREROUTING |
| chain_name | INPUT |
| chain_name | OUTPUT |
| chain_name | FORWARD |
| chain_name | POSTROUTING |
| ip_version | 4 |
| ip_version | 6 |
| update_type | create |
| update_type | update |
| update_type | delete |
container_clusters_container_workload_profiles_get
{
"href": "string",
"name": null,
"namespace": null,
"description": "string",
"assign_labels": [
{
"href": "string"
}
],
"labels": [
{
"key": "string",
"assignment": {
"href": "string",
"value": "string"
}
}
],
"enforcement_mode": "idle",
"managed": true,
"linked": true,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"updated_at": "2025-04-01T00:21:27Z"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI of the container workload profile |
| name | string,null | false | none | A friendly name given to a profile if the namespace is not user friendly |
| namespace | string,null | false | none | Namespace name |
| description | string | false | none | Description of the profile |
| assign_labels | sec_policy_virtual_services_post/properties/labels | false | none | Assigned labels |
| labels | [oneOf] | false | none | Labels to assign to the workload that matches the namespace |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» key | string | true* | none | The label key |
| »» assignment | object | true* | none | The label href to set |
| »»» href | string | true* | none | Label URI |
| »»» value | string | false | none | Label Name |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | object | false | none | none |
| »»» key | string | true* | none | The label key |
| »»» restriction | [object] | true* | none | The list of allowed label hrefs |
| »»»» href | string | true* | none | Label URI |
| »»»» value | string | false | none | Label Name |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» enforcement_mode | string | false | none | Workload enforcement mode |
| »»» managed | boolean | false | none | If the namespace is managed or not |
| »»» linked | boolean | false | none | True if the namespace exists in the cluster and is reported by kubelink |
| »»» created_at | string(date-time) | false | none | Time stamp when this profile was created |
| »»» created_by | object | false | none | none |
| »»»» href | string | true* | none | User who originally created this profile |
| »»» updated_by | object | false | none | none |
| »»»» href | string | true* | none | User who last updated this profile |
| »»» updated_at | string(date-time) | false | none | Time stamp when this profile was updated |
Enumerated Values
| Property | Value |
|---|---|
| enforcement_mode | idle |
| enforcement_mode | visibility_only |
| enforcement_mode | full |
| enforcement_mode | selective |
container_clusters_container_workload_profiles_post
{
"name": null,
"description": "string",
"assign_labels": [
{
"href": "string"
}
],
"labels": [
{
"key": "string",
"assignment": {
"href": "string"
}
}
],
"enforcement_mode": "idle",
"managed": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string,null | true* | none | A friendly name given to a profile if the namespace is not user friendly |
| description | string | false | none | Description of the profile |
| assign_labels | sec_policy_virtual_services_post/properties/labels | false | none | Assigned labels |
| labels | [oneOf] | false | none | Labels to assign to the workload that matches the namespace |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» key | string | true* | none | The label key |
| »» assignment | object | true* | none | The label href to set |
| »»» href | string | true* | none | Label URI |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | object | false | none | none |
| »»» key | string | true* | none | The label key |
| »»» restriction | [object] | true* | none | The list of allowed label hrefs |
| »»»» href | string | true* | none | Label URI |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| »»» managed | boolean | false | none | If the namespace is managed or not |
container_clusters_container_workload_profiles_update_put
{
"container_workload_profiles": [
{
"href": "string"
}
],
"labels": [
{
"key": "string",
"assignment": {
"href": "string"
}
}
],
"enforcement_mode": "idle",
"managed": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| container_workload_profiles | [object] | false | none | List of Container Workload Profile hrefs |
| » href | string | true* | none | Container Workload Profile URI |
| labels | [container_clusters_container_workload_profiles_post/properties/labels/items] | false | none | Labels to assign to the workload that matches the namespace |
| enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| managed | boolean | false | none | If the namespace is managed or not |
container_clusters_container_workload_profiles_put
{
"name": null,
"description": null,
"assign_labels": [
{
"href": "string"
}
],
"labels": [
{
"key": "string",
"assignment": {
"href": "string"
}
}
],
"enforcement_mode": "idle",
"managed": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string,null | false | none | A friendly name given to a profile if the namespace is not user friendly |
| description | string,null | false | none | Description of the profile |
| assign_labels | sec_policy_virtual_services_post/properties/labels | false | none | Assigned labels |
| labels | [container_clusters_container_workload_profiles_post/properties/labels/items] | false | none | Labels to assign to the workload that matches the namespace |
| enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| managed | boolean | false | none | If the namespace is managed or not |
container_clusters_get
{
"href": "string",
"name": "string",
"description": "string",
"nodes": [
{
"pod_subnet": "string"
}
],
"container_runtime": "string",
"manager_type": "string",
"last_connected": "2025-04-01T00:21:27Z",
"online": true,
"errors": [
{
"audit_event": {
"href": "string"
},
"duplicate_ids": [],
"error_type": "string"
}
],
"kubelink_version": "string",
"pce_fqdn": "string",
"cluster_mode": "legacy",
"datacenter_nat_1to1": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI of container cluster |
| name | string | false | none | User assigned name of the cluster |
| description | string | false | none | User assigned description of the cluster |
| nodes | [object] | false | none | none |
| » pod_subnet | string | false | none | Pod Subnet |
| container_runtime | string | false | none | The Container Runtime used in this cluster |
| manager_type | string | false | none | Manager for this cluster (and version) |
| last_connected | string(date-time) | false | none | none |
| online | boolean | false | none | none |
| errors | [object] | false | none | none |
| » audit_event | object | false | none | none |
| »» href | string | false | none | none |
| » duplicate_ids | array | false | none | none |
| » error_type | string | true* | none | none |
| kubelink_version | string | false | none | Kubelink software version string |
| pce_fqdn | string | false | none | PCE FQDN for this container cluster. Used in Supercluster only |
| cluster_mode | string | false | none | Cluster mode of Container Cluster |
| datacenter_nat_1to1 | boolean | false | none | Datacenter NAT 1to1 mode ON. Used for enforcing creation of pseudo public interfaces on nodes |
container_clusters_post
{
"name": "string",
"description": "string",
"datacenter_nat_1to1": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | User assigned name of the cluster |
| description | string | false | none | User assigned description of the cluster |
| datacenter_nat_1to1 | boolean | false | none | Datacenter NAT 1to1 mode ON. Used for enforcing creation of pseudo public interfaces on nodes |
container_clusters_put
{
"name": "string",
"description": "string",
"datacenter_nat_1to1": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | User assigned name of the cluster |
| description | string | false | none | User assigned description of the cluster |
| datacenter_nat_1to1 | boolean | false | none | Datacenter NAT 1to1 mode ON. Used for enforcing creation of pseudo public interfaces on nodes |
container_clusters_service_backends_get
[
{
"name": "string",
"kind": "string",
"namespace": "string",
"updated_at": "string",
"created_at": "string",
"virtual_services": {
"href": "string",
"name": "string"
}
}
]
The Backend Services associated with Container Clusters
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | The name of the Container Cluster Backend |
| kind | string | true* | none | The type (or kind) of Container Cluster Backend |
| namespace | string | false | none | The namespace of the Container Cluster Backend |
| updated_at | string | true* | none | The time (rfc339 timestamp) at which the Container Cluster Backend was last updated |
| created_at | string | true* | none | The time (rfc339 timestamp) in which the Container Cluster Backend was created |
| virtual_services | object | true* | none | none |
| » href | string | true* | none | The URI to the associated virtual service |
| » name | string | true* | none | The name of virtual service |
vens_get
{
"href": "string",
"name": null,
"description": null,
"hostname": "string",
"uid": null,
"os_id": null,
"os_detail": null,
"os_platform": null,
"version": "string",
"status": "string",
"activation_type": "string",
"active_pce_fqdn": null,
"target_pce_fqdn": null,
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"interfaces": [
{
"name": "string",
"link_state": null,
"address": "string",
"cidr_block": null,
"default_gateway_address": null,
"network": {
"href": "string",
"name": null
},
"network_detection_mode": null,
"friendly_name": null,
"href": "string"
}
],
"workloads": [
{
"href": "string",
"name": null,
"managed": true,
"hostname": null,
"instance_id": null,
"data_center": null,
"data_center_zone": null,
"service_principal_name": null,
"os_id": null,
"os_detail": null,
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"public_ip": null,
"interfaces": [
{
"name": "string",
"link_state": null,
"address": "string",
"cidr_block": null,
"default_gateway_address": null,
"network": {
"href": "string",
"name": null
},
"network_detection_mode": null,
"friendly_name": null,
"href": "string"
}
],
"security_policy_applied_at": null,
"security_policy_received_at": null,
"security_policy_sync_state": "string",
"log_traffic": true,
"mode": "idle",
"enforcement_mode": "idle",
"visibility_level": "string",
"online": true
}
],
"container_cluster": null,
"secure_connect": null,
"last_heartbeat_at": null,
"last_goodbye_at": null,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"href": "string"
},
"conditions": [
{
"first_reported_timestamp": "2025-04-01T00:21:27Z",
"latest_event": {
"notification_type": "string",
"severity": "err",
"href": "string",
"info": {},
"timestamp": "2025-04-01T00:21:27Z"
}
}
],
"authentication_recovery": true,
"caps": [
"string"
],
"ven_type": "server",
"upgrade_expires_at": null,
"upgrade_target_version": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI of VEN |
| name | string,null | false | none | Friendly name for the VEN |
| description | string,null | false | none | The description of the VEN |
| hostname | string | true* | none | The hostname of the host managed by the VEN |
| uid | string,null | false | none | The unique ID of the host managed by the VEN |
| os_id | string,null | false | none | OS identifier of the host managed by the VEN |
| os_detail | string,null | false | none | Additional OS details from the host managed by the VEN |
| os_platform | string,null | false | none | OS platform of the host managed by the VEN |
| version | string | false | none | Software version of the VEN |
| status | string | false | none | Status of the VEN |
| activation_type | string | false | none | The method by which the VEN was activated |
| active_pce_fqdn | string,null | false | none | The FQDN of the PCE that the VEN last connected to |
| target_pce_fqdn | string,null | false | none | The FQDN of the PCE that the VEN will use for future connections |
| labels | [object] | false | none | Labels assigned to the host managed by the VEN. |
| » href | string | true* | none | Label URI |
| » key | string | false | none | Key of the label, only present in expanded representations. |
| » value | string | false | none | Value of the label, only present in expanded representations. |
| interfaces | [workloads_get/properties/interfaces] | false | none | Network interfaces of the host managed by the VEN. |
| workloads | [object] | false | none | none |
| » href | string | true* | none | Workload URI |
| » name | string,null | false | none | The short friendly name of the workload, only present in expanded representations. |
| » managed | boolean | false | none | True if the workload is managed, else false |
| » hostname | string,null | false | none | The hostname of the workload, only present in expanded representations. |
| » instance_id | string,null | false | none | Instance identifier for the host |
| » data_center | string,null | false | none | Data center |
| » data_center_zone | string,null | false | none | Data center zone |
| » service_principal_name | string,null | false | none | The Kerberos Service Principal Name (SPN) |
| » os_id | string,null | false | none | OS identifier for the workload, only present in expanded representations. |
| » os_detail | string,null | false | none | Additional OS details, only present in expanded representations. |
| » labels | [object] | false | none | Labels assigned to the workload., only present in expanded representations. |
| »» href | string | false | none | Label URI |
| »» key | string | false | none | Key of the label |
| »» value | string | false | none | Value of the label |
| » public_ip | string,null | false | none | The public IP of the server, only present in expanded representations. |
| » interfaces | [workloads_get/properties/interfaces] | false | none | Network interfaces of the workload, only present in expanded representations. |
| » security_policy_applied_at | string,null(date-time) | false | none | Last reported time when policy was applied to the workload (UTC), only present in expanded representations. |
| » security_policy_received_at | string,null(date-time) | false | none | Last reported time when policy was received by the workload (UTC), only present in expanded representations. |
| » security_policy_sync_state | string | false | none | Current state of security policy |
| » log_traffic | boolean | false | none | DEPRECATED AND REMOVED. True if we want to log traffic events from this workload, only present in expanded representations. |
| » mode | pairing_profiles_get/properties/mode | false | none | DEPRECATED AND REPLACED (Use enforcement_mode instead) |
| » enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| » visibility_level | string | false | none | Visibility level of the workload, only present in expanded representations. |
| » online | boolean | false | none | If this workload is online and present in policy, only present in expanded representations. |
| container_cluster | object,null | false | none | none |
| » href | string | true* | none | The URI of the container cluster managed by this VEN |
| » name | string | false | none | The name of the container cluster managed by this VEN, only present in expanded representations. |
| secure_connect | object,null | false | none | none |
| » matching_issuer_name | string | false | none | Issuer name match criteria for certificate used during establishing secure connections. |
| last_heartbeat_at | string,null(date-time) | false | none | The last time (rfc3339 timestamp) a heartbeat was received from this VEN |
| last_goodbye_at | string,null(date-time) | false | none | The time (rfc3339 timestamp) of the last goodbye from the VEN |
| created_at | string(date-time) | false | none | The time (rfc3339 timestamp) at which this VEN was created |
| created_by | object | false | none | none |
| » href | string | true* | none | The URI of the user who created this VEN |
| updated_at | string(date-time) | false | none | The time (rfc3339 timestamp) at which this VEN was last updated |
| updated_by | object | false | none | none |
| » href | string | true* | none | The URI of the user who last updated this VEN |
| conditions | [object] | false | none | Resource errors. If there are no errors or warnings, then the array value will be empty. |
| » first_reported_timestamp | string(date-time) | false | none | The timestamp of the first event that reported this condition. |
| » latest_event | object | false | none | The latest notification event that was generated for the corresponding condition |
| »» notification_type | string | false | none | The notification_type of the event |
| »» severity | string | false | none | Severity of the condition, same as the event |
| »» href | string | false | none | The href of the event |
| »» info | object | false | none | The information from the notification event that was generated by the condition. |
| »» timestamp | string(date-time) | false | none | RFC 3339 timestamp at which this event was created |
| » authentication_recovery | boolean | false | none | Specifies if the VEN is in authentication recovery |
| » caps | [string] | false | none | Permission types |
| » ven_type | workloads_get/properties/ven/properties/ven_type | false | none | VEN type |
| » upgrade_expires_at | string,null(date-time) | false | none | The time (rfc3339 timestamp) at which the PCE stops attempting VEN upgrade |
| » upgrade_target_version | string,null | false | none | The software release to upgrade to. |
Enumerated Values
| Property | Value |
|---|---|
| severity | err |
| severity | warning |
vens_unpair_put
{
"vens": [
{
"href": "string"
}
],
"firewall_restore": "default"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| vens | [object] | true* | none | VENs to unpair |
| » href | string | true* | none | URI of VEN to unpair |
| firewall_restore | string | false | none | The strategy to use to restore the firewall state after the VEN is uninstalled. |
Enumerated Values
| Property | Value |
|---|---|
| firewall_restore | saved |
| firewall_restore | default |
| firewall_restore | disable |
vens_upgrade_put
{
"release": "string",
"vens": [
{
"href": "string"
}
],
"upgrade_timeout_seconds": 900
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| release | string | true* | none | The software release to upgrade to. |
| vens | [object] | true* | none | An array of VENs to upgrade |
| » href | string | true* | none | VEN URI |
| upgrade_timeout_seconds | integer | false | none | Number of seconds during which the PCE tries to trigger the agent upgrade. |
vens_remote_action_put
{
"action": "restart",
"vens": [
{
"href": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| action | string | true* | none | Remote action type |
| vens | [object] | true* | none | An array of VENs to restart |
| » href | string | true* | none | VEN URI |
Enumerated Values
| Property | Value |
|---|---|
| action | restart |
vens_authentication_recovery_put
{
"vens": [
{
"href": "string"
}
],
"recovery_enabled": false,
"recovery_duration_seconds": 3600
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| vens | [object] | true* | none | List of VENs to be put in or out of recovery |
| » href | string | true* | none | URI of the VEN |
| recovery_enabled | boolean | true* | none | Enable/disable recovery for the VENs |
| recovery_duration_seconds | integer | true* | none | Put the VENs in recovery for the specified duration in seconds |
vens_statistics_post
{
"property_counts": [
{
"property": "status",
"values": [
"string"
],
"filters": [
{
"filter_property": "status",
"values": [
"string"
]
}
]
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| property_counts | [object] | true* | none | none |
| » property | string | true* | none | none |
| » values | [string] | false | none | none |
| » filters | [object] | false | none | none |
| »» filter_property | string | true* | none | none |
| »» values | [string] | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| property | status |
| property | version |
| property | health |
| property | condition |
| property | os_id |
| property | enforcement_mode |
| property | ven_type |
| filter_property | status |
| filter_property | version |
| filter_property | health |
| filter_property | condition |
| filter_property | os_id |
| filter_property | enforcement_mode |
| filter_property | ven_type |
vens_put
{
"target_pce_fqdn": "string",
"name": null,
"description": null,
"status": "active"
}
Update a VEN's name, description, or target PCE.
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| target_pce_fqdn | string | false | none | cluster FQDN for target PCE |
| name | string,null | false | none | Friendly name of the VEN |
| description | string,null | false | none | Description of the VEN |
| status | string | false | none | VEN Status |
Enumerated Values
| Property | Value |
|---|---|
| status | active |
| status | suspended |
orgs_permissions_get
[
{
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
],
"auth_security_principal": {
"href": "string"
},
"href": "string"
}
]
The list of the auth_security_principals in this org
Properties
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | orgs_permissions_post/allOf/0 | false | none | Permission granted |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » href | string | true* | none | URI of permission |
orgs_permissions_post
{
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
],
"auth_security_principal": {
"href": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| role | orgs_permissions_put/properties/role | true* | none | none |
| scope | orgs_permissions_put/properties/scope | true* | none | none |
| auth_security_principal | orgs_permissions_put/properties/auth_security_principal | true* | none | none |
orgs_permissions_put
{}
The details of the permission to edit
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| role | object | false | none | none |
| » href | string | true* | none | URI of Role |
| scope | [object] | false | none | none |
| » label | object | false | none | none |
| »» href | string | true* | none | Label URI |
| »» key | string | false | none | Label type |
| »» value | string | false | none | Label name |
| » label_group | object | false | none | none |
| »» href | string | true* | none | Label group URI |
| »» key | string | false | none | Label group type |
| »» name | string | false | none | Label group name |
| » auth_security_principal | object | false | none | none |
| »» href | string | true* | none | URI of auth_security_principal |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
slbs_post
{
"name": "string",
"description": "string",
"nfc": {
"href": "string"
},
"network_enforcement_node": {
"href": "string"
},
"device_type": "string",
"devices": [
{
"config": {
"host": "string",
"port": 0,
"credential_type": "password",
"username": "string",
"credential": null,
"check_certificate": true
}
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | The short friendly name of the server load balancer |
| description | string | false | none | The long description of the server load balancer |
| nfc | object | false | none | DEPRECATED AND REPLACED (USE 'network_enforcement_node' INSTEAD) Network Function Controller that should manage this SLB. Can be skipped if there exists only 1 NFC in the system, or if there are no NFCs, in which case, the server would auto-deploy an NFC to manage the new SLB (and any SLBs created thereafter). Cannot be used along with network_enforcement_node |
| » href | string | true* | none | NFC URI |
| network_enforcement_node | object | false | none | Network enforcement node that should manage this SLB. Can be skipped if there exists only 1 NEN in the system, or if there are no NENs, in which case, the server would auto-deploy an NEN to manage the new SLB (and any SLBs created thereafter). Cannot be used along with nfc |
| » href | string | true* | none | Network enforcement node URI |
| device_type | string | true* | none | Device type of the server load balancer |
| devices | [object] | true* | none | Management configuration of the devices associated with this SLB Network VF. |
| » config | object | true* | none | Management configuration info for the SLB device. |
| »» host | string | false | none | The IP or fqdn of the device |
| »» port | integer | false | none | Host port |
| »» credential_type | string | false | none | Type of the credentials |
| »» username | string | false | none | username for credential |
| »» credential | string,null | false | none | credential |
| »» check_certificate | boolean | false | none | Whether enforce peer certificate verify |
Enumerated Values
| Property | Value |
|---|---|
| credential_type | password |
slbs_get
{
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"devices": [
{
"href": "string",
"config": {
"host": "string",
"port": 0,
"credential_type": "password",
"username": "string",
"credential": null,
"check_certificate": true
},
"status": {
"connection_state": "pending",
"software_version": "string",
"sync_state": "in_sync"
}
}
]
}
Update info about a change tracked resource in the system.
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| created_at | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this resource was created |
| updated_at | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this resource was last updated |
| created_by | object | true* | none | none |
| » href | string | true* | none | The URI of the user who created this resource |
| updated_by | object | true* | none | none |
| » href | string | true* | none | The URI of the user who last updated this resource |
| devices | array | false | none | none |
| » href | string | true* | none | URI of the managed SLB device. |
| » config | slbs_post/properties/devices/items/properties/config | true* | none | Management configuration info for the SLB device. |
| » status | object | false | none | The current status of the SLB device. |
| »» connection_state | string | true* | none | Status of most recent connection to the SLB device |
| »» software_version | string | false | none | Software version reported by the SLB device |
| »» sync_state | string | false | none | Sync-state of the SLB device if it is part of an HA group. |
Enumerated Values
| Property | Value |
|---|---|
| connection_state | pending |
| connection_state | successful |
| connection_state | cannot_resolve |
| connection_state | cannot_connect |
| connection_state | bad_credentials |
| connection_state | bad_certificate |
| connection_state | bad_request |
| connection_state | dup_device |
| sync_state | in_sync |
| sync_state | not_sync |
slbs_put
{
"name": "string",
"description": "string",
"nfc": {
"href": "string"
},
"network_enforcement_node": {
"href": "string"
},
"device_type": "string",
"devices": [
{
"href": "string",
"config": {
"host": "string",
"port": 0,
"credential_type": "password",
"username": "string",
"credential": null,
"check_certificate": true
}
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | The short friendly name of the server load balancer |
| description | string | false | none | The long description of the server load balancer |
| nfc | object | false | none | DEPRECATED AND REPLACED (USE 'network_enforcement_node' INSTEAD) Network function controller managing this SLB |
| » href | string | true* | none | NFC URI |
| network_enforcement_node | object | false | none | Network enforcement node managing this SLB |
| » href | string | true* | none | Network enforcement node URI |
| device_type | slbs_post/properties/device_type | false | none | Device type of the server load balancer |
| devices | [object] | false | none | Management configuration of the devices associated with this SLB Network VF. |
| » href | string | true* | none | SLB device URI. |
| » config | slbs_post/properties/devices/items/properties/config | false | none | Management configuration info for the SLB device. |
discovered_virtual_servers_get
{
"href": "string",
"dvs_identifier": "string",
"name": "string",
"vip_port": {
"vip": "192.168.0.1",
"protocol": 0,
"port": "string"
},
"local_ips": [
"192.168.0.1"
],
"mode": "string",
"slb": {
"href": "string"
},
"snat_type": "string",
"snat_pool_ips": [
"192.168.0.1"
],
"service_checks": [
{
"protocol": 0,
"port": 0
}
],
"nfc": {
"href": "string"
},
"network_enforcement_node": {
"href": "string"
},
"virtual_server": null,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | href of discovered virtual server |
| dvs_identifier | string | true* | none | NFC-generated unique identifier for discovered virtual server |
| name | string | true* | none | Configured name of virtual server |
| vip_port | sec_policy_virtual_servers_get/properties/discovered_virtual_server/properties/vip_port | true* | none | none |
| local_ips | [string] | true* | none | Local IPs of virtual server |
| mode | string | true* | none | Virtual server mode of operation |
| slb | sec_policy_virtual_servers_get/properties/created_by | true* | none | none |
| snat_type | string | false | none | SNAT source ip type |
| snat_pool_ips | [string] | false | none | NAT source IPs of virtual server |
| service_checks | [object] | true* | none | none |
| » protocol | integer | true* | none | none |
| » port | integer | false | none | Service check port. Only present when protocol is 6 (tcp) or 17 (udp). |
| nfc | sec_policy_virtual_servers_get/properties/created_by | true* | none | none |
| network_enforcement_node | sec_policy_virtual_servers_get/properties/created_by | true* | none | none |
| virtual_server | object,null | false | none | The virtual server policy object corresponding to this discovered virtual server |
| » href | string | true* | none | href of virtual server |
| » update_type | sec_policy_virtual_services_get/properties/update_type | true* | none | Versioned policy object update type |
| » mode | string | true* | none | enforcement mode of virtual server |
| » labels | [object] | true* | none | labels for virtual server |
| »» href | string | true* | none | href of label |
| »» key | string | true* | none | key in key-value pair |
| »» value | string | true* | none | value in key-value pair |
| » created_at | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this server load balancer was created |
| » updated_at | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this server load balancer was last updated |
| » created_by | sec_policy_virtual_servers_get/properties/created_by | true* | none | none |
| » updated_by | sec_policy_virtual_servers_get/properties/created_by | true* | none | none |
service_accounts_post
{
"name": "string",
"description": "string",
"access_restriction": null,
"permissions": [
{
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
}
],
"api_key": {
"expires_in_seconds": "default"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | Name of the service_account |
| description | string | false | none | The description of the service_account |
| access_restriction | object,null | false | none | Access restriction assigned to the keys created under this service_account |
| » href | string | true* | none | Access restriction URI |
| permissions | [object] | true* | none | The list of permissions |
| » role | orgs_permissions_put/properties/role | true* | none | none |
| » scope | orgs_permissions_put/properties/scope | true* | none | none |
| api_key | object | true* | none | none |
| » expires_in_seconds | any | true* | none | Validity of the api_key, in seconds |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | string | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | integer | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| anonymous | default |
service_accounts_get
{
"name": "string",
"description": "string",
"access_restriction": null,
"permissions": [
{
"href": "string",
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
}
],
"href": "string",
"api_keys": [
{
"key_id": "string",
"auth_username": "string",
"name": null,
"description": "string",
"state": "string",
"expires_in_seconds": 0,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"last_login_on": "2025-04-01T00:21:27Z",
"account": {
"href": "string",
"type": "string",
"name": "string",
"access_restriction": null,
"permissions": [
{
"href": "string",
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
}
]
},
"href": "string"
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | Service account name |
| description | string | false | none | Description of the service_account |
| access_restriction | object,null | false | none | Access restriction assigned to the api_keys under this service_account |
| » href | string | true* | none | Access restriction URI |
| permissions | [object] | true* | none | List of permissions |
| » href | string | false | none | URI of the permission entity |
| » role | orgs_permissions_put/properties/role | true* | none | none |
| » scope | orgs_permissions_put/properties/scope | true* | none | none |
| href | string | true* | none | URI of service_account |
| api_keys | [object] | true* | none | List of associated api_keys |
| » key_id | string | true* | none | The key ID |
| » auth_username | string | true* | none | Username required for authentication |
| » name | string,null | true* | none | The key name - just a label to be used |
| » description | string | false | none | The description of the key |
| » state | string | false | none | State of the api_key |
| » expires_in_seconds | integer | false | none | Validity of the api_key in seconds |
| » created_at | string(date-time) | true* | none | Timestamp when this key was first created (RFC 3339) |
| » created_by | object | false | none | none |
| »» href | string | true* | none | User who originally created this api key |
| » last_login_on | string(date-time) | false | none | Timestamp when this key was last used |
| » account | object | false | none | none |
| »» href | string | true* | none | Associated identity |
| »» type | string | true* | none | Type of account |
| »» name | string | true* | none | Name of the account |
| »» access_restriction | object,null | false | none | Access restriction assigned to the api_keys under this service_account |
| »»» href | string | true* | none | Access restriction URI |
| »» permissions | [object] | false | none | List of permissions |
| »»» href | string | false | none | URI of the permission entity |
| »»» role | orgs_permissions_put/properties/role | true* | none | none |
| »»» scope | orgs_permissions_put/properties/scope | true* | none | none |
| »» href | string | true* | none | URI of the key |
| » created_at | string(date-time) | true* | none | Timestamp when this service account was first created (RFC 3339) |
| » updated_at | string(date-time) | true* | none | Timestamp when this service account was last updated |
| » created_by | object | true* | none | none |
| »» href | string | true* | none | User who originally created this service account |
| » updated_by | object | true* | none | none |
| »» href | string | true* | none | User who last updated this service account |
service_accounts_put
{
"name": "string",
"description": "string",
"access_restriction": null,
"permissions": [
{
"href": "string",
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | Service account name |
| description | string | false | none | Description of the service_account |
| access_restriction | object,null | false | none | Access restriction assigned to the keys created under this service_account |
| » href | string | true* | none | Access restriction URI |
| permissions | [object] | false | none | List of permissions |
| » href | string | false | none | URI of the permission entity |
| » role | orgs_permissions_put/properties/role | true* | none | none |
| » scope | orgs_permissions_put/properties/scope | true* | none | none |
kubernetes_workloads_get
{
"href": "string",
"name": "string",
"namespace": "string",
"kind": "string",
"labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"enforcement_mode": "idle",
"visibility_level": "flow_summary",
"container_workload_profile": {
"href": "string",
"name": null,
"namespace": null,
"description": "string",
"assign_labels": [
{
"href": "string"
}
],
"labels": [
{
"key": "string",
"assignment": {
"href": "string",
"value": "string"
}
}
],
"enforcement_mode": "idle",
"managed": true,
"linked": true,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"updated_at": "2025-04-01T00:21:27Z"
},
"container_cluster": {
"href": "string",
"name": "string",
"description": "string",
"nodes": [
{
"pod_subnet": "string"
}
],
"container_runtime": "string",
"manager_type": "string",
"last_connected": "2025-04-01T00:21:27Z",
"online": true,
"errors": [
{
"audit_event": {
"href": "string"
},
"duplicate_ids": [],
"error_type": "string"
}
],
"kubelink_version": "string",
"pce_fqdn": "string",
"cluster_mode": "legacy",
"datacenter_nat_1to1": true
},
"security_policy_applied_at": null,
"security_policy_sync_state": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"metadata": {
"labels": {},
"annotations": {},
"external_service_uid": "string"
},
"private_ip_addresses": [
"2001:0db8:85a3:0000:0000:8a2e:0370:7334"
],
"container_cluster_service": {}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI of the kubernetes workload |
| name | string | true* | none | Container workload name |
| namespace | string | true* | none | k8s namespace where this k8s Workload belongs to |
| kind | string | true* | none | k8s resource kind, e.g. Deployment |
| labels | [sec_policy_virtual_services_get/properties/labels/items] | false | none | none |
| enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| visibility_level | pairing_profiles_get/properties/visibility_level/oneOf/0 | false | none | Visibility level of the workload |
| container_workload_profile | object | false | none | none |
| » href | string | false | none | URI of the container workload profile |
| » name | string,null | false | none | A friendly name given to a profile if the namespace is not user friendly |
| » namespace | string,null | false | none | Namespace name |
| » description | string | false | none | Description of the profile |
| » assign_labels | sec_policy_virtual_services_post/properties/labels | false | none | DEPRECATED: Labels to assign to the workload that matches the namespace |
| » labels | [oneOf] | false | none | Labels to assign to the workload that matches the namespace |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» anonymous | object | false | none | none |
| »»» key | string | true* | none | The label key |
| »»» assignment | object | true* | none | The label href to set |
| »»»» href | string | true* | none | Label URI |
| »»»» value | string | false | none | Label Name |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | object | false | none | none |
| »»»» key | string | true* | none | The label key |
| »»»» restriction | [object] | true* | none | The list of allowed label hrefs |
| »»»»» href | string | true* | none | Label URI |
| »»»»» value | string | false | none | Label Name |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»» enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| »»»» managed | boolean | false | none | If the namespace is managed or not |
| »»»» linked | boolean | false | none | True if the namespace exists in the cluster and is reported by kubelink |
| »»»» created_at | string(date-time) | false | none | Time stamp when this profile was created |
| »»»» created_by | object | false | none | none |
| »»»»» href | string | true* | none | User who originally created this profile |
| »»»» updated_by | object | false | none | none |
| »»»»» href | string | true* | none | User who last updated this profile |
| »»»» updated_at | string(date-time) | false | none | Time stamp when this profile was updated |
| »»» container_cluster | object | false | none | none |
| »»»» href | string | false | none | URI of container cluster |
| »»»» name | string | false | none | User assigned name of the cluster |
| »»»» description | string | false | none | User assigned description of the cluster |
| »»»» nodes | [object] | false | none | none |
| »»»»» pod_subnet | string | false | none | Pod Subnet |
| »»»» container_runtime | string | false | none | The Container Runtime used in this cluster |
| »»»» manager_type | string | false | none | Manager for this cluster (and version) |
| »»»» last_connected | string(date-time) | false | none | none |
| »»»» online | boolean | false | none | none |
| »»»» errors | [object] | false | none | none |
| »»»»» audit_event | object | false | none | none |
| »»»»»» href | string | false | none | none |
| »»»»» duplicate_ids | array | false | none | none |
| »»»»» error_type | string | true* | none | none |
| »»»» kubelink_version | string | false | none | Kubelink software version string |
| »»»» pce_fqdn | string | false | none | PCE FQDN for this container cluster. Used in Supercluster only |
| »»»» cluster_mode | string | false | none | Cluster mode of Container Cluster |
| »»»» datacenter_nat_1to1 | boolean | false | none | Datacenter NAT 1to1 mode ON. Used for enforcing creation of pseudo public interfaces on nodes |
| »»» security_policy_applied_at | string,null(date-time) | false | none | Last reported time when policy was processed by CLAS to the k8s workload (UTC) |
| »»» security_policy_sync_state | string | false | none | Current state of security policy |
| »»» created_at | string(date-time) | false | none | RFC 3339 timestamp at which this record was created |
| »»» updated_at | string(date-time) | false | none | RFC 3339 timestamp at which this record was updated |
| »»» metadata | object | false | none | k8s object metadata |
| »»»» labels | object | false | none | k8s key/value pairs attached to object that specify identifying attributes |
| »»»» annotations | object | false | none | k8s key/value pairs representing arbitrary non-identifying metadata of object |
| »»»» external_service_uid | string | false | none | k8s object uid of external traffic service (NodePort or LoadBalancer) |
| »»» private_ip_addresses | [vulnerability_reports_put/properties/scanned_ips/items] | false | none | Kubernetes Workload's private Pod IP addresses |
| »»» container_cluster_service | object | false | none | none |
| »»»» href | string | true* | none | URI of the virtual service |
| »»»» created_at | string(date-time) | true* | none | Timestamp when this virtual service was first created |
| »»»» updated_at | string(date-time) | true* | none | Timestamp when this virtual service was last updated |
| »»»» deleted_at | string,null(date-time) | true* | none | Timestamp when this virtual service was deleted |
| »»»» created_by | sec_policy_virtual_services_get/properties/created_by | false | none | User who originally created this virtual service |
| »»»» updated_by | sec_policy_virtual_services_get/properties/created_by | false | none | User who last updated this virtual service |
| »»»» deleted_by | sec_policy_virtual_services_get/properties/created_by | false | none | User who deleted this virtual service |
| »»»» update_type | sec_policy_virtual_services_get/properties/update_type | false | none | Update type for the virtual service |
| »»»» name | string | true* | none | Name |
| »»»» description | string,null | true* | none | Description |
| »»»» pce_fqdn | string,null | false | none | PCE FQDN for this container cluster. Used in Supercluster only |
| »»»» external_data_set | string,null | false | none | External data set identifier |
| »»»» external_data_reference | string,null | false | none | External data reference identifier |
| »»»» labels | [sec_policy_virtual_services_get/properties/labels/items] | true* | none | Virtual service labels |
| »»»» service_ports | sec_policy_virtual_services_get/properties/service_ports | false | none | Service ports |
| »»»» service | object | false | none | URI of associated service |
| »»»» apply_to | string | false | none | Firewall rule target for workloads bound to this virtual service: host_only or internal_bridge_network |
| »»»» ip_overrides | [string] | false | none | Array of IPs or CIDRs as IP overrides |
| »»»» service_addresses | sec_policy_virtual_services_get/properties/service_addresses | false | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»» anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»» anonymous | object | false | none | none |
software_ven_releases_images_get
[
{
"release": "string",
"distribution": "string",
"architecture": "string",
"major_version": 0,
"min_minor_version": 0,
"max_minor_version": null,
"filename": "string",
"href": "string",
"ven_types": [
"server"
]
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| release | string | true* | none | The OS release |
| distribution | string | true* | none | The OS distribution |
| architecture | string | true* | none | The OS architecture |
| major_version | integer | true* | none | The OS major version |
| min_minor_version | integer | true* | none | The OS minimum minor version |
| max_minor_version | integer,null | false | none | The OS maximum minor version |
| filename | string | true* | none | The image filename for this OS distribution |
| href | string | true* | none | The URI to download the image file |
| ven_types | [string] | false | none | Supported ven types in this release |
software_ven_releases_get
{
"release": "string",
"href": "string",
"default": true,
"default_release_ven_types": [
"string"
],
"org_id": 0,
"ven_types": [
"server"
],
"images": [
{
"release": "string",
"distribution": "string",
"architecture": "string",
"major_version": 0,
"min_minor_version": 0,
"max_minor_version": null,
"filename": "string",
"href": "string",
"ven_types": [
"server"
]
}
]
}
List of VEN bundles in the PCE repo
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| release | string | true* | none | The release version |
| href | string | true* | none | URI associated to this release |
| default | boolean | true* | none | Flag to indicate if this is the default release for this Org |
| default_release_ven_types | [string] | false | none | none |
| org_id | integer | true* | none | ID of the Org |
| ven_types | software_ven_releases_images_get/items/properties/ven_types | false | none | Supported ven types in this release |
| images | [object] | false | none | none |
| » release | string | true* | none | The OS release |
| » distribution | string | true* | none | The OS distribution |
| » architecture | string | true* | none | The OS architecture |
| » major_version | integer | true* | none | The OS major version |
| » min_minor_version | integer | true* | none | The OS minimum minor version |
| » max_minor_version | integer,null | false | none | The OS maximum minor version |
| » filename | string | true* | none | The image filename for this OS distribution |
| » href | string | true* | none | The URI to download the image file |
| » ven_types | software_ven_releases_images_get/items/properties/ven_types | false | none | Supported ven types in this release |
software_ven_releases_default_put
{
"release": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| release | string | true* | none | The software release to set as the default for this org. |
software_ven_releases_defaults_put
[
{
"href": "string",
"ven_type": "server"
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | URI associated to this release |
| ven_type | string | true* | none | The type of the release marked as default |
Enumerated Values
| Property | Value |
|---|---|
| ven_type | server |
| ven_type | endpoint |
agents_get
{
"name": null,
"description": null,
"online": null,
"mode": null,
"uid": "string",
"last_heartbeat_on": null,
"uptime_seconds": null,
"hostname": "string",
"agent_version": null,
"public_ip": null,
"ip_tables_saved": null,
"os_id": null,
"os_detail": null,
"log_traffic": null,
"target_pce_fqdn": null,
"active_pce_fqdn": null,
"labels": null,
"visibility_level": null,
"ven": {
"href": "string"
}
}
DEPRECATED AND REPLACED (USE /orgs/:xorg_id/vens/:ven_uuid INSTEAD)
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string,null | true* | none | The short friendly name of the agent |
| description | string,null | false | none | The long description of the agent |
| online | boolean,null | true* | none | If this agent is online |
| mode | any | true* | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | null | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | pairing_profiles_get/properties/mode | false | none | DEPRECATED AND REPLACED (Use enforcement_mode instead) |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| uid | string | true* | none | The unique ID reported by the server |
| last_heartbeat_on | string,null(date-time) | true* | none | The last time (rfc3339 timestamp) a heartbeat was received from this agent |
| uptime_seconds | integer,null | true* | none | How long since the last reboot of this server. Recorded in DB at the time of the last heartbeat |
| hostname | string | true* | none | The hostname reported from the host itself |
| agent_version | string,null | false | none | Agent software version string |
| public_ip | string,null | true* | none | The public IP address of the server |
| ip_tables_saved | boolean,null | false | none | The agent was able to save IP tables |
| os_id | string,null | false | none | Our OS identifier |
| os_detail | string,null | false | none | Additional OS details - just displayed to end user |
| log_traffic | boolean,null | true* | none | True if we want to log traffic events from this agent |
| target_pce_fqdn | string,null | false | none | The FQDN of the PCE the agent will use for future connections |
| active_pce_fqdn | string,null | false | none | The FQDN of the PCE that received the agent's last heartbeat |
| labels | any | false | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | null | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | workloads_post/properties/labels | false | none | Assigned labels |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| visibility_level | any | true* | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | null | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string | false | none | Visibility level of the agent |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| ven | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
agents_update_put
{
"target_pce_fqdn": "string"
}
target cluster for a VEN move
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| target_pce_fqdn | string | false | none | cluster FQDN for target PCE |
vulnerabilities_get
[
{
"href": "string",
"score": 0,
"cve_ids": [
"string"
],
"description": "string",
"name": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | The href of the vulnerability |
| score | integer | true* | none | The normalized score of the vulnerability within the range of 0 to 100. CVSS Score can be used here with a 10x multiplier. |
| cve_ids | [string] | false | none | The cve_ids for the vulnerability |
| description | string | false | none | An arbitrary field to store some details of the vulnerability class |
| name | string | true* | none | The title/name of the vulnerability |
| created_at | string(date-time) | false | none | The time (rfc3339 timestamp) at which this report was created |
| updated_at | string(date-time) | false | none | The time (rfc3339 timestamp) at which this report was last updated |
| created_by | object | false | none | none |
| » href | string | true* | none | The URI of the user who created this report |
| updated_by | object | false | none | none |
| » href | string | true* | none | The URI of the user who last updated this report |
vulnerabilities_post
[
{
"reference_id": "string",
"score": 0,
"cve_ids": [
"string"
],
"description": "string",
"name": "string"
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| reference_id | string | true* | none | The reference id of the vulnerability |
| score | integer | true* | none | The normalized score of the vulnerability within the range of 0 to 100. CVSS Score can be used here with a 10x multiplier. |
| cve_ids | [string] | false | none | The cve_ids for the vulnerability |
| description | string | false | none | An arbitrary field to store some details of the vulnerability class |
| name | string | true* | none | The title/name of the vulnerability |
vulnerabilities_put
{
"score": 0,
"cve_ids": [
"string"
],
"description": "string",
"name": "string"
}
Vulnerability
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| score | integer | true* | none | The normalized score of the vulnerability within the range of 0 to 100. CVSS Score can be used here with a 10x multiplier. |
| cve_ids | [string] | false | none | The cve_ids for the vulnerability |
| description | string | false | none | An arbitrary field to store some details of the vulnerability class |
| name | string | true* | none | The title/name of the vulnerability |
vulnerability_reports_get
{
"href": "string",
"name": "string",
"report_type": "string",
"num_vulnerabilities": 0,
"authoritative": true,
"scanned_ips": [
"string"
],
"exported_at": "2025-04-01T00:21:27Z",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
}
}
Vulnerability report
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | The resource(URI) representation of the vulnerability report |
| name | string | true* | none | User generated name of the vulnerability report |
| report_type | string | true* | none | A string representing the type of the report |
| num_vulnerabilities | integer | true* | none | Number of vulnerabilities that belong to this report |
| authoritative | boolean | false | none | Boolean value specifies whether a report is authoritative (or) not |
| scanned_ips | [string] | false | none | The ips on which the scan was performed |
| exported_at | string(date-time) | false | none | The timestamp (rfc3339 timestamp) at which this report was exported |
| created_at | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this report was created |
| updated_at | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this report was last updated |
| created_by | object | true* | none | none |
| » href | string | true* | none | The URI of the user who created this report |
| updated_by | object | true* | none | none |
| » href | string | true* | none | The URI of the user who last updated this report |
vulnerability_reports_put
{
"name": "string",
"report_type": "string",
"authoritative": true,
"scanned_ips": [
"2001:0db8:85a3:0000:0000:8a2e:0370:7334"
],
"detected_vulnerabilities": [
{
"ip_address": "2001:0db8:85a3:0000:0000:8a2e:0370:7334",
"port": 0,
"proto": 0,
"workload": {
"href": "string"
},
"vulnerability": {
"href": "string"
},
"external_data_reference": "string",
"state": "active"
}
],
"exported_at": "2025-04-01T00:21:27Z"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | User generated name of the vulnerability report |
| report_type | string | true* | none | A string representing the type of the report |
| authoritative | boolean | false | none | Boolean value specifies whether a report is authoritative (or) not |
| scanned_ips | [oneOf] | false | none | The ips on which the scan was performed |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | number | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | number | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| detected_vulnerabilities | [object] | false | none | none |
| » ip_address | vulnerability_reports_put/properties/scanned_ips/items | true* | none | The ip address of the host where the vulnerability is found |
| » port | integer | false | none | The port which is associated with the vulnerability |
| » proto | integer | false | none | The protocol which is associated with the vulnerability |
| » workload | object | true* | none | none |
| »» href | string | true* | none | The URI of the workload to which this vulnerability belongs |
| » vulnerability | object | true* | none | none |
| »» href | string | true* | none | The URI of the vulnerability class to which this vulnerability belongs |
| » external_data_reference | string | false | none | external data reference json string for vulnerability |
| » state | string | false | none | detected vulnerability state |
| exported_at | string(date-time) | false | none | The timestamp (rfc3339 timestamp) at which this report was exported |
Enumerated Values
| Property | Value |
|---|---|
| state | active |
| state | fixed |
reports_risk_summary_ransomware_timeseries_statistics_post
[
{
"property": "num_managed_workloads",
"resolution": "day",
"max_results": 5
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| property | string | true* | none | The property for which time series data is requested. |
| resolution | string | false | none | The granularity for the time series data. E.g. day, week, month, quarter |
| max_results | integer | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| property | num_managed_workloads |
| property | ransomware_protection_coverage_percent |
| property | num_workloads_by_exposure |
| resolution | day |
| resolution | week |
| resolution | month |
| resolution | quarter |
reports_risk_summary_get
{
"ransomware": null
}
Risk Summary for this org
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| ransomware | object,null | true* | none | none |
| » num_total_workloads | integer | true* | none | Total workload count |
| » num_protected_workloads | integer | true* | none | Count of protected workloads |
| » ransomware_protection_coverage_percent | number | false | none | Ransomware protection coverage percentage |
| » workloads_by_exposure | object | true* | none | none |
| »» critical | integer | false | none | Number of workloads that have 1 or more critically risky services as its highest risk |
| »» high | integer | false | none | Number of workloads that have 1 or more high risk services as its highest risk |
| »» medium | integer | false | none | Number of workloads that have 1 or more medium risk services as its highest risk |
| »» low | integer | false | none | Number of workloads that have 1 or more low risk services as its highest risk |
| »» fully_protected | integer | false | none | Number of workloads that have no risky services and are fully protected |
| » risky_ports_by_severity | object | true* | none | Risky ports by Severity |
| »» critical | object | false | none | none |
| »»» num_protected_ports | integer | true* | none | Number of protected ports for this risk level, across all protection ready workloads |
| »»» num_unprotected_ports | integer | true* | none | Number of unprotected ports for this risk level, across all protection ready workloads |
| »» high | reports_risk_summary_get/properties/ransomware/properties/risky_ports_by_severity/properties/critical | false | none | none |
| »» medium | reports_risk_summary_get/properties/ransomware/properties/risky_ports_by_severity/properties/critical | false | none | none |
| »» low | reports_risk_summary_get/properties/ransomware/properties/risky_ports_by_severity/properties/critical | false | none | none |
| » risky_ports_by_category | object | true* | none | Risky ports by category type |
| »» admin | reports_risk_summary_get/properties/ransomware/properties/risky_ports_by_severity/properties/critical | false | none | none |
| »» legacy | reports_risk_summary_get/properties/ransomware/properties/risky_ports_by_severity/properties/critical | false | none | none |
| » top_risky_applications | [object] | true* | none | Top risky app groups in the organization by ransomware protection percent |
| »» app_group | object | true* | none | none |
| »»» href | string | false | none | URI of the app group |
| »» labels | [object] | true* | none | Assigned labels summary |
| »»» href | string | true* | none | Label URI |
| »»» key | string | false | none | Key in key-value pair |
| »»» value | string | false | none | Value in key-value pair |
| »» num_workloads | integer | true* | none | Total Number of workloads in this app group |
| »» ransomware_protection_percent | number | true* | none | Ransomware protection percentage for this app group in the org |
| » top_risky_services | [object] | true* | none | Top risky ransomware services in the organization by ransomware protection percent |
| »» href | string | true* | none | href of the service |
| »» name | string | true* | none | Name of the service |
| »» ransomware_protection_percent | number | true* | none | Ransomware protection percentage for this service in the org |
| » num_risky_services | integer | true* | none | Total number of risky services in the organization |
| » num_unenforced_workloads | integer | true* | none | The number of unenforced workloads (idle/visibility) in the organization |
| » last_updated_at | string(date-time) | true* | none | The time at which the protection stats are last computed at |
app_groups_risk_summary_get
[
{
"app_group": {
"href": "string"
},
"labels": [
{
"href": "string"
}
],
"risk_summary": {
"ransomware": null
}
}
]
Risk Summary for each app group
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| app_group | object | true* | none | none |
| » href | string | false | none | URI of the app group |
| labels | workloads_post/properties/labels | true* | none | Assigned labels |
| risk_summary | object | true* | none | Risk Summary for this app group |
| » ransomware | object,null | true* | none | Ransomware risk summary for this app group |
| »» workload_exposure_severity | workloads_get/properties/risk_summary/properties/ransomware/properties/workload_exposure_severity | true* | none | Exposed ransomware severity for workload |
| »» ransomware_protection_percent | number | true* | none | Ransomware protection percentage for this app-group |
| »» last_updated_at | string(date-time) | true* | none | The time at which the ransomware stats are last computed at |
app_groups_risk_details_get
{
"risk_details": {}
}
Risk Details for this app group
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| risk_details | object | false | none | none |
workloads_interfaces_post
{
"name": "string",
"link_state": "up",
"address": "string",
"cidr_block": 0,
"default_gateway_address": "string",
"friendly_name": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | Interface name |
| link_state | string | true* | none | Link State |
| address | vulnerability_reports_put/properties/scanned_ips/items | false | none | none |
| cidr_block | integer | false | none | The number of bits in the subnet /24 is 255.255.255.0 |
| default_gateway_address | vulnerability_reports_put/properties/scanned_ips/items | false | none | none |
| friendly_name | string | false | none | User-friendly name for interface |
Enumerated Values
| Property | Value |
|---|---|
| link_state | up |
| link_state | down |
| link_state | unknown |
workloads_interfaces_get
{
"name": "string",
"link_state": null,
"address": "string",
"cidr_block": null,
"default_gateway_address": null,
"network": {
"href": "string",
"name": null
},
"network_detection_mode": null,
"friendly_name": null,
"href": "string"
}
Workload network interfaces
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | Interface name |
| link_state | string,null | true* | none | Link State |
| address | string | true* | none | The IP Address to assign to this interface |
| cidr_block | integer,null | true* | none | The number of bits in the subnet /24 is 255.255.255.0 |
| default_gateway_address | string,null | true* | none | The IP Address of the default gateway |
| network | object,null | true* | none | Network that the interface belongs to |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | Network object used in workloads and workload interfaces |
| »» href | string | true* | none | URI of the network |
| »» name | string,null | false | none | Name of the network. |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | null | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| network_detection_mode | string,null | true* | none | Network Detection Mode |
| friendly_name | string,null | true* | none | User-friendly name for interface |
| href | string | false | none | DEPRECATED WITH NO REPLACEMENT |
label_mapping_rules_run_post
{
"workloads": [
{
"href": "string"
}
],
"rules": [
{
"href": "string"
}
],
"assign_labels": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| workloads | [sec_policy_virtual_servers_get/properties/created_by] | false | none | HREFs of the workloads to which the rules need to be applied |
| rules | [sec_policy_virtual_servers_get/properties/created_by] | false | none | HREFs of the label_mapping_rules which need to be applied |
| assign_labels | boolean | false | none | Determines whether the labels should be assigned automatically as a part of the run |
label_mapping_rules_run_get
{
"href": "http://example.com",
"result": "http://example.com",
"status": "string",
"progress_percent": 0,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "http://example.com"
},
"updated_at": "2025-04-01T00:21:27Z",
"label_mapping_params": {
"workloads": [
{
"href": "string"
}
],
"rules": [
{
"href": "string"
}
],
"assign_labels": true
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string(uri) | false | none | Job URI |
| result | string(uri) | false | none | Result download URI. Available only if the job status is completed |
| status | string | false | none | Current job status |
| progress_percent | integer | false | none | Progress Percentage of the job |
| created_at | string(date-time) | false | none | Timestamp in UTC when this job was created |
| created_by | object | false | none | none |
| » href | string(uri) | true* | none | User who created this run |
| updated_at | string(date-time) | false | none | Timestamp in UTC when this job was updated |
| label_mapping_params | object | false | none | none |
| » workloads | [sec_policy_virtual_servers_get/properties/created_by] | false | none | HREFs of the workloads to which the rules need to be applied |
| » rules | [sec_policy_virtual_servers_get/properties/created_by] | false | none | HREFs of the label_mapping_rules which need to be applied |
| » assign_labels | boolean | false | none | Determines whether the labels should be assigned automatically as a part of the run |
label_mapping_rules_run_download_get
{
"results": [
{
"href": "string",
"hostname": null,
"existing_labels": [
{
"href": "string",
"key": "string",
"value": "string"
}
],
"labels_to_assign": [
{
"href": "string",
"key": "string",
"value": "string",
"label_mapping_rule": {
"href": "string"
}
}
]
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| results | [object] | false | none | none |
| » href | string | true* | none | URI of the workload |
| » hostname | null,string | false | none | Hostname of the workload |
| » existing_labels | [object] | true* | none | List of existing labels for the workload |
| »» href | string | false | none | URI of the label |
| »» key | string | false | none | key for the label |
| »» value | string | false | none | value for the label |
| » labels_to_assign | [object] | true* | none | List of labels to assign for the workload |
| »» href | string | false | none | URI of the label |
| »» key | string | false | none | key for the label |
| »» value | string | false | none | value for the label |
| »» label_mapping_rule | object | false | none | Defines which label mapping rule caused this label assignment |
| »»» href | string | false | none | HREF of the label mapping rule |
label_mapping_rules_run_assign_labels_put
null
dummy schema file to assign labels when user clicks on Confirm. This applies the labels from review stage
Properties
None
label_mapping_rules_get
{
"href": "string",
"enabled": true,
"expression": {
"property": "hostname",
"operator": "starts_with",
"values": [
"string"
]
},
"label_assignments": [
{
"label": {
"key": "string",
"value": "string"
}
}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": null,
"updated_by": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI for this label mapping rule |
| enabled | boolean | false | none | Enabled flag |
| expression | object | false | none | none |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» property | string | true* | none | The workload property to compare. (hostname, ip_address etc.) |
| »» operator | string | true* | none | operator for the condition (starts_with, contains, equals, ends_with, is_in) |
| »» values | [anyOf] | true* | none | Value to use in comparison |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | string | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | object | false | none | none |
| »»»» port | integer | false | none | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»» to_port | integer | false | none | High end of port range inclusive if specifying a range. If not specifying a range then don't include this. |
| »»»» proto | integer | false | none | protocol number |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | object | false | none | none |
| »»»» logical_operator | string | true* | none | logical operator for the child expressions |
| »»»» child_expressions | [anyOf] | true* | none | none |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»» anonymous | object | false | none | none |
| »»»»»» property | string | true* | none | The workload property to compare. (hostname, ip_address etc.) |
| »»»»»» operator | string | true* | none | operator for the condition (starts_with, contains, equals, ends_with, is_in) |
| »»»»»» values | [anyOf] | true* | none | Value to use in comparison |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»» anonymous | string | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»» anonymous | object | false | none | none |
| »»»»»»»» port | integer | false | none | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»» to_port | integer | false | none | High end of port range inclusive if specifying a range. If not specifying a range then don't include this. |
| »»»»»»»» proto | integer | false | none | protocol number |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»» anonymous | object | false | none | none |
| »»»»»»»» logical_operator | string | true* | none | logical operator for the child expressions |
| »»»»»»»» child_expressions | [label_mapping_rules_get/properties/expression/anyOf/1/properties/child_expressions/items] | true* | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»» label_assignments | [anyOf] | false | none | List of label assignments for a rule |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»» anonymous | object | false | none | none |
| »»»»»»»»» label | object | true* | none | none |
| »»»»»»»»»» key | string | false | none | none |
| »»»»»»»»»» value | string | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»» anonymous | object | false | none | none |
| »»»»»»»»»» label | object | true* | none | none |
| »»»»»»»»»»» href | string | false | none | HREF of the pre-existing label |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» created_at | string(date-time) | false | none | Timestamp when this rule was created in UTC timezone in RFC3389 format |
| »»»»»»»»»» updated_at | string(date-time) | false | none | Timestamp when this rule was updated in UTC timezone in RFC3389 format |
| »»»»»»»»»» created_by | object,null | false | none | none |
| »»»»»»»»»»» href | string | true* | none | User who originally created this rule |
| »»»»»»»»»» updated_by | object,null | false | none | none |
| »»»»»»»»»»» href | string | true* | none | User who last updated this rule |
Enumerated Values
| Property | Value |
|---|---|
| property | hostname |
| property | ip_address |
| property | os |
| property | process |
| property | port |
| operator | starts_with |
| operator | ends_with |
| operator | contains |
| operator | equals |
| operator | is_in |
| logical_operator | and |
| logical_operator | or |
| logical_operator | not |
| property | hostname |
| property | ip_address |
| property | os |
| property | process |
| property | port |
| operator | starts_with |
| operator | ends_with |
| operator | contains |
| operator | equals |
| operator | is_in |
| logical_operator | and |
| logical_operator | or |
| logical_operator | not |
label_mapping_rules_post
{
"expression": {
"property": "hostname",
"operator": "starts_with",
"values": [
"string"
]
},
"label_assignments": [
{
"label": {
"key": "string",
"value": "string"
}
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| expression | label_mapping_rules_get/properties/expression | true* | none | none |
| label_assignments | label_mapping_rules_get/properties/label_assignments | true* | none | List of label assignments for a rule |
label_mapping_rules_delete_put
{
"rules": [
{
"href": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| rules | [object] | true* | none | Rules to delete |
| » href | string | true* | none | URI of label mapping rule to delete |
label_mapping_rules_update_put
[
{
"href": "string",
"enabled": true,
"expression": {
"property": "hostname",
"operator": "starts_with",
"values": [
"string"
]
},
"label_assignments": [
{
"label": {
"key": "string",
"value": "string"
}
}
]
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | href of the rule; required for bulk updates |
| enabled | boolean | false | none | Enabled flag |
| expression | label_mapping_rules_get/properties/expression | false | none | none |
| label_assignments | label_mapping_rules_get/properties/label_assignments | false | none | List of label assignments for a rule |
label_mapping_rules_put
{
"enabled": true,
"expression": {
"property": "hostname",
"operator": "starts_with",
"values": [
"string"
]
},
"label_assignments": [
{
"label": {
"key": "string",
"value": "string"
}
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| enabled | boolean | false | none | Enabled flag |
| expression | label_mapping_rules_get/properties/expression | false | none | none |
| label_assignments | label_mapping_rules_get/properties/label_assignments | false | none | List of label assignments for a rule |
label_mapping_rules_reorder_put
{
"position": 0
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| position | integer | true* | none | Index of the new position for this rule |
service_bindings_get
[
{}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| bound_service | object | true* | none | Bound service href |
| » href | string | false | none | none |
| workload | object | false | none | Workload href |
| » href | string | false | none | none |
| port_overrides | [object] | false | none | none |
| » port | integer | false | none | Port Number in the original service which to override (integer 0-65535). Starting port when specifying a range. |
| » proto | integer | false | none | Transport protocol in the original service which to override |
| » new_port | integer | true* | none | Overriding port number (or starting point when specifying a range) |
| » new_to_port | integer | false | none | Overriding port range ending port |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| proto | 6 |
| proto | 17 |
service_bindings_post
[
{}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| virtual_service | object | true* | none | Virtual service href |
| » href | string | false | none | none |
| workload | object | false | none | Workload href |
| » href | string | false | none | none |
| port_overrides | [service_bindings_get/items/properties/port_overrides/items] | false | none | none |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
sec_policy_rule_sets_sec_rules_get
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"enabled": true,
"description": null,
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string",
"name": null
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string",
"name": null,
"hostname": null,
"deleted": null
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
],
"unscoped_consumers": true,
"update_type": "create",
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI of object |
| created_at | string(date-time) | false | none | Timestamp when this rule set was first created |
| updated_at | string(date-time) | false | none | Timestamp when this rule set was last updated |
| deleted_at | string,null(date-time) | false | none | Timestamp when this rule set was deleted |
| created_by | object | false | none | none |
| » href | string | true* | none | User who originally created this rule set |
| updated_by | object | false | none | none |
| » href | string | true* | none | User who last updated this rule set |
| deleted_by | object,null | false | none | none |
| » href | string | true* | none | User who deleted this rule set |
| enabled | boolean | true* | none | Enabled flag |
| description | string,null | false | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| ingress_services | sec_policy_enforcement_boundaries_get/properties/ingress_services | true* | none | Array of service URI and port/protocol combinations |
| resolve_labels_as | sec_policy_rule_sets_put/properties/rules/items/properties/resolve_labels_as | true* | none | none |
| sec_connect | boolean | false | none | Whether a secure connection is established |
| stateless | boolean | false | none | Whether packet filtering is stateless for the rule |
| machine_auth | boolean | false | none | Whether machine authentication is enabled |
| providers | [object] | true* | none | Providers |
| » actors | string | false | none | Rule actors are all workloads ('ams') |
| » label_dimension | string | false | none | Rule actors that are all workloads with a specific label dimension |
| » exclusion | boolean | false | none | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| » label | sec_policy_virtual_services_get/properties/labels/items | false | none | none |
| » label_group | object | false | none | none |
| »» href | string | true* | none | Label Group URI |
| »» key | string | false | none | Key in key-value pair |
| »» name | string | false | none | Name of label group |
| » workload | object | false | none | none |
| »» href | string | true* | none | Workload URI |
| » virtual_service | object | false | none | none |
| »» href | string | true* | none | Virtual service URI |
| »» name | string,null | false | none | Name of virtual service |
| » virtual_server | object | false | none | none |
| »» href | string | true* | none | Virtual server URI |
| » ip_list | object | false | none | IP List |
| »» href | string | true* | none | IP List URI |
| »» created_at | string(date-time) | false | none | Timestamp when this rule set was first created |
| »» updated_at | string(date-time) | false | none | Timestamp when this rule set was last updated |
| »» deleted_at | string,null(date-time) | false | none | Timestamp when this rule set was deleted |
| »» created_by | object | false | none | none |
| »»» href | string | true* | none | User who originally created this rule set |
| »» updated_by | object | false | none | none |
| »»» href | string | true* | none | User who last updated this rule set |
| »» deleted_by | object,null | false | none | none |
| »»» href | string | true* | none | User who deleted this rule set |
| »» update_type | sec_policy_virtual_services_get/properties/update_type | false | none | Versioned policy object update type |
| »» name | string | false | none | Name (must be unique) |
| » consumers | [object] | true* | none | Consumers |
| »» actors | string | false | none | Rule actors are all workloads or container host |
| »» label_dimension | string | false | none | Rule actors that are all workloads with a specific label dimension |
| »» exclusion | boolean | false | none | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| »» label | sec_policy_virtual_services_get/properties/labels/items | false | none | none |
| »» label_group | sec_policy_rule_sets_sec_rules_get/properties/providers/items/properties/label_group | false | none | none |
| »» workload | object | false | none | none |
| »»» href | string | true* | none | Workload URI |
| »»» name | string,null | false | none | Interface name |
| »»» hostname | string,null | false | none | The hostname of this workload |
| »»» deleted | boolean,null | false | none | This workload has been deleted |
| »» virtual_service | object | false | none | none |
| »»» href | string | true* | none | Virtual service URI |
| »» ip_list | sec_policy_rule_sets_sec_rules_get/properties/providers/items/properties/ip_list | false | none | IP List |
| » consuming_security_principals | [object] | false | none | Hrefs of consuming security principals |
| »» href | string | true* | none | URI of security principal |
| »» sid | string | false | none | Active Directory SID |
| »» name | string | false | none | Name of the security principal |
| »» description | string | false | none | A longer description of the security principal |
| »» deleted | boolean | false | none | Flag to indicate if security principal has been deleted |
| »» used_by_ruleset | boolean | false | none | Flag to indicate if this security principal is being used by a ruleset |
| » unscoped_consumers | boolean | false | none | Set the scope for rule consumers to All |
| » update_type | sec_policy_virtual_services_get/properties/update_type | false | none | Versioned policy object update type |
| » network_type | sec_policy_rule_sets_put/properties/rules/items/properties/network_type | false | none | Network types that this rule should apply to. |
| » use_workload_subnets | sec_policy_rule_sets_put/properties/rules/items/properties/use_workload_subnets | false | none | Whether to use workload subnets instead of IP addresses for the providers/consumers |
Enumerated Values
| Property | Value |
|---|---|
| actors | ams |
| label_dimension | app |
| actors | ams |
| actors | container_host |
| label_dimension | app |
sec_policy_rule_sets_sec_rules_post
{
"enabled": true,
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string"
}
],
"unscoped_consumers": true,
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| enabled | boolean | true* | none | Enabled flag |
| description | string | false | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| ingress_services | sec_policy_enforcement_boundaries_get/properties/ingress_services | true* | none | Array of service URI and port/protocol combinations |
| resolve_labels_as | sec_policy_rule_sets_put/properties/rules/items/properties/resolve_labels_as | true* | none | none |
| sec_connect | boolean | false | none | Whether a secure connection is established |
| stateless | boolean | false | none | Whether packet filtering is stateless for the rule |
| machine_auth | boolean | false | none | Whether machine authentication is enabled |
| providers | sec_policy_rule_sets_put/properties/rules/items/properties/providers | true* | none | Providers |
| consumers | sec_policy_rule_sets_put/properties/rules/items/properties/consumers | true* | none | Consumers |
| consuming_security_principals | sec_policy_rule_sets_put/properties/rules/items/properties/consuming_security_principals | false | none | Hrefs of consuming security principals |
| unscoped_consumers | boolean | false | none | Set the scope for rule consumers to All |
| network_type | sec_policy_rule_sets_put/properties/rules/items/properties/network_type | false | none | Network types that this rule should apply to. |
| use_workload_subnets | sec_policy_rule_sets_put/properties/rules/items/properties/use_workload_subnets | false | none | Whether to use workload subnets instead of IP addresses for the providers/consumers |
sec_policy_rule_sets_sec_rules_put
{
"enabled": true,
"description": "string",
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string"
}
],
"update_type": "create",
"unscoped_consumers": true,
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| enabled | boolean | false | none | Enabled flag |
| description | string | false | none | Description |
| external_data_set | string,null | false | none | External data set identifier |
| external_data_reference | string,null | false | none | External data reference identifier |
| ingress_services | sec_policy_enforcement_boundaries_get/properties/ingress_services | false | none | Array of service URI and port/protocol combinations |
| resolve_labels_as | sec_policy_rule_sets_put/properties/rules/items/properties/resolve_labels_as | false | none | none |
| sec_connect | boolean | false | none | Whether a secure connection is established |
| stateless | boolean | false | none | Whether packet filtering is stateless for the rule |
| machine_auth | boolean | false | none | Whether machine authentication is enabled |
| providers | sec_policy_rule_sets_put/properties/rules/items/properties/providers | false | none | Providers |
| consumers | sec_policy_rule_sets_put/properties/rules/items/properties/consumers | false | none | Consumers |
| consuming_security_principals | sec_policy_rule_sets_put/properties/rules/items/properties/consuming_security_principals | false | none | Hrefs of consuming security principals |
| update_type | string | false | none | Type of update |
| unscoped_consumers | boolean | false | none | Set the scope for rule consumers to All |
| network_type | sec_policy_rule_sets_put/properties/rules/items/properties/network_type | false | none | Network types that this rule should apply to. |
| use_workload_subnets | sec_policy_rule_sets_put/properties/rules/items/properties/use_workload_subnets | false | none | Whether to use workload subnets instead of IP addresses for the providers/consumers |
Enumerated Values
| Property | Value |
|---|---|
| update_type | create |
| update_type | update |
| update_type | delete |
sec_policy_firewall_settings_get
{
"static_policy_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"ike_authentication_type": "string",
"firewall_coexistence": null,
"allow_captive_portal_outbound": true,
"containers_inherit_host_policy_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"blocked_connection_reject_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"loopback_interfaces_in_policy_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"ip_forwarding_enabled_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"rule_hit_count_enabled_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": {
"href": "string"
},
"update_type": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| static_policy_scopes | sec_policy_rule_sets_get/properties/scopes | false | none | Rule set scopes |
| ike_authentication_type | string | false | none | IKE authentication type to use for IPsec (SecureConnect and Machine Authentication) |
| firewall_coexistence | array,null | false | none | none |
| » scope | workloads_post/properties/labels | true* | none | Assigned labels |
| » workload_mode | string | false | none | Additional match criteria to select workload(s) |
| » illumio_primary | boolean | true* | none | Configure Illumio to be the primary firewall |
| allow_captive_portal_outbound | boolean | false | none | Defines whether or not to open the endpoint firewall to all outbound traffic when a captive portal scenario is discovered by the VEN |
| containers_inherit_host_policy_scopes | sec_policy_rule_sets_get/properties/scopes | false | none | Rule set scopes |
| blocked_connection_reject_scopes | [array] | false | none | Scopes whose blocked connection action will be reject |
| » exclusion | boolean | false | none | Boolean to specify whether or not the scope is an exclusion |
| » label | sec_policy_virtual_services_get/properties/labels/items | false | none | none |
| » label_group | sec_policy_rule_sets_sec_rules_get/properties/providers/items/properties/label_group | false | none | none |
| loopback_interfaces_in_policy_scopes | [sec_policy_firewall_settings_get/properties/blocked_connection_reject_scopes/items] | false | none | Workloads that match the scope will apply policy on loopback interfaces and the loopback interface's IPs will be distributed to peers. |
| ip_forwarding_enabled_scopes | sec_policy_rule_sets_get/properties/scopes | false | none | Rule set scopes |
| rule_hit_count_enabled_scopes | sec_policy_rule_sets_get/properties/scopes | false | none | Rule set scopes |
| created_at | string(date-time) | false | none | Time stamp when these firewall settings were first created |
| updated_at | string(date-time) | false | none | Time stamp when these firewall settings were last updated |
| deleted_at | string(date-time) | false | none | Time stamp when these firewall settings were deleted |
| created_by | object | false | none | none |
| » href | string | true* | none | User who originally created these firewall settings |
| updated_by | object | false | none | none |
| » href | string | true* | none | User who last updated these firewall settings |
| deleted_by | object | false | none | none |
| » href | string | true* | none | User who deleted these firewall settings |
| update_type | string | true* | none | Type of update |
sec_policy_firewall_settings_put
{
"update_type": "create",
"static_policy_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"ike_authentication_type": "psk",
"firewall_coexistence": null,
"allow_captive_portal_outbound": true,
"containers_inherit_host_policy_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"blocked_connection_reject_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"loopback_interfaces_in_policy_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"ip_forwarding_enabled_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
],
"rule_hit_count_enabled_scopes": [
[
{
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
}
}
]
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| update_type | string | false | none | Type of update |
| static_policy_scopes | sec_policy_rule_sets_post/properties/scopes | false | none | Rule set scopes |
| ike_authentication_type | string | false | none | IKE authentication type to use for IPsec (SecureConnect and Machine Authentication) |
| firewall_coexistence | array,null | false | none | none |
| » scope | workloads_post/properties/labels | true* | none | Assigned labels |
| » workload_mode | string | false | none | Additional match criteria to select workload(s) |
| » illumio_primary | boolean | true* | none | Configure Illumio to be the primary firewall |
| allow_captive_portal_outbound | boolean | false | none | Defines whether or not to open the endpoint firewall to all outbound traffic when a captive portal scenario is discovered by the VEN |
| containers_inherit_host_policy_scopes | sec_policy_rule_sets_post/properties/scopes | false | none | Rule set scopes |
| blocked_connection_reject_scopes | [array] | false | none | Scopes whose blocked connection action will be reject |
| » exclusion | boolean | false | none | Boolean to specify whether or not the scope is an exclusion |
| » label | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| » label_group | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| loopback_interfaces_in_policy_scopes | [sec_policy_firewall_settings_put/properties/blocked_connection_reject_scopes/items] | false | none | Workloads that match the scope will apply policy on loopback interfaces and the loopback interface's IPs will be distributed to peers. |
| ip_forwarding_enabled_scopes | sec_policy_rule_sets_post/properties/scopes | false | none | Rule set scopes |
| rule_hit_count_enabled_scopes | sec_policy_rule_sets_post/properties/scopes | false | none | Rule set scopes |
Enumerated Values
| Property | Value |
|---|---|
| update_type | create |
| update_type | update |
| update_type | delete |
| ike_authentication_type | psk |
| ike_authentication_type | certificate |
| workload_mode | enforced |
| workload_mode | illuminated |
sec_policy_pending_get
{
"rule_sets": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "string",
"related_ip_lists": [
{
"href": "string"
}
],
"related_services": [
{
"href": "string"
}
]
}
],
"firewall_settings": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"ip_lists": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"services": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"virtual_servers": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"label_groups": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"secure_connect_gateways": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"virtual_services": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
],
"enforcement_boundaries": [
{
"name": "string",
"href": "string",
"updated_by": null,
"updated_at": "2025-04-01T00:21:27Z",
"update_type": "create",
"caps": [
"write"
]
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| rule_sets | [object] | false | none | Array of modified rulesets in the current policy draft |
| » name | string | true* | none | Ruleset name |
| » href | string | false | none | URI of the Ruleset |
| » updated_by | any | true* | none | none |
| » updated_at | string(date-time) | true* | none | Time stamp when this resource was last updated |
| » update_type | string | true* | none | Type of update |
| » related_ip_lists | [any] | false | none | Related IP Lists |
| »» href | string | true* | none | URI of IP List |
| » related_services | [any] | false | none | Related Services |
| »» href | string | true* | none | URI of Service |
| » firewall_settings | [object] | false | none | Array of modified resources for a given type in the current policy draft |
| »» name | string | true* | none | Resource name |
| »» href | string | false | none | URI of the resource |
| »» updated_by | any | true* | none | none |
| »» updated_at | string(date-time) | true* | none | Time stamp when this resource was last updated |
| »» update_type | string | true* | none | Type of update |
| »» caps | [string] | false | none | Array of permissions for the entity for the current user - an empty array implies read only access |
| » ip_lists | sec_policy_pending_get/properties/firewall_settings | false | none | Array of modified resources for a given type in the current policy draft |
| » services | sec_policy_pending_get/properties/firewall_settings | false | none | Array of modified resources for a given type in the current policy draft |
| » virtual_servers | sec_policy_pending_get/properties/firewall_settings | false | none | Array of modified resources for a given type in the current policy draft |
| » label_groups | sec_policy_pending_get/properties/firewall_settings | false | none | Array of modified resources for a given type in the current policy draft |
| » secure_connect_gateways | sec_policy_pending_get/properties/firewall_settings | false | none | Array of modified resources for a given type in the current policy draft |
| » virtual_services | sec_policy_pending_get/properties/firewall_settings | false | none | Array of modified resources for a given type in the current policy draft |
| » enforcement_boundaries | sec_policy_pending_get/properties/firewall_settings | false | none | Array of modified resources for a given type in the current policy draft |
Enumerated Values
| Property | Value |
|---|---|
| update_type | create |
| update_type | update |
| update_type | delete |
sec_policy_allow_get
[
{
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"enabled": true,
"description": null,
"external_data_set": null,
"external_data_reference": null,
"ingress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string",
"name": null
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string",
"name": null,
"hostname": null,
"deleted": null
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
],
"unscoped_consumers": true,
"update_type": "create",
"network_type": "brn",
"use_workload_subnets": [
"providers"
]
}
]
Properties
None
sec_policy_rule_search_post
{
"enabled": true,
"description": "string",
"ingress_services": [
{
"href": "string"
}
],
"sec_connect": true,
"machine_auth": true,
"stateless": true,
"providers": [
{
"actors": "string",
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"container_workload": {
"href": "string"
},
"kubernetes_workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "string",
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"workload": {
"href": "string"
},
"container_workload": {
"href": "string"
},
"kubernetes_workload": {
"href": "string"
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string"
}
],
"unscoped_consumers": true,
"update_type": "create",
"resolve_actors": true,
"rule_types": [
"sec_rules"
]
}
Filters for Rule Search
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| enabled | boolean | false | none | Enabled flag of the Rule |
| description | string | false | none | Description of the Rule |
| ingress_services | [oneOf] | false | none | Services and ports used in the Rule |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» href | string | true* | none | URI of the service |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | sec_policy_services_get/properties/windows_services/items | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| sec_connect | boolean | false | none | Whether a secure connection is established in the Rule |
| machine_auth | boolean | false | none | Whether machine authentication is enabled in the Rule |
| stateless | boolean | false | none | Whether stateless is enabled in the Rule |
| providers | [object] | false | none | Providers for Rule Search |
| » actors | string | false | none | Rule actors are all workloads ('ams') |
| » label | object | false | none | none |
| »» href | string | true* | none | Label URI |
| » label_group | object | false | none | none |
| »» href | string | true* | none | Label group URI |
| » workload | object | false | none | none |
| »» href | string | true* | none | Workload URI |
| » container_workload | object | false | none | none |
| »» href | string | true* | none | Container workload URI |
| » kubernetes_workload | object | false | none | none |
| »» href | string | true* | none | Kubernetes workload URI |
| » virtual_service | object | false | none | none |
| »» href | string | true* | none | Virtual service URI |
| » virtual_server | object | false | none | none |
| »» href | string | true* | none | Virtual server URI |
| » ip_list | object | false | none | URI of associated IP List |
| »» href | string | true* | none | IP List URI |
| » consumers | [object] | false | none | Providers for Rule Search |
| »» actors | string | false | none | Rule actors are all workloads ('ams') |
| »» label | object | false | none | none |
| »»» href | string | true* | none | Label URI |
| »» label_group | object | false | none | none |
| »»» href | string | true* | none | Label group URI |
| »» workload | object | false | none | none |
| »»» href | string | true* | none | Workload URI |
| »» container_workload | object | false | none | none |
| »»» href | string | true* | none | Container workload URI |
| »» kubernetes_workload | object | false | none | none |
| »»» href | string | true* | none | Kubernetes workload URI |
| »» virtual_service | object | false | none | none |
| »»» href | string | true* | none | Virtual service URI |
| »» ip_list | object | false | none | URI of associated IP List |
| »»» href | string | true* | none | IP List URI |
| »» consuming_security_principals | sec_policy_rule_sets_put/properties/rules/items/properties/consuming_security_principals | false | none | Hrefs of consuming security principals |
| »» unscoped_consumers | boolean | false | none | UB scope set to All in the Rule |
| »» update_type | string | false | none | Type of update for the Rule |
| »» resolve_actors | boolean | false | none | Resolve actors to do a deep Rule search |
| »» rule_types | [string] | false | none | List of rule types |
Enumerated Values
| Property | Value |
|---|---|
| update_type | create |
| update_type | update |
| update_type | delete |
sec_policy_post
{
"update_description": "string",
"change_subset": {
"label_groups": [
{
"href": "string"
}
],
"services": [
{
"href": "string"
}
],
"rule_sets": [
{
"href": "string"
}
],
"ip_lists": [
{
"href": "string"
}
],
"virtual_services": [
{
"href": "string"
}
],
"firewall_settings": [
{
"href": "string"
}
],
"secure_connect_gateways": [
{
"href": "string"
}
],
"virtual_servers": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
]
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| update_description | string | false | none | Optional description for the requested change or update. |
| change_subset | object | false | none | Hash of pending hrefs, organized by model |
| » label_groups | [sec_policy_virtual_servers_get/properties/created_by] | false | none | none |
| » services | [sec_policy_virtual_servers_get/properties/created_by] | false | none | none |
| » rule_sets | [sec_policy_virtual_servers_get/properties/created_by] | false | none | none |
| » ip_lists | [sec_policy_virtual_servers_get/properties/created_by] | false | none | none |
| » virtual_services | [sec_policy_virtual_servers_get/properties/created_by] | false | none | none |
| » firewall_settings | [sec_policy_virtual_servers_get/properties/created_by] | false | none | none |
| » secure_connect_gateways | [sec_policy_virtual_servers_get/properties/created_by] | false | none | none |
| » virtual_servers | [sec_policy_virtual_servers_get/properties/created_by] | false | none | none |
| » enforcement_boundaries | [sec_policy_virtual_servers_get/properties/created_by] | false | none | none |
sec_policy_get
{
"href": "string",
"version": 0,
"workloads_affected": null,
"commit_message": null,
"object_counts": {
"rule_sets": 0,
"ip_lists": 0,
"services": 0,
"virtual_services": 0,
"label_groups": 0,
"virtual_servers": 0,
"firewall_settings": 0,
"secure_connect_gateways": 0,
"enforcement_boundaries": 0
},
"created_at": "string",
"created_by": {
"href": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | URI of the policy |
| version | integer | true* | none | Policy version |
| workloads_affected | integer,null | true* | none | Number of workloads affected by the policy |
| commit_message | string,null | true* | none | Commit message for the policy |
| object_counts | object | false | none | Number of objects present in the given version of policy |
| » rule_sets | integer | false | none | none |
| » ip_lists | integer | false | none | none |
| » services | integer | false | none | none |
| » virtual_services | integer | false | none | none |
| » label_groups | integer | false | none | none |
| » virtual_servers | integer | false | none | none |
| » firewall_settings | integer | false | none | none |
| » secure_connect_gateways | integer | false | none | none |
| » enforcement_boundaries | integer | false | none | none |
| created_at | string | true* | none | Timestamp when this label was first created |
| created_by | object | false | none | none |
| » href | string | true* | none | User who originally created this label |
sec_policy_delete_put
{
"change_subset": {
"label_groups": [
{
"href": "string"
}
],
"services": [
{
"href": "string"
}
],
"rule_sets": [
{
"href": "string"
}
],
"ip_lists": [
{
"href": "string"
}
],
"virtual_services": [
{
"href": "string"
}
],
"firewall_settings": [
{
"href": "string"
}
],
"secure_connect_gateways": [
{
"href": "string"
}
],
"virtual_servers": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
]
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| change_subset | sec_policy_post/properties/change_subset | false | none | Hash of pending hrefs, organized by model |
sec_policy_impact_post
{
"change_subset": {
"label_groups": [
{
"href": "string"
}
],
"services": [
{
"href": "string"
}
],
"rule_sets": [
{
"href": "string"
}
],
"ip_lists": [
{
"href": "string"
}
],
"virtual_services": [
{
"href": "string"
}
],
"firewall_settings": [
{
"href": "string"
}
],
"secure_connect_gateways": [
{
"href": "string"
}
],
"virtual_servers": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
]
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| change_subset | sec_policy_post/properties/change_subset | false | none | Hash of pending hrefs, organized by model |
sec_policy_dependencies_post
{
"operation": "commit",
"change_subset": {
"label_groups": [
{
"href": "string"
}
],
"services": [
{
"href": "string"
}
],
"rule_sets": [
{
"href": "string"
}
],
"ip_lists": [
{
"href": "string"
}
],
"virtual_services": [
{
"href": "string"
}
],
"firewall_settings": [
{
"href": "string"
}
],
"secure_connect_gateways": [
{
"href": "string"
}
],
"virtual_servers": [
{
"href": "string"
}
],
"enforcement_boundaries": [
{
"href": "string"
}
]
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| operation | string | true* | none | Commit or revert |
| change_subset | sec_policy_post/properties/change_subset | true* | none | Hash of pending hrefs, organized by model |
Enumerated Values
| Property | Value |
|---|---|
| operation | commit |
| operation | revert |
sec_policy_restore_post
{}
Properties
None
sec_policy_policy_check_get
{
"sec_rules": [
{
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"username": "string"
},
"updated_by": {
"username": "string"
},
"deleted_by": null,
"update_type": null,
"update_label": null,
"href": "string",
"enabled": true,
"description": null,
"ingress_services": [
{
"href": "string"
}
],
"egress_services": [
{
"href": "string"
}
],
"resolve_labels_as": {
"providers": [
"workloads"
],
"consumers": [
"workloads"
]
},
"sec_connect": true,
"stateless": true,
"machine_auth": true,
"providers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string"
},
"virtual_service": {
"href": "string",
"name": null
},
"virtual_server": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"label_dimension": "app",
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
},
"workload": {
"href": "string",
"name": null,
"hostname": null,
"deleted": null
},
"virtual_service": {
"href": "string"
},
"ip_list": {
"href": "string",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"deleted_by": null,
"update_type": "create",
"name": "string"
}
}
],
"consuming_security_principals": [
{
"href": "string",
"sid": "string",
"name": "string",
"description": "string",
"deleted": true,
"used_by_ruleset": true
}
],
"unscoped_consumers": true,
"use_workload_subnets": [
"providers"
],
"rule_set": {
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": {
"username": "string"
},
"updated_by": {
"username": "string"
},
"deleted_by": null,
"update_type": null,
"update_label": null,
"href": "string",
"name": "string",
"enabled": true,
"external_data_set": null,
"external_data_reference": null,
"scopes": [
[
{
"exclusion": false,
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
],
"caps": [
"write"
]
},
"log_flow": true,
"network_type": "brn"
}
],
"deny_rules": [
{
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": null,
"updated_by": null,
"deleted_by": null,
"update_type": "create",
"href": "string",
"providers": [
{
"actors": "ams",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"ingress_services": [
{
"href": "string"
}
],
"egress_services": [
{
"href": "string"
}
],
"caps": [
"write"
],
"enabled": true,
"description": null,
"network_type": "brn",
"override": false,
"unscoped_consumers": true
}
],
"override_deny_rules": [
{
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"deleted_at": null,
"created_by": null,
"updated_by": null,
"deleted_by": null,
"update_type": "create",
"href": "string",
"providers": [
{
"actors": "ams",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"consumers": [
{
"actors": "ams",
"exclusion": false,
"label": {
"href": "string"
},
"label_group": {
"href": "string"
},
"ip_list": {
"href": "string"
},
"workload": {
"href": "string"
}
}
],
"ingress_services": [
{
"href": "string"
}
],
"egress_services": [
{
"href": "string"
}
],
"caps": [
"write"
],
"enabled": true,
"description": null,
"network_type": "brn",
"override": false,
"unscoped_consumers": true
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| sec_rules | [allOf] | true* | none | Array of allow rules |
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | Enforcement boundary |
| »» created_at | string(date-time) | false | none | Timestamp when record was first created |
| »» updated_at | string(date-time) | false | none | Timestamp when record was last updated |
| »» deleted_at | string,null(date-time) | false | none | Timestamp when record was deleted |
| »» created_by | object | false | none | none |
| »»» username | string | false | none | The username which created this record |
| »» updated_by | object | false | none | none |
| »»» username | string | false | none | The username which last updated this record |
| »» deleted_by | object,null | false | none | none |
| »»» username | string | false | none | The username which deleted this record |
| »» update_type | any | false | none | Type of update |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | null | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» update_label | any | false | none | Type of update |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | null | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» href | string | true* | none | URI of object |
| »» enabled | boolean | false | none | Enabled flag |
| »» description | string,null | false | none | Description |
| »» ingress_services | sec_policy_enforcement_boundaries_get/properties/ingress_services | true* | none | Array of service URI and port/protocol combinations |
| »» egress_services | [sec_policy_virtual_servers_get/properties/created_by] | false | none | Array of objects |
| »» resolve_labels_as | sec_policy_rule_sets_put/properties/rules/items/properties/resolve_labels_as | false | none | none |
| »» sec_connect | boolean | false | none | Whether a secure connection is established |
| »» stateless | boolean | false | none | Whether packet filtering is stateless for the rule |
| »» machine_auth | boolean | false | none | Whether machine authentication is enabled |
| »» providers | sec_policy_rule_sets_sec_rules_get/properties/providers | true* | none | Providers |
| »» consumers | sec_policy_rule_sets_sec_rules_get/properties/consumers | true* | none | Consumers |
| »» consuming_security_principals | sec_policy_rule_sets_sec_rules_get/properties/consuming_security_principals | false | none | Hrefs of consuming security principals |
| »» unscoped_consumers | boolean | false | none | Set the scope for rule consumers to All |
| »» use_workload_subnets | sec_policy_rule_sets_put/properties/rules/items/properties/use_workload_subnets | false | none | Whether to use workload subnets instead of IP addresses for the providers/consumers |
| »» rule_set | sec_policy_policy_check_get/properties/sec_rules/items/allOf/1/rule_set | false | none | Parent Rule Set of a Rule |
| »» log_flow | boolean | false | none | If false, the VEN will not log any traffic that matches this flow. |
| »» network_type | sec_policy_rule_sets_put/properties/rules/items/properties/network_type | false | none | Network types that this rule should apply to. |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | any | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| deny_rules | [allOf] | true* | none | Array of deny rules |
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | Enforcement boundary |
| »» created_at | string(date-time) | false | none | Timestamp when this Enforcement Boundary was first created |
| »» updated_at | string(date-time) | false | none | Timestamp when this Enforcement Boundary was last updated |
| »» deleted_at | string,null(date-time) | false | none | Timestamp when this Enforcement Boundary was deleted |
| »» created_by | object,null | false | none | none |
| »»» href | string | true* | none | User who originally created this Enforcement Boundary |
| »» updated_by | object,null | false | none | none |
| »»» href | string | true* | none | User who last updated this Enforcement Boundary |
| »» deleted_by | object,null | false | none | none |
| »»» href | string | true* | none | User who deleted this Enforcement Boundary |
| »» update_type | sec_policy_virtual_services_get/properties/update_type | false | none | Versioned policy object update type |
| »» href | string | true* | none | The job URI. |
| »» providers | [object] | true* | none | Enforcement boundary actor |
| »»» actors | string | false | none | Rule actors are all workloads ('ams') |
| »»» exclusion | boolean | false | none | Boolean to specify whether or not the actor is an exclusion - only for labels and label groups |
| »»» label | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| »»» label_group | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| »»» ip_list | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| »»» workload | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
| »» consumers | sec_policy_policy_check_get/properties/deny_rules/items/allOf/0/properties/providers | true* | none | Enforcement boundary actor |
| »» ingress_services | sec_policy_enforcement_boundaries_get/properties/ingress_services | true* | none | Array of service URI and port/protocol combinations |
| »» egress_services | sec_policy_policy_check_get/properties/sec_rules/items/allOf/0/properties/egress_services | false | none | Array of objects |
| »» caps | sec_policy_pending_get/properties/firewall_settings/items/properties/caps | false | none | Array of permissions for the entity for the current user - an empty array implies read only access |
| »» enabled | boolean | false | none | Enabled flag |
| »» description | string,null | false | none | Description |
| »» network_type | sec_policy_rule_sets_put/properties/rules/items/properties/network_type | false | none | Network types that this rule should apply to. |
| »» override | boolean | false | none | When true, the deny rule will override and take precedence over other user defined allow rules. |
| »» unscoped_consumers | boolean | false | none | Set the scope for rule consumers to All |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | any | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| override_deny_rules | [allOf] | true* | none | Array of override deny rules |
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | sec_policy_policy_check_get/properties/deny_rules/items/allOf/0 | false | none | Enforcement boundary |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | any | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| anonymous | create |
| anonymous | update |
| anonymous | delete |
| anonymous | create |
| anonymous | update |
| anonymous | delete |
| actors | ams |
sec_policy_modified_objects_get
{
"update_type": null,
"object_type": null,
"href": null,
"name": "string",
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"href": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| update_type | any | true* | none | Type of update |
| object_type | any | true* | none | Object Type |
| href | any | true* | none | Href of modified object |
| name | string | false | none | Name |
| updated_at | string(date-time) | true* | none | The time (rfc3339 timestamp) at which this resource was last updated |
| updated_by | object | true* | none | none |
| » href | string | true* | none | The URI of the user who last updated this resource |
support_bundle_requests_get
{
"href": {
"href": "string"
},
"name": "string",
"download_url": {
"href": "string"
},
"requested_at": "2025-04-01T00:21:27Z",
"completed_at": null,
"status": "string",
"created_by": {
"href": "string"
},
"include_logs": true,
"starting_at": null,
"ending_at": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | sec_policy_virtual_servers_get/properties/created_by | true* | none | none |
| name | string | true* | none | The name of the support bundle |
| download_url | any | true* | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | sec_policy_virtual_servers_get/properties/created_by | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | null | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| requested_at | string(date-time) | true* | none | Time support bundle requested |
| completed_at | string,null(date-time) | true* | none | Time support bundle completed |
| status | string | true* | none | A status annunciator indicating the state of this request |
| created_by | sec_policy_virtual_servers_get/properties/created_by | true* | none | none |
| include_logs | boolean | true* | none | Set to true if logs are to be included |
| starting_at | string,null(date-time) | true* | none | Start date for log filtering |
| ending_at | string,null(date-time) | true* | none | End date for log filtering. |
support_bundle_requests_post
{
"include_logs": true,
"starting_at": null,
"ending_at": null
}
Support bundle request for PCE cluster
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| include_logs | boolean | false | none | Set to true if logs are to be included |
| starting_at | string,null(date-time) | false | none | Start date for log filtering |
| ending_at | string,null(date-time) | false | none | End date for log filtering. |
users_api_keys_get
{
"key_id": "string",
"auth_username": "string",
"created_at": "2025-04-01T00:21:27Z",
"name": "string",
"description": "string",
"href": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| key_id | string | true* | none | The key ID |
| auth_username | string | true* | none | Username required for authentication |
| created_at | string(date-time) | true* | none | Timestamp when this key was first created (RFC 3339) |
| name | string | true* | none | The key name - just a label to be used |
| description | string | false | none | The description of the key |
| href | string | true* | none | URI of the key |
users_api_keys_post
{
"name": "string",
"description": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | The key name - just a label to be used |
| description | string | false | none | The description of the key |
users_api_keys_put
{
"name": "string",
"description": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | The key name - just a label to be used |
| description | string | false | none | The description of the key |
users_local_profile_post
{}
Create local user profile
Properties
None
users_local_profile_password_put
{
"current_password": "string",
"new_password": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| current_password | string | true* | none | current password |
| new_password | string | true* | none | new password |
users_local_profile_reinvite_put
{}
Reinvite a local user
Properties
None
users_post
{
"username": "[email protected]",
"full_name": "string",
"time_zone": "string",
"type": "local"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| username | string(email) | true* | none | username is an email address e.g. [email protected] |
| full_name | string | false | none | User's full name |
| time_zone | string | false | none | Time Zone IANA Region Name |
| type | string | true* | none | User's type, i.e. user authenticated local or remotely via SAML |
Enumerated Values
| Property | Value |
|---|---|
| type | local |
users_get
{
"href": "string",
"username": "string",
"last_login_on": "string",
"last_login_ip_address": "string",
"login_count": 0,
"full_name": "string",
"time_zone": "string",
"locked": true,
"effective_groups": [
"string"
],
"local_profile": {},
"updated_at": "2025-04-01T00:21:27Z",
"created_at": "2025-04-01T00:21:27Z",
"type": "string",
"presence_status": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | URI of the user |
| username | string | true* | none | The User name as an email address |
| last_login_on | string | true* | none | This is populated automatically after a login |
| last_login_ip_address | string | true* | none | This is populated automatically after a login |
| login_count | integer | true* | none | Number of times this user logged in |
| full_name | string | true* | none | User's full name |
| time_zone | string | true* | none | Time Zone IANA Region Name |
| locked | boolean | false | none | Flag to indicate whether account is locked |
| effective_groups | [string] | false | none | List of group names the user is a member of |
| local_profile | object | false | none | Local user profile |
| updated_at | string(date-time) | true* | none | Timestamp when this user was last updated |
| created_at | string(date-time) | true* | none | Timestamp when this user was first created |
| type | string | true* | none | User's type, i.e. user authenticated local or remotely via SAML |
| presence_status | string | false | none | Status of the user |
users_login_get
{
"href": "string",
"auth_username": "string",
"session_token": "string",
"inactivity_expiration_minutes": 0,
"last_login_on": "2025-04-01T00:21:27Z",
"last_login_ip_address": "string",
"full_name": "string",
"type": "string",
"time_zone": "string",
"product_version": {
"product_version": {
"version": "string",
"build": 0,
"release_info": "string",
"engineering_info": "string",
"long_display": "string",
"short_display": "string",
"product_name": "string"
}
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | User URI |
| auth_username | string | true* | none | Username required for authentication |
| session_token | string | true* | none | A token used in place of a password for all REST API calls for this user - it is only valid for the IP the login was called from |
| inactivity_expiration_minutes | integer | true* | none | How long this token will remain active if not used. It will last for at least this long. |
| last_login_on | string(date-time) | false | none | Last time the user logged in |
| last_login_ip_address | string | false | none | Last IP the user logged in from |
| full_name | string | true* | none | User's full name |
| type | string | true* | none | User's type, i.e. user authenticated local or remotely via SAML |
| time_zone | string | false | none | The time zone setting for this user |
| product_version | object | true* | none | none |
| » product_version | object | true* | none | The product version object |
| »» version | string | true* | none | The product version major.minor.patch |
| »» build | integer | true* | none | The build number |
| »» release_info | string | false | none | A extra string designator for the release |
| »» engineering_info | string | false | none | A extra string designator used for engineering only |
| »» long_display | string | false | none | A version string for human consumption |
| »» short_display | string | false | none | A version string for human consumption |
| »» product_name | string | true* | none | The product name (e.g. asp or edge) |
users_logout_put
{}
Properties
None
users_put
{
"full_name": "string",
"time_zone": "string",
"locked": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| full_name | string | false | none | User's full name |
| time_zone | string | false | none | Time Zone IANA Region Name |
| locked | boolean | false | none | Flag to indicate whether account is locked |
orgs_roles_get
[
{
"href": "string"
}
]
The list of roles in this org
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | [orgs_permissions_put/properties/role] | false | none | The list of roles in this org |
orgs_auth_security_principals_get
[
{
"type": "user",
"name": "string",
"display_name": "string",
"access_restriction": null,
"href": "string"
}
]
The list of the auth_security_principals in this org
Properties
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | orgs_auth_security_principals_post/allOf/0 | false | none | none |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | orgs_permissions_put/properties/auth_security_principal | false | none | none |
orgs_auth_security_principals_post
{
"type": "user",
"name": "string",
"display_name": "string",
"access_restriction": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| type | string | true* | none | type of the auth_security_principal |
| name | string | true* | none | name of auth_security_principal |
| display_name | string | false | none | name of auth_security_principal |
| access_restriction | object,null | false | none | Access restriction assigned to this user |
| » href | string | true* | none | Access restriction URI |
Enumerated Values
| Property | Value |
|---|---|
| type | user |
| type | group |
orgs_auth_security_principals_put
{}
The details of security principal to edit
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| type | string | false | none | type of the auth_security_principal |
| name | string | false | none | name of the auth_security_principal |
| display_name | string | false | none | display name of the auth_security_principal |
| access_restriction | object,null | false | none | Access restriction assigned to this user |
| » href | string | true* | none | Access restriction URI |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| type | user |
| type | group |
orgs_access_restrictions_get
{
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"updated_by": {
"href": "string"
},
"devices": [
{
"href": "string",
"config": {
"host": "string",
"port": 0,
"credential_type": "password",
"username": "string",
"credential": null,
"check_certificate": true
},
"status": {
"connection_state": "pending",
"software_version": "string",
"sync_state": "in_sync"
}
}
]
}
Properties
None
orgs_access_restrictions_post
{
"name": "string",
"description": "string",
"ips": [
null
],
"enforcement_exclusions": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | User assigned name of the access restriction |
| description | string | false | none | User assigned description of the access restriction |
| ips | [oneOf] | true* | none | Array of ip addresses or CIDR blocks |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | any | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| enforcement_exclusions | array,null | false | none | The types of API access methods that are excluded from access restriction enforcement |
orgs_access_restrictions_put
{
"name": "string",
"description": "string",
"ips": [
null
],
"enforcement_exclusions": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | User assigned name of the access restriction |
| description | string | false | none | User assigned description of the access restriction |
| ips | [orgs_access_restrictions_post/properties/ips/items] | false | none | Array of ip addresses or CIDR blocks |
| enforcement_exclusions | array,null | false | none | The types of API access methods that are excluded from access restriction enforcement |
settings_syslog_destinations_get
[
{
"href": "string",
"pce_scope": [
"string"
],
"type": "string",
"description": "string",
"audit_event_logger": {
"configuration_event_included": true,
"system_event_included": true,
"min_severity": "error"
},
"traffic_event_logger": {
"traffic_flow_allowed_event_included": true,
"traffic_flow_potentially_blocked_event_included": true,
"traffic_flow_blocked_event_included": true
},
"node_status_logger": {
"node_status_included": true
},
"remote_syslog": {
"address": "string",
"port": 0,
"protocol": 0,
"tls_enabled": true,
"tls_ca_bundle": "string",
"tls_verify_cert": true
}
}
]
List of destinations
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | URI of the destination |
| pce_scope | [string] | true* | none | none |
| type | string | true* | none | Destination type |
| description | string | true* | none | Description of the destination |
| audit_event_logger | object | true* | none | none |
| » configuration_event_included | boolean | true* | none | Configuration (Northbound) auditable events |
| » system_event_included | boolean | true* | none | System (PCE) auditable events |
| » min_severity | settings_syslog_destinations_post/properties/audit_event_logger/properties/min_severity | true* | none | Minimum severity level of audit event messages. |
| traffic_event_logger | object | true* | none | none |
| » traffic_flow_allowed_event_included | boolean | true* | none | Set to enable traffic flow events |
| » traffic_flow_potentially_blocked_event_included | boolean | true* | none | Set to enable traffic flow events |
| » traffic_flow_blocked_event_included | boolean | true* | none | Set to enable traffic flow events |
| node_status_logger | object | true* | none | none |
| » node_status_included | boolean | true* | none | Syslog messages regarding status of the nodes |
| remote_syslog | object | false | none | none |
| » address | string | true* | none | The remote syslog IP or DNS address |
| » port | integer | true* | none | The remote syslog port |
| » protocol | integer | true* | none | The protocol for streaming syslog messages |
| » tls_enabled | boolean | true* | none | To enable TLS |
| » tls_ca_bundle | string | false | none | Trustee CA bundle |
| » tls_verify_cert | boolean | true* | none | Perform TLS verification |
settings_syslog_destinations_post
{
"pce_scope": [
"string"
],
"type": "local_syslog",
"description": "string",
"audit_event_logger": {
"configuration_event_included": true,
"system_event_included": true,
"min_severity": "error"
},
"traffic_event_logger": {
"traffic_flow_allowed_event_included": true,
"traffic_flow_potentially_blocked_event_included": true,
"traffic_flow_blocked_event_included": true
},
"node_status_logger": {
"node_status_included": true
},
"remote_syslog": {
"address": "string",
"port": 0,
"protocol": 0,
"tls_enabled": true,
"tls_ca_bundle": "string",
"tls_verify_cert": true
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| pce_scope | [string] | true* | none | none |
| type | string | true* | none | Destination type |
| description | string | true* | none | Description of the destination |
| audit_event_logger | object | true* | none | none |
| » configuration_event_included | boolean | true* | none | Configuration (Northbound) auditable events |
| » system_event_included | boolean | true* | none | System (PCE) auditable events |
| » min_severity | string | true* | none | Minimum severity level of audit event messages. |
| traffic_event_logger | object | true* | none | none |
| » traffic_flow_allowed_event_included | boolean | true* | none | Set to enable traffic flow events |
| » traffic_flow_potentially_blocked_event_included | boolean | true* | none | Set to enable traffic flow events |
| » traffic_flow_blocked_event_included | boolean | true* | none | Set to enable traffic flow events |
| node_status_logger | object | true* | none | none |
| » node_status_included | boolean | true* | none | Syslog messages regarding status of the nodes |
| remote_syslog | object | false | none | none |
| » address | string | true* | none | The remote syslog IP or DNS address |
| » port | integer | true* | none | The remote syslog port |
| » protocol | integer | true* | none | The protocol for streaming syslog messages |
| » tls_enabled | boolean | true* | none | To enable TLS |
| » tls_ca_bundle | string | false | none | Trustee CA bundle |
| » tls_verify_cert | boolean | true* | none | Perform TLS verification |
Enumerated Values
| Property | Value |
|---|---|
| type | local_syslog |
| type | remote_syslog |
| min_severity | error |
| min_severity | warning |
| min_severity | informational |
settings_syslog_destinations_put
{
"href": "string",
"pce_scope": [
"string"
],
"type": "local_syslog",
"description": "string",
"audit_event_logger": {
"configuration_event_included": true,
"system_event_included": true,
"min_severity": "error"
},
"traffic_event_logger": {
"traffic_flow_allowed_event_included": true,
"traffic_flow_potentially_blocked_event_included": true,
"traffic_flow_blocked_event_included": true
},
"node_status_logger": {
"node_status_included": true
},
"remote_syslog": {
"address": "string",
"port": 0,
"protocol": 0,
"tls_enabled": true,
"tls_ca_bundle": "string",
"tls_verify_cert": true
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | URI of the destination |
| pce_scope | [string] | false | none | none |
| type | string | false | none | Destination type |
| description | string | false | none | Description of the destination |
| audit_event_logger | object | false | none | none |
| » configuration_event_included | boolean | false | none | Configuration (Northbound) auditable events |
| » system_event_included | boolean | false | none | System (PCE) auditable events |
| » min_severity | settings_syslog_destinations_post/properties/audit_event_logger/properties/min_severity | false | none | Minimum severity level of audit event messages. |
| traffic_event_logger | object | false | none | none |
| » traffic_flow_allowed_event_included | boolean | false | none | Set to enable traffic flow events |
| » traffic_flow_potentially_blocked_event_included | boolean | false | none | Set to enable traffic flow events |
| » traffic_flow_blocked_event_included | boolean | false | none | Set to enable traffic flow events |
| node_status_logger | object | false | none | none |
| » node_status_included | boolean | false | none | Syslog messages regarding status of the nodes |
| remote_syslog | object | false | none | none |
| » address | string | false | none | The remote syslog IP or DNS address |
| » port | integer | false | none | The remote syslog port |
| » protocol | integer | false | none | The protocol for streaming syslog messages |
| » tls_enabled | boolean | false | none | To enable TLS |
| » tls_ca_bundle | string | false | none | Trustee CA bundle |
| » tls_verify_cert | boolean | false | none | Perform TLS verification |
Enumerated Values
| Property | Value |
|---|---|
| type | local_syslog |
| type | remote_syslog |
settings_events_get
{
"audit_event_retention_seconds": 0,
"audit_event_min_severity": "error",
"format": "string"
}
Org-based event setting
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| audit_event_retention_seconds | integer | true* | none | The time in seconds an audit event is stored in the database |
| audit_event_min_severity | settings_syslog_destinations_post/properties/audit_event_logger/properties/min_severity | true* | none | Minimum severity level of audit event messages. |
| format | string | true* | none | The log format (JSON, CEF, LEEF), which applies to all remote syslog destinations |
settings_events_put
{
"audit_event_retention_seconds": 86400,
"audit_event_min_severity": "error",
"format": "JSON"
}
Org-based event setting
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| audit_event_retention_seconds | integer | false | none | The time in seconds an audit event is stored in the database |
| audit_event_min_severity | settings_syslog_destinations_post/properties/audit_event_logger/properties/min_severity | false | none | Minimum severity level of audit event messages. |
| format | string | false | none | The log format (JSON, CEF, LEEF), which applies to all syslog destinations |
Enumerated Values
| Property | Value |
|---|---|
| format | JSON |
| format | CEF |
| format | LEEF |
settings_trusted_proxy_ips_get
{
"max_trusted_proxy_ips_per_region": 0,
"trusted_proxy_ips": [
{
"pce_fqdn": "string",
"ip": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| max_trusted_proxy_ips_per_region | integer | true* | none | Maximum number of Trusted Proxy IPs allowed for each PCE |
| trusted_proxy_ips | [object] | true* | none | IPs or CIDRs trusted (per-region) for handling clients' X-Forwarded-For header |
| » pce_fqdn | string | true* | none | FQDN of PCE region, or null if not in supercluster |
| » ip | string | true* | none | IP address or CIDR trusted for handling clients' X-Forwarded-For header |
settings_trusted_proxy_ips_put
{
"trusted_proxy_ips": [
{
"pce_fqdn": null,
"ip": null
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| trusted_proxy_ips | [object] | true* | none | IPs or CIDRs trusted (per-region) for handling clients' X-Forwarded-For header |
| » pce_fqdn | string,null | true* | none | FQDN of PCE region, or null if not in supercluster |
| » ip | orgs_access_restrictions_post/properties/ips/items | true* | none | none |
settings_workloads_get
{
"workload_disconnected_timeout_seconds": [
{
"scope": [
{
"href": "string"
}
],
"value": -1,
"ven_type": "server"
}
],
"workload_goodbye_timeout_seconds": [
{
"scope": [
{
"href": "string"
}
],
"value": -1,
"ven_type": "server"
}
],
"workload_disconnected_notification_seconds": [
{
"scope": [
{
"href": "string"
}
],
"warning": -1,
"ven_type": "server"
}
],
"ven_uninstall_timeout_hours": [
{
"scope": [
{
"href": "string"
}
],
"value": -1
}
]
}
Workload setting properties
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| workload_disconnected_timeout_seconds | [object] | true* | none | none |
| » scope | workloads_post/properties/labels | true* | none | Assigned labels |
| » value | integer | true* | none | Property value associated with the scope |
| » ven_type | string,null | false | none | The ven type that this property is applicable to |
| workload_goodbye_timeout_seconds | settings_workloads_get/properties/workload_disconnected_timeout_seconds | true* | none | none |
| workload_disconnected_notification_seconds | [object] | true* | none | none |
| » scope | workloads_post/properties/labels | true* | none | Assigned labels |
| » warning | integer | true* | none | Workload disconnect warning timeout |
| » ven_type | string,null | false | none | The ven type that this property is applicable to |
| ven_uninstall_timeout_hours | [object] | true* | none | none |
| » scope | workloads_post/properties/labels | true* | none | Assigned labels |
| » value | integer | true* | none | Property value associated with the scope |
Enumerated Values
| Property | Value |
|---|---|
| ven_type | server |
| ven_type | endpoint |
| ven_type | null |
| ven_type | server |
| ven_type | endpoint |
settings_workloads_put
{
"workload_disconnected_timeout_seconds": [
{
"scope": [
{
"href": "string"
}
],
"value": -1,
"ven_type": "server"
}
],
"workload_goodbye_timeout_seconds": [
{
"scope": [
{
"href": "string"
}
],
"value": -1,
"ven_type": "server"
}
],
"workload_disconnected_notification_seconds": [
{
"scope": [
{
"href": "string"
}
],
"warning": -1,
"ven_type": "server"
}
],
"ven_uninstall_timeout_hours": [
{
"scope": [
{
"href": "string"
}
],
"value": -1
}
]
}
Workload setting properties
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| workload_disconnected_timeout_seconds | settings_workloads_get/properties/workload_disconnected_timeout_seconds | false | none | none |
| workload_goodbye_timeout_seconds | settings_workloads_get/properties/workload_disconnected_timeout_seconds | false | none | none |
| workload_disconnected_notification_seconds | settings_workloads_get/properties/workload_disconnected_notification_seconds | false | none | none |
| ven_uninstall_timeout_hours | settings_workloads_get/properties/ven_uninstall_timeout_hours | false | none | none |
settings_traffic_collector_post
{
"transmission": "broadcast",
"data_source": "any",
"network": "any",
"target": {
"src_port": 0,
"dst_port": 0,
"proto": 0,
"dst_ip": "string",
"src_ip": "string"
},
"action": "drop"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| transmission | string | true* | none | transmission type: broadcast/multicast/unicast |
| data_source | string | false | none | flow summary data source |
| network | string | false | none | flow summary network |
| target | object | false | none | none |
| » src_port | integer | false | none | none |
| » dst_port | integer | false | none | none |
| » proto | integer | true* | none | none |
| » dst_ip | string | false | none | single destination ip address or CIDR |
| » src_ip | string | false | none | single source ip address or CIDR |
| action | string | true* | none | drop or aggregate the target traffic |
Enumerated Values
| Property | Value |
|---|---|
| transmission | broadcast |
| transmission | multicast |
| transmission | unicast |
| data_source | any |
| data_source | server |
| data_source | endpoint |
| network | any |
| network | corporate |
| network | external |
| action | drop |
| action | aggregate |
settings_traffic_collector_get
{
"href": "string",
"transmission": "string",
"data_source": "string",
"network": "string",
"target": {
"src_port": 0,
"dst_port": 0,
"proto": 0,
"dst_ip": "string",
"src_ip": "string"
},
"action": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | URI of the destination |
| transmission | string | true* | none | transmission type: broadcast/multicast/unicast |
| data_source | string | false | none | flow summary data source |
| network | string | false | none | flow summary network |
| target | object | false | none | none |
| » src_port | integer | false | none | none |
| » dst_port | integer | false | none | none |
| » proto | integer | true* | none | none |
| » dst_ip | string | false | none | single destination ip address or CIDR |
| » src_ip | string | false | none | single source ip address or CIDR |
| action | string | true* | none | drop or aggregate the target traffic |
settings_traffic_collector_put
{
"transmission": "broadcast",
"data_source": "any",
"network": "any",
"target": {
"src_port": null,
"dst_port": null,
"proto": 0,
"dst_ip": "string",
"src_ip": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| transmission | string | false | none | transmission type: broadcast/multicast/unicast |
| data_source | string | false | none | flow summary data source |
| network | string | false | none | flow summary network |
| target | object | false | none | none |
| » src_port | integer,null | false | none | none |
| » dst_port | integer,null | false | none | none |
| » proto | integer | false | none | none |
| » dst_ip | string | false | none | single destination ip address or CIDR |
| » src_ip | string | false | none | single source ip address or CIDR |
Enumerated Values
| Property | Value |
|---|---|
| transmission | broadcast |
| transmission | multicast |
| transmission | unicast |
| data_source | any |
| data_source | server |
| data_source | endpoint |
| network | any |
| network | corporate |
| network | external |
settings_get
{
"href": "http://example.com",
"num_assets_requiring_ransomware_protection": null,
"automatic_label_application_on_ven_activation": true,
"rule_based_label_maker_schedule_enabled": true,
"rule_based_label_maker_schedule": null,
"max_explorer_query_timespan_days": 97,
"max_api_key_expiration_in_seconds": 7776000,
"expired_api_keys_retention_in_seconds": 7776000,
"advanced_ruleset_display": true,
"ven_maintenance_token_required": false,
"cloud_secure_tenant_id": "string",
"use_census_permissions": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string(uri) | false | none | Org Setting URI |
| num_assets_requiring_ransomware_protection | integer,null | false | none | number of assets that need ransomware protection for this org |
| automatic_label_application_on_ven_activation | boolean | false | none | Automatically apply label rules when VEN is activated |
| rule_based_label_maker_schedule_enabled | boolean | false | none | True or false based on whether the rule based label maker schedule is enabled. |
| rule_based_label_maker_schedule | object,null | false | none | Schedule used for application of label rules |
| » schedule_time | string(date-time) | false | none | The time at which the label rules should be run |
| » frequency | string | false | none | The frequency at which the schedule is to be executed |
| » day_of_week | [string] | false | none | Applies only in case of weekly schedule and indicates the days on which the schedule will be run. |
| » day_of_month | integer | false | none | Applies only in case of monthly schedule and indicates the day on which the schedule will be run. |
| max_explorer_query_timespan_days | integer | false | none | maximum timespan of an explorer query in day(s) for this org |
| max_api_key_expiration_in_seconds | integer | false | none | Validity of api_key in seconds; -1 specifies api_keys never expire |
| expired_api_keys_retention_in_seconds | integer | false | none | Retention of expired api_keys in the database |
| advanced_ruleset_display | boolean | false | none | When true, the UI will display rulesets in advanced mode. This means that scopes will be displayed for any unscoped rulesets, including newly added rulesets. |
| ven_maintenance_token_required | boolean | false | none | Identifies if the tampering protection for the VEN and endpoints is enabled or not. |
| cloud_secure_tenant_id | string | false | none | Cloud Secure tenant id corresponding to this organization |
| use_census_permissions | boolean | false | none | Flag to indicate whether the PCE org will obtain permissions from census or from local database |
Enumerated Values
| Property | Value |
|---|---|
| frequency | daily |
| frequency | weekly |
| frequency | monthly |
settings_put
{
"num_assets_requiring_ransomware_protection": 1,
"automatic_label_application_on_ven_activation": true,
"rule_based_label_maker_schedule_enabled": true,
"rule_based_label_maker_schedule": null,
"max_api_key_expiration_in_seconds": 7776000,
"expired_api_keys_retention_in_seconds": 7776000,
"advanced_ruleset_display": true,
"ven_maintenance_token_required": false,
"cloud_secure_tenant_id": "string",
"use_census_permissions": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| num_assets_requiring_ransomware_protection | integer | false | none | number of assets that need ransomware protection for this org |
| automatic_label_application_on_ven_activation | boolean | false | none | Automatically apply labels rules when VEN is activated |
| rule_based_label_maker_schedule_enabled | boolean | false | none | True or false based on whether the rule based label maker schedule is enabled. |
| rule_based_label_maker_schedule | settings_get/properties/rule_based_label_maker_schedule | false | none | Schedule used for application of label rules |
| max_api_key_expiration_in_seconds | integer | false | none | Validity of api_key in seconds; -1 specifies api_keys never expire |
| expired_api_keys_retention_in_seconds | integer | false | none | Retention of expired api_keys in the database |
| advanced_ruleset_display | boolean | false | none | When true, the UI will display rulesets in advanced mode. This means that scopes will be displayed for any unscoped rulesets, including newly added rulesets. |
| ven_maintenance_token_required | boolean | false | none | Identifies if the tampering protection for the VEN and endpoints is enabled or not. |
| cloud_secure_tenant_id | string | false | none | Cloud Secure tenant id corresponding to this organization |
| use_census_permissions | boolean | false | none | Flag to indicate whether the PCE org will obtain permissions from census or from local database |
service_accounts_api_keys_post
{
"expires_in_seconds": "default"
}
api_key addition
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| expires_in_seconds | any | true* | none | Validity of the api_key, in seconds |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | integer | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| anonymous | default |
api_keys_get
{
"key_id": "string",
"auth_username": "string",
"name": null,
"description": "string",
"state": "string",
"expires_in_seconds": 0,
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "string"
},
"last_login_on": "2025-04-01T00:21:27Z",
"account": {
"href": "string",
"type": "string",
"name": "string",
"access_restriction": null,
"permissions": [
{
"href": "string",
"role": {
"href": "string"
},
"scope": [
{
"label": {
"href": "string",
"key": "string",
"value": "string"
},
"label_group": {
"href": "string",
"key": "string",
"name": "string"
}
}
]
}
]
},
"href": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| key_id | string | true* | none | The key ID |
| auth_username | string | true* | none | Username required for authentication |
| name | string,null | true* | none | The key name - just a label to be used |
| description | string | false | none | The description of the key |
| state | string | false | none | State of the api_key |
| expires_in_seconds | integer | false | none | Validity of the api_key in seconds |
| created_at | string(date-time) | true* | none | Timestamp when this key was first created (RFC 3339) |
| created_by | object | false | none | none |
| » href | string | true* | none | User who originally created this api key |
| last_login_on | string(date-time) | false | none | Timestamp when this key was last used |
| account | object | false | none | none |
| » href | string | true* | none | Associated identity |
| » type | string | true* | none | Type of account |
| » name | string | true* | none | Name of the account |
| » access_restriction | object,null | false | none | Access restriction assigned to the api_keys under this service_account |
| »» href | string | true* | none | Access restriction URI |
| » permissions | [object] | false | none | List of permissions |
| »» href | string | false | none | URI of the permission entity |
| »» role | orgs_permissions_put/properties/role | true* | none | none |
| »» scope | orgs_permissions_put/properties/scope | true* | none | none |
| » href | string | true* | none | URI of the key |
optional_features_get
[
{
"name": "string",
"preview": true,
"enabled": true
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true* | none | The name of the feature |
| preview | boolean | false | none | Is this a preview feature |
| enabled | boolean | true* | none | Is this feature enabled |
optional_features_put
[
{
"name": "ip_forwarding_firewall_setting",
"enabled": true
}
]
Properties
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » name | string | true* | none | Name of the feature |
| » enabled | boolean | true* | none | Enable or disable this feature |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » name | string | true* | none | Name of the feature |
| » enabled | boolean | true* | none | Enable or disable this feature |
| » key | string | false | none | Key required to enable the feature. Contact Illumio Support for more details. |
Enumerated Values
| Property | Value |
|---|---|
| name | ip_forwarding_firewall_setting |
| name | ui_analytics |
| name | illumination_classic |
| name | ransomware_readiness_dashboard |
| name | per_rule_flow_log_setting |
| name | lightning_default |
| name | collector_scanner_filters |
| name | corporate_ips_groups |
| name | labels_editing_warning_for_enforcement_mode |
| name | label_based_network_detection |
| name | cloudsecure_enabled |
| name | windows_outbound_process_enforcement |
| name | rule_based_label_mapping |
| name | core_insights |
| name | rule_info_exposure_to_syslog |
| name | editable_dns_client_rule |
| name | editable_dhcp_client_rule |
authentication_settings_saml_configs_get
{
"href": "string",
"cluster_fqdn": "string",
"idp_sso_target_url": "string",
"idp_slo_target_url": "string",
"idp_cert": "string",
"issuer": "string",
"consumer_service_url": "string",
"consumer_logout_url": "string",
"name_identifier_format": "string",
"authn_context": "string",
"force_authn": true,
"sign_authn_request": false,
"pce_signing_cert": "string",
"pce_signing_cert_expires_at": "2025-04-01T00:21:27Z",
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"username": "string"
},
"updated_by": {
"username": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | SAML config URI |
| cluster_fqdn | string | true* | none | The FQDN of the PCE cluster |
| idp_sso_target_url | string | true* | none | The identity provider URL to which the authentication request should be sent |
| idp_slo_target_url | string | true* | none | The identity provider URL to which the logout request should be sent |
| idp_cert | string | true* | none | The certificate provided from the identity provider when setting up the relationship |
| issuer | string | true* | none | The URL for the Illumio login server. Some identity providers might need this to establish the identity of the service provider requesting authentication. |
| consumer_service_url | string | true* | none | The Illumio login server URL at which the SAML authentication assertion should be received |
| consumer_logout_url | string | true* | none | The Illumio login server URL at which the SAML logout assertion should be received |
| name_identifier_format | string | false | none | Describes the format of the username required by the Illumio login server |
| authn_context | string | true* | none | The URI of the authentication context class you want the identity provider to use to authenticate user, with possible values being NULL (unspecified) or urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport |
| force_authn | boolean | true* | none | Defines whether or not the identity provider should force re-authentication of the user, even if the user has still a valid session |
| sign_authn_request | boolean | true* | none | Defines whether or not PCE should sign saml authN request to IdP; default is false |
| pce_signing_cert | string | false | none | The certificate generated by the PCE that needs to be uploaded to the IdP; this certificate will be used by the IdP to verify the signature of authN request if sign_authn_request is enabled |
| pce_signing_cert_expires_at | string(date-time) | false | none | Timestamp of when pce_signing_cert expires |
| created_at | string(date-time) | true* | none | Timestamp when SAML configuration was first created |
| updated_at | string(date-time) | true* | none | Timestamp when SAML configuration was last updated |
| created_by | object | true* | none | none |
| » username | string | false | none | The username which created this SAML configuration |
| updated_by | object | true* | none | none |
| » username | string | false | none | The username which last updated this SAML configuration |
authentication_settings_saml_configs_put
{
"idp_sso_target_url": "string",
"idp_slo_target_url": "string",
"idp_cert": "string",
"authn_context": "string",
"force_authn": true,
"sign_authn_request": false
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| idp_sso_target_url | string | false | none | The identity provider URL to which the authentication request should be sent |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string(url) | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| idp_slo_target_url | any | false | none | The identity provider URL to which the logout request should be sent |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string(url) | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| idp_cert | string | false | none | The certificate provided from the identity provider when setting up the relationship |
| authn_context | string | false | none | The URI of the authentication context class you want the identity provider to use to authenticate user, with possible values being NULL (unspecified) or urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport |
| force_authn | boolean | false | none | Defines whether or not the identity provider should force re-authentication of the user, even if the user has still a valid session |
| sign_authn_request | boolean | false | none | Defines whether or not PCE should sign saml authN request to IdP; default is false |
Enumerated Values
| Property | Value |
|---|---|
| anonymous | |
| anonymous |
authentication_settings_saml_configs_pce_signing_cert_post
{}
Properties
None
authentication_settings_ldap_configs_get
{
"href": "string",
"pce_fqdn": "string",
"name": "string",
"address": "string",
"port": 0,
"authentication_method": "string",
"request_timeout_seconds": 1,
"bind_distinguished_name": "string",
"is_bind_password_set": true,
"user_base_distinguished_name": "string",
"user_distinguished_name_pattern": "string",
"user_base_filter": "string",
"username_attribute": "string",
"full_name_attribute": "string",
"user_memberof_attribute": "string",
"tls_ca_bundle": "string",
"insecure_disable_tls_certificate_verification": true,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"created_by": {
"username": "string"
},
"updated_by": {
"username": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | LDAP config URI |
| pce_fqdn | string | true* | none | The FQDN of the PCE cluster |
| name | string | false | none | Friendly name of the LDAP server |
| address | string | true* | none | IP address or host name of the LDAP server |
| port | integer | true* | none | Port number of the LDAP server |
| authentication_method | string | true* | none | Authentication types |
| request_timeout_seconds | integer | true* | none | Number of seconds to wait for response |
| bind_distinguished_name | string | true* | none | Distinguished name (DN) used to bind to the LDAP server |
| is_bind_password_set | boolean | true* | none | Flag to indicate whether Bind DN password is set |
| user_base_distinguished_name | string | true* | none | Base distinguished name to be used for login |
| user_distinguished_name_pattern | string | false | none | Pattern used to create a DN string for a user during login, e.g. uid=*,ou=people, where * will be replaced with the username |
| user_base_filter | string | false | none | Search filter used to query the LDAP tree for users |
| username_attribute | string | true* | none | Attribute on a user object which contains the username, e.g. uid, sAMAccountName |
| full_name_attribute | string | false | none | Attribute on a user object which contains the full name, e.g. cn, commonName, displayName |
| user_memberof_attribute | string | false | none | Attribute on a user object containing group membership information, e.g. memberOf, isMemberOf |
| tls_ca_bundle | string | true* | none | Trustee CA bundle |
| insecure_disable_tls_certificate_verification | boolean | true* | none | Specifies whether to verify the server certificate when establishing an SSL connection to the LDAP server. WARNING: The use of this feature decreases the security of the system, and should only be used with full understanding of the ramifications. |
| created_at | string(date-time) | true* | none | Timestamp when LDAP configuration was first created |
| updated_at | string(date-time) | true* | none | Timestamp when LDAP configuration was last updated |
| created_by | object | true* | none | none |
| » username | string | false | none | The username which created this LDAP configuration |
| updated_by | object | true* | none | none |
| » username | string | false | none | The username which last updated this LDAP configuration |
authentication_settings_ldap_configs_post
{
"pce_fqdn": "string",
"name": null,
"address": "string",
"port": 0,
"authentication_method": "LDAP",
"request_timeout_seconds": 1,
"bind_distinguished_name": null,
"bind_password": null,
"user_base_distinguished_name": "string",
"user_distinguished_name_pattern": null,
"user_base_filter": null,
"username_attribute": "string",
"full_name_attribute": null,
"user_memberof_attribute": null,
"tls_ca_bundle": null,
"insecure_disable_tls_certificate_verification": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| pce_fqdn | string | false | none | The FQDN of the PCE cluster |
| name | string,null | false | none | Friendly name of the LDAP server |
| address | string | true* | none | IP address or host name of the LDAP server |
| port | integer | true* | none | Port number of the LDAP server |
| authentication_method | string | true* | none | Authentication types |
| request_timeout_seconds | integer | false | none | Number of seconds to wait for response |
| bind_distinguished_name | string,null | false | none | Distinguished name (DN) used to bind to the LDAP server |
| bind_password | string,null | false | none | Bind DN password |
| user_base_distinguished_name | string | true* | none | Base distinguished name to be used for login |
| user_distinguished_name_pattern | string,null | false | none | Pattern used to create a DN string for a user during login, e.g. uid=*,ou=people, where * will be replaced with the username |
| user_base_filter | string,null | false | none | Search filter used to query the LDAP tree for users |
| username_attribute | string | true* | none | Attribute on a user object which contains the username, e.g. uid, sAMAccountName |
| full_name_attribute | string,null | false | none | Attribute on a user object which contains the full name, e.g. cn, commonName, displayName |
| user_memberof_attribute | string,null | false | none | Attribute on a user object containing group membership information, e.g. memberOf, isMemberOf |
| tls_ca_bundle | string,null | false | none | Trustee CA bundle |
| insecure_disable_tls_certificate_verification | boolean | false | none | Specifies whether to verify the server certificate when establishing an SSL connection to the LDAP server. WARNING: The use of this feature decreases the security of the system, and should only be used with full understanding of the ramifications. |
Enumerated Values
| Property | Value |
|---|---|
| authentication_method | LDAP |
| authentication_method | LDAPS |
| authentication_method | STARTTLS |
authentication_settings_ldap_configs_put
{
"name": null,
"address": "string",
"port": 0,
"authentication_method": "LDAP",
"request_timeout_seconds": 1,
"bind_distinguished_name": null,
"bind_password": null,
"user_base_distinguished_name": "string",
"user_distinguished_name_pattern": null,
"user_base_filter": null,
"username_attribute": "string",
"full_name_attribute": null,
"user_memberof_attribute": null,
"tls_ca_bundle": null,
"insecure_disable_tls_certificate_verification": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string,null | false | none | Friendly name of the LDAP server |
| address | string | false | none | IP address or host name of the LDAP server |
| port | integer | false | none | Port number of the LDAP server |
| authentication_method | string | false | none | Authentication types |
| request_timeout_seconds | integer | false | none | Number of seconds to wait for response |
| bind_distinguished_name | string,null | false | none | Distinguished name (DN) used to bind to the LDAP server |
| bind_password | string,null | false | none | Bind DN password |
| user_base_distinguished_name | string | false | none | Base distinguished name to be used for login |
| user_distinguished_name_pattern | string,null | false | none | Pattern used to create a DN string for a user during login, e.g. uid=*,ou=people, where * will be replaced with the username |
| user_base_filter | string,null | false | none | Search filter used to query the LDAP tree for users |
| username_attribute | string | false | none | Attribute on a user object which contains the username, e.g. uid, sAMAccountName |
| full_name_attribute | string,null | false | none | Attribute on a user object which contains the full name, e.g. cn, commonName, displayName |
| user_memberof_attribute | string,null | false | none | Attribute on a user object containing group membership information, e.g. memberOf, isMemberOf |
| tls_ca_bundle | string,null | false | none | Trustee CA bundle |
| insecure_disable_tls_certificate_verification | boolean | false | none | Specifies whether to verify the server certificate when establishing an SSL connection to the LDAP server. WARNING: The use of this feature decreases the security of the system, and should only be used with full understanding of the ramifications. |
Enumerated Values
| Property | Value |
|---|---|
| authentication_method | LDAP |
| authentication_method | LDAPS |
| authentication_method | STARTTLS |
authentication_settings_ldap_configs_verify_connection_post
{}
Properties
None
authentication_settings_password_policy_get
{
"require_type_number": true,
"require_type_lowercase": true,
"require_type_uppercase": true,
"require_type_symbol": true,
"min_characters_per_type": 0,
"min_length": 0,
"min_changed_characters": 0,
"history_count": 0,
"expire_time_days": 0,
"session_timeout_minutes": 0,
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"username": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| require_type_number | boolean | true* | none | Flag to indicate whether password must contain numerical digit |
| require_type_lowercase | boolean | true* | none | Flag to indicate whether password must contain lowercase letter |
| require_type_uppercase | boolean | true* | none | Flag to indicate whether password must contain uppercase letter |
| require_type_symbol | boolean | true* | none | Flag to indicate whether password must contain symbol (i.e. !@#$%^&*<>?) |
| min_characters_per_type | integer | true* | none | Minimum number of characters for each character type |
| min_length | integer | true* | none | Minimum length of password |
| min_changed_characters | integer | true* | none | Minimum number of changed characters for new passwords |
| history_count | integer | true* | none | Number of old passwords to remember |
| expire_time_days | integer | true* | none | Number of days password expires; a value of 0 means it never expires |
| session_timeout_minutes | integer | true* | none | Number of minutes to timeout the user session without activity |
| updated_at | string(date-time) | true* | none | Timestamp when password policy was last updated |
| updated_by | object | true* | none | none |
| » username | string | false | none | The username which last updated this password policy |
authentication_settings_password_policy_put
{
"require_type_number": true,
"require_type_lowercase": true,
"require_type_uppercase": true,
"require_type_symbol": true,
"min_characters_per_type": 0,
"min_length": 0,
"min_changed_characters": 0,
"history_count": 0,
"expire_time_days": 0,
"session_timeout_minutes": 0
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| require_type_number | boolean | false | none | Flag to indicate whether password must contain numerical digit |
| require_type_lowercase | boolean | false | none | Flag to indicate whether password must contain lowercase letter |
| require_type_uppercase | boolean | false | none | Flag to indicate whether password must contain uppercase letter |
| require_type_symbol | boolean | false | none | Flag to indicate whether password must contain symbol (i.e. !@#$%^&*<>?) |
| min_characters_per_type | integer | false | none | Minimum number of characters for each character type |
| min_length | integer | false | none | Minimum length of password |
| min_changed_characters | integer | false | none | Minimum number of changed characters for new passwords |
| history_count | integer | false | none | Number of old passwords to remember |
| expire_time_days | integer | false | none | Number of days password expires; a value of 0 means it never expires |
| session_timeout_minutes | integer | false | none | Number of minutes to timeout the user session without activity |
authentication_settings_get
{
"authentication_type": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| authentication_type | string | true* | none | Authentication types |
authentication_settings_put
{
"authentication_type": "Local"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| authentication_type | string | true* | none | Authentication types |
Enumerated Values
| Property | Value |
|---|---|
| authentication_type | Local |
| authentication_type | RADIUS |
| authentication_type | SAML |
| authentication_type | LDAP |
health_get
[
{
"status": "normal",
"type": "string",
"fqdn": "string",
"available_seconds": 0,
"notifications": [
{
"status": "normal",
"token": "string",
"message": "string"
}
],
"listen_only_mode_enabled_at": null,
"nodes": [
{
"hostname": null,
"ip_address": null,
"runlevel": null,
"uptime_seconds": null,
"cpu": {
"status": "normal",
"percent": 0
},
"disk": [
{
"location": "string",
"value": {
"status": "normal",
"percent": 0
}
}
],
"memory": {
"status": "normal",
"percent": 0
},
"metrics": [
{
"metric": "string",
"entries": [
{
"values": [
{
"status": "normal",
"name": "string",
"value": 0,
"unit": "millisecond",
"frequency": "second",
"display": "enclosed"
}
]
}
],
"last_updated_at": "2025-04-01T00:21:27Z",
"display": "table"
}
],
"services": {
"status": "string",
"running": [
"string"
],
"not_running": [
"string"
],
"partial": [
"string"
],
"optional": [
"string"
],
"unknown": [
"string"
]
},
"generated_at": null
}
],
"network": {
"replication": [
{
"type": "string",
"details": {
"database_name": "string",
"primary_fqdn": "string",
"replica_fqdn": "string"
},
"value": {
"status": "string",
"lag_seconds": 0
}
}
]
},
"groups": [
{
"group": "string",
"status": "normal",
"components": [
{
"section": "string",
"contents": [
{
"metric": "string",
"entries": [
{
"values": []
}
],
"last_updated_at": "2025-04-01T00:21:27Z",
"display": "table"
}
]
}
]
}
],
"generated_at": null
}
]
Health information of PCE Cluster and its nodes
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| status | string | false | none | Health status of an entry or section. |
| type | string | false | none | Type of the PCE |
| fqdn | string | false | none | FQDN of the PCE |
| available_seconds | number | false | none | Seconds since this PCE has been available |
| notifications | [object] | false | none | Notifications for the PCE |
| » status | health_get/items/properties/status | true* | none | Health status of an entry or section. |
| » token | string | true* | none | Description token of this notification |
| » message | string | false | none | Description string of this notification |
| listen_only_mode_enabled_at | string,null(date-time) | false | none | Timestamp at which PCE Listen Only Mode was enabled |
| nodes | [object] | false | none | Nodes in the PCE |
| » hostname | string,null | true* | none | Hostname of the node |
| » ip_address | string,null | true* | none | IP address of the node |
| » runlevel | number,null | false | none | Runlevel of the node |
| » uptime_seconds | number,null | false | none | Seconds since this node cluster has been rebooted |
| » cpu | object | false | none | none |
| »» status | string | true* | none | none |
| »» percent | number | true* | none | none |
| » disk | [object] | false | none | Disk usage of this node per individual location |
| »» location | string | true* | none | none |
| »» value | health_get/items/properties/nodes/items/properties/cpu | true* | none | none |
| » memory | health_get/items/properties/nodes/items/properties/cpu | false | none | none |
| » metrics | [object] | false | none | Additional reported metrics |
| »» metric | string | false | none | none |
| »» entries | [object] | false | none | none |
| »»» values | [object] | true* | none | none |
| »»»» status | string | false | none | Health status of an entry or section. |
| »»»» name | string | false | none | none |
| »»»» value | any | false | none | none |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»» anonymous | number | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»» anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»» unit | string | false | none | Available unit types. |
| »»»» frequency | string | false | none | Unit frequency. |
| »»»» display | string | false | none | none |
| »»» last_updated_at | string(date-time) | false | none | none |
| »»» display | string | false | none | An optional hint for the UI to display the metric's data in a specific table form. |
| »» services | object | true* | none | Status of all the PCE Services of this node |
| »»» status | string | false | none | Overall Service status of the PCE |
| »»» running | [string] | false | none | none |
| »»» not_running | [string] | false | none | none |
| »»» partial | [string] | false | none | none |
| »»» optional | [string] | false | none | none |
| »»» unknown | [string] | false | none | none |
| »» generated_at | string,null(date-time) | true* | none | Timestamp of when this node information was generated |
| » network | object | false | none | Network information of the PCE |
| »» replication | [object] | true* | none | Replication information for databases |
| »»» type | string | true* | none | Type of replication |
| »»» details | object | true* | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»» anonymous | object | false | none | none |
| »»»»» database_name | string | true* | none | Name of the Database being replicated |
| »»»»» primary_fqdn | string | true* | none | FQDN of the primary database node |
| »»»»» replica_fqdn | string | true* | none | FQDN of the replica database node |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»» anonymous | object | false | none | none |
| »»»»» fqdn | string | true* | none | FQDN of the PCE for replication |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»» value | object | true* | none | none |
| »»»»» status | string | true* | none | Lag status |
| »»»»» lag_seconds | number | true* | none | The number of lag seconds |
| »»»» groups | [object] | false | none | Additional metric groups. |
| »»»»» group | string | true* | none | none |
| »»»»» status | string | false | none | Health status of an entry or section. |
| »»»»» components | [object] | true* | none | none |
| »»»»»» section | string | true* | none | none |
| »»»»»» contents | [anyOf] | true* | none | none |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»» anonymous | object | false | none | One or more entries encompassing the metric. |
| »»»»»»»» metric | string | false | none | none |
| »»»»»»»» entries | [object] | false | none | none |
| »»»»»»»»» values | [object] | true* | none | none |
| »»»»»»»»»» status | health_get/items/properties/groups/items/properties/status | false | none | Health status of an entry or section. |
| »»»»»»»»»» name | string | false | none | none |
| »»»»»»»»»» value | any | false | none | none |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»»» anonymous | number | false | none | none |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»»» anonymous | string | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»»» unit | string | false | none | Available unit types. |
| »»»»»»»»»» frequency | string | false | none | Unit frequency. |
| »»»»»»»»»» display | string | false | none | none |
| »»»»»»»»» last_updated_at | string(date-time) | false | none | none |
| »»»»»»»»» display | string | false | none | An optional hint for the UI to display the metric's data in a specific table form. |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»» anonymous | any | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»» generated_at | string,null(date-time) | false | none | Timestamp of when this PCE information was generated |
Enumerated Values
| Property | Value |
|---|---|
| status | normal |
| status | warning |
| status | critical |
| status | normal |
| status | warning |
| status | critical |
| status | normal |
| status | warning |
| status | critical |
| unit | millisecond |
| unit | second |
| unit | minute |
| unit | hour |
| unit | day |
| unit | percent |
| unit | byte |
| unit | kilobyte |
| unit | megabyte |
| unit | gigabyte |
| unit | terabyte |
| unit | request |
| frequency | second |
| frequency | minute |
| frequency | hour |
| frequency | day |
| display | enclosed |
| display | table |
| display | join |
| status | normal |
| status | warning |
| status | critical |
| unit | millisecond |
| unit | second |
| unit | minute |
| unit | hour |
| unit | day |
| unit | percent |
| unit | byte |
| unit | kilobyte |
| unit | megabyte |
| unit | gigabyte |
| unit | terabyte |
| unit | request |
| frequency | second |
| frequency | minute |
| frequency | hour |
| frequency | day |
| display | enclosed |
| display | table |
| display | join |
detected_core_services_summary_get
[
{
"href": "http://example.com",
"core_service_type": null,
"recommended": 0,
"accepted": 0,
"rejected": 0
}
]
The list of core services
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string(uri) | false | none | The href of detected core service summary |
| core_service_type | any | true* | none | none |
| recommended | integer | false | none | Total number of detected core services which are skipped or no decision has been made yet |
| accepted | integer | false | none | Number of accepted recommendations |
| rejected | integer | false | none | Number of recommendations rejected by the user |
detected_core_services_get
{
"ip_address": "string",
"workload": {
"href": "string",
"hostname": "string",
"name": "string",
"os_type": "windows",
"enforcement_mode": "idle",
"labels": [
{
"href": "string"
}
],
"managed": true
},
"href": "string",
"core_service_type": null,
"confidence": 50,
"feedback": "string",
"action": "string",
"method_name": "string",
"labels_applied": true,
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"last_detected_at": "2025-04-01T00:21:27Z"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| ip_address | string | true* | none | The ip address which is detected as core service |
| workload | object | false | none | Workload details of the traffic-flow endpoint |
| » href | string | true* | none | Workload URI |
| » hostname | string | true* | none | The hostname of the workload |
| » name | string | false | none | The name of the workload |
| » os_type | string | false | none | The operating system type of the workload |
| » enforcement_mode | container_clusters_container_workload_profiles_get/properties/enforcement_mode | false | none | Workload enforcement mode |
| » labels | [object] | false | none | Assigned labels |
| »» href | string | true* | none | Label URI |
| » managed | boolean | true* | none | True if the workload is managed, else false |
| href | string | true* | none | The href of this detected core service |
| core_service_type | any | true* | none | none |
| confidence | integer | false | none | Confidence of the detected core service |
| feedback | string | false | none | The feedback provided for this core service recommendation, if any |
| action | string | false | none | The user can accept, skip or reject the core service determination. |
| method_name | string | true* | none | The method by which this core service was detected |
| labels_applied | boolean | false | none | Indicates if the end user applied labels for this workload |
| created_at | string(date-time) | true* | none | Date at which core service was detected |
| updated_at | string(date-time) | true* | none | Date core service was updated with action information |
| last_detected_at | string(date-time) | false | none | Date core service was last recommended by core service detection algorithm |
Enumerated Values
| Property | Value |
|---|---|
| os_type | windows |
| os_type | linux |
| os_type | unknown |
detected_core_services_put
{
"action": "accept",
"feedback": "string",
"labels_applied": true,
"workload": {
"href": "http://example.com"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| action | string | false | none | Accept, skip or reject the core service detection |
| feedback | string | false | none | Feedback from user about the detected core service |
| labels_applied | boolean | false | none | Indicates if the end user applied the suggested labels for this detected core service |
| workload | object | false | none | none |
| » href | string(uri) | true* | none | The workload URI to be associated with this core service recommendation |
Enumerated Values
| Property | Value |
|---|---|
| action | accept |
| action | skip |
| action | reject |
| action | recommended |
core_service_types_get
{
"href": "http://example.com",
"name": "string",
"required_ports": [
{
"port": 0,
"to_port": 0
}
],
"optional_ports": [
{
"port": 0,
"to_port": 0
}
],
"labels": [
{}
],
"created_at": "2025-04-01T00:21:27Z",
"updated_at": "2025-04-01T00:21:27Z",
"priority": 0,
"num_optional_ports_required": 0
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string(uri) | true* | none | The href of this core service type |
| name | string | true* | none | The name of the core service type |
| required_ports | [object] | false | none | Core Service Ports |
| » port | integer | true* | none | Port number, or the starting port of a range. |
| » to_port | integer | false | none | Upper end of port range; this field should not be included if specifying an individual port. |
| optional_ports | core_service_types_get/properties/required_ports | false | none | Core Service Ports |
| labels | [oneOf] | true* | none | Suggested labels |
| » value | string | false | none | Label name |
| » key | string | false | none | Label type |
| » href | string(uri) | false | none | Label URI |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| created_at | string(date-time) | true* | none | Timestamp at which this core service type was created |
| updated_at | string(date-time) | true* | none | Timestamp at which this core service type was updated |
| priority | integer | false | none | Each IP/workload is identified for 1 core service type and they are ordered by priority |
| num_optional_ports_required | integer | false | none | Number of optional ports required |
core_service_types_put
{
"labels": [
{}
],
"required_ports": [
{
"port": 0,
"to_port": 0
}
],
"optional_ports": [
{
"port": 0,
"to_port": 0
}
],
"num_optional_ports_required": 0,
"provider": true,
"priority": 1
}
modify labels
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| labels | core_service_types_get/properties/labels | false | none | Suggested labels |
| required_ports | core_service_types_get/properties/required_ports | false | none | Core Service Ports |
| optional_ports | core_service_types_get/properties/required_ports | false | none | Core Service Ports |
| num_optional_ports_required | integer | false | none | Number of optional ports required |
| provider | boolean | false | none | To indicate whether the provider is a core service. Default value is true which means provider is a core service |
| priority | integer | false | none | Each IP/workload is identified for 1 core service type and they are ordered by priority |
events_get
{
"href": "string",
"org_id": 0,
"version": "string",
"event_id": "string",
"event_type": "string",
"status": "string",
"severity": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": {},
"action": null,
"resource_changes": [
{
"href": "string",
"version": "string",
"org_id": 0,
"uuid": "string",
"event": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": null,
"resource": null,
"changes": {},
"change_type": "string"
}
],
"notifications": [
{
"href": "string",
"event": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": null,
"notification_type": "string",
"severity": "err",
"info": null
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | Unique href for this event, which can be used for event lookup via the events API |
| org_id | integer | false | none | org_id for this event. |
| version | string | false | none | The event version of this event for the category it falls under |
| event_id | string | false | none | Unique request/transaction identifier of the API request / context from which this event was generated |
| event_type | string | true* | none | Event name that clearly describes the event |
| status | string | true* | none | Status of the event; usually a mapping of api_status_code to a generic result string; nil if no action. For presentation purposes only. |
| severity | string | true* | none | This event's level of importance |
| timestamp | string(date-time) | true* | none | RFC 3339 timestamp at which this event was originally created |
| pce_fqdn | string | true* | none | Fully qualified domain name of the PCE, where this event originated |
| created_by | object | true* | none | The entity responsible for the creation of this event |
| » user | object | false | none | The user responsible for the creation of this event |
| »» href | string | true* | none | This user's href |
| »» username | null,string | true* | none | This user's username |
| » agent | object | false | none | The agent responsible for the creation of this event |
| »» href | string | false | none | This agent's href |
| »» hostname | string | false | none | Hostname of this agent |
| » container_cluster | object | false | none | The container_cluster responsible for the creation of this event |
| »» href | string | false | none | This container_cluster's href |
| »» name | string | false | none | Name of this container_cluster |
| » system | object | false | none | The system generated this event |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| action | any | false | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | null | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
| »» href | string | false | none | Unique href for this action log event, which can be used for event lookup via the events API |
| »» event | string | false | none | Correlation href identifying the API request / context from which events originated |
| »» timestamp | string(date-time) | false | none | RFC 3339 timestamp at which this event was originally created |
| »» pce_fqdn | string | false | none | Fully qualified domain name of the PCE, where this event originated |
| »» created_by | object | false | none | The entity responsible for the creation of this event |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» event_type | string | false | none | Event name that clearly describes the action log event |
| »» status | string | false | none | Status of the event; usually a mapping of api_status_code to a generic result string. For presentation purposes only. |
| »» severity | string | false | none | This event's level of importance |
| »» task_name | string | false | none | The name of the timed worker job from which this event originated |
| »» api_endpoint | null,string | false | none | URI of the API invoked |
| »» api_method | null,string | false | none | Name of API method invoked on some target resource(s) |
| »» http_status_code | null,integer | false | none | HTTP status code returned from the API call. |
| »» src_ip | string | false | none | Source IP of the request for which the event was generated. If the request is coming from the PCE itself, then we should log the IP of the PCE. |
| »» errors | [object] | false | none | Extra information regarding the reason for failure. This property is only for failure events and will not appear in successful events |
| »»» token | string | false | none | Machine readable error message |
| »»» message | string | false | none | Human readable error message |
| »» info | object | false | none | Extra information about the action log event in json format |
| » resource_changes | [object] | false | none | Array of resource log events that were generated during this event |
| »» href | string | false | none | Unique href for this resource log event, which can be used for event lookup via the events API |
| »» version | string | false | none | The event version of this event for the category it falls under |
| »» org_id | integer | false | none | org_id for this event. |
| »» uuid | string | false | none | Unique identifier for this event. |
| »» event | string | false | none | Correlation href identifying the API request / context from which events originated |
| »» timestamp | string(date-time) | false | none | RFC 3339 timestamp at which this event was originally created |
| »» pce_fqdn | string | false | none | Fully qualified domain name of the PCE, where this event originated |
| »» created_by | object | false | none | The entity responsible for the creation of this event |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» resource | object | true* | none | Canonical representations of a resource |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» changes | object | false | none | Properties of the resource that were changed as a result of the event, with their updated values |
| »» change_type | string | true* | none | Type of change, which occurred for this resource(s) |
| » notifications | [object] | false | none | Array of notification log events that were generated during this event |
| »» href | string | false | none | Unique href for this notification log event, which can be used for event lookup via the events API |
| »» event | string | false | none | Correlation href identifying the API request / context from which events originated |
| »» timestamp | string(date-time) | false | none | RFC 3339 timestamp at which this event was originally created |
| »» pce_fqdn | string | false | none | Fully qualified domain name of the PCE, where this event originated |
| »» created_by | object | false | none | The entity responsible for the creation of this event |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | any | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »» notification_type | string | false | none | Notification name that clearly describes the notification log event |
| »» severity | string | false | none | This event's level of importance |
| »» info | null,object | false | none | Extra information about the notification in json format |
Enumerated Values
| Property | Value |
|---|---|
| severity | err |
| severity | warning |
| severity | info |
system_events_get
{
"href": "string",
"org_id": 0,
"version": "string",
"event_id": "string",
"event_type": "string",
"status": "string",
"severity": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": {},
"action": null,
"resource_changes": [
{
"href": "string",
"version": "string",
"org_id": 0,
"uuid": "string",
"event": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": null,
"resource": null,
"changes": {},
"change_type": "string"
}
],
"notifications": [
{
"href": "string",
"event": "string",
"timestamp": "2025-04-01T00:21:27Z",
"pce_fqdn": "string",
"created_by": null,
"notification_type": "string",
"severity": "err",
"info": null
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | false | none | Unique href for this event, which can be used for event lookup via the events API |
| org_id | integer | false | none | org_id for this event. |
| version | string | false | none | The event version of this event for the category it falls under |
| event_id | string | false | none | Unique request/transaction identifier of the API request / context from which this event was generated |
| event_type | string | true* | none | Event name that clearly describes the event |
| status | string | true* | none | Status of the event; usually a mapping of api_status_code to a generic result string; nil if no action. For presentation purposes only. |
| severity | string | true* | none | This event's level of importance |
| timestamp | string(date-time) | true* | none | RFC 3339 timestamp at which this event was originally created |
| pce_fqdn | string | true* | none | Fully qualified domain name of the PCE, where this event originated |
| created_by | object | true* | none | The entity responsible for the creation of this event |
| » user | object | false | none | The user responsible for the creation of this event |
| »» href | string | true* | none | This user's href |
| »» username | null,string | true* | none | This user's username |
| » agent | object | false | none | The agent responsible for the creation of this event |
| »» href | string | false | none | This agent's href |
| »» hostname | string | false | none | Hostname of this agent |
| » container_cluster | object | false | none | The container_cluster responsible for the creation of this event |
| »» href | string | false | none | This container_cluster's href |
| »» name | string | false | none | Name of this container_cluster |
| » system | object | false | none | The system generated this event |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| action | any | false | none | none |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | null | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | events_get/properties/action/oneOf/1 | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| resource_changes | [events_get/properties/resource_changes/items] | false | none | Array of resource log events that were generated during this event |
| notifications | [events_get/properties/notifications/items] | false | none | Array of notification log events that were generated during this event |
jobs_get
{
"href": "string",
"job_type": "string",
"description": null,
"status": "string",
"requested_at": "2025-04-01T00:21:27Z",
"requested_by": {
"href": "string"
},
"terminated_at": "2025-04-01T00:21:27Z",
"result": null
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string | true* | none | The job URI. |
| job_type | string | false | none | An arbitrary designator for the job type or kind, typically supplied by the job requestor. |
| description | string,null | false | none | An arbitrary free-form description of the job, as supplied by the job requestor. |
| status | string | true* | none | The current state of the job, to the effect of its success, failure, etc. |
| requested_at | string(date-time) | false | none | The time (rfc3339 timestamp) at which this job was requested or submitted. |
| requested_by | object | false | none | none |
| » href | string | true* | none | The URI of the user who requested this job. |
| terminated_at | string(date-time) | false | none | The time (rfc3339 timestamp) at which this job terminated, either successfully or failingly. |
| result | object,null | false | none | The result produced by the job, typically a URI (with 'href' sub-property), or an error in case of failure. |
| » href | string | false | none | The href to collect the response body |
report_templates_get
{
"href": "http://example.com",
"name": "string",
"enabled": true,
"show_in_ui": true,
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
}
}
Template for a report type
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string(uri) | true* | none | Report Template URI |
| name | string | true* | none | Display name for this report template |
| enabled | boolean | false | none | Determines whether the report template is enabled for this org |
| show_in_ui | boolean | false | none | Determines whether this report is to be shown in the PCE UI |
| report_parameters | object | true* | none | Any specific parameters required for this report template |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | object | false | none | Report parameters for executive summary report |
| »» report_time_range | object | true* | none | Time range the report is built across |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | object | false | none | none |
| »»»» start_date | string(date-time) | true* | none | Start date for the range |
| »»»» end_date | string(date-time) | true* | none | End date for the range |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | object | false | none | none |
| »»»» last_num_days | integer | true* | none | Last x number of days the report is built across |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»» anonymous | object | false | none | Report parameters for traffic flow query report |
| »»»» report_time_range | object | true* | none | Time range the report is built across |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»» anonymous | report_templates_get/properties/report_parameters/anyOf/0/properties/report_time_range/oneOf/0 | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»» anonymous | report_templates_get/properties/report_parameters/anyOf/0/properties/report_time_range/oneOf/1 | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»» app_groups | [array] | true* | none | App Group Schema for reports |
| »»»»» label | object | true* | none | none |
| »»»»»» href | string | true* | none | Label URI |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»» anonymous | object | false | none | Report parameters for explorer report |
| »»»»»» report_time_range | report_templates_get/properties/report_parameters/anyOf/0/properties/report_time_range/oneOf/1 | true* | none | none |
| »»»»»» filters | object | true* | none | none |
| »»»»»»» query_name | string | true* | none | Query Name |
| »»»»»»» start_date | string(date) | false | none | Starting date for query |
| »»»»»»» end_date | string(date) | false | none | Ending date for query |
| »»»»»»» sources_destinations_query_op | string | false | none | Query logical operator between sources and destinations |
| »»»»»»» sources | object | true* | none | Source labels, workloads, IP addresses to include or exclude |
| »»»»»»»» include | traffic_flows_async_queries_post/properties/sources/properties/include | true* | none | List of included sources or targets |
| »»»»»»»» exclude | traffic_flows_async_queries_post/properties/sources/properties/exclude | true* | none | List of excluded sources or targets |
| »»»»»»» destinations | object | true* | none | Target labels, workloads, IP addresses, domain names, transmission to include or exclude |
| »»»»»»»» include | traffic_flows_async_queries_post/properties/destinations/properties/include | true* | none | List of included sources or targets |
| »»»»»»»» exclude | traffic_flows_async_queries_post/properties/destinations/properties/exclude | true* | none | List of excluded sources or targets |
| »»»»»»» data_sources | object | false | none | Data sources of the flows to include or exclude |
| »»»»»»»» include | [string] | false | none | List of included services |
| »»»»»»»» exclude | [string] | false | none | List of excluded data sources |
| »»»»»»» services | object | true* | none | Services (5-tuple of port/to_port/proto/process/service) to include or exclude |
| »»»»»»»» include | [object] | true* | none | List of included services (5-tuple of port/to_port/proto/process/service) |
| »»»»»»»»» port | integer | false | none | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»» to_port | integer | false | none | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»»»»»» proto | integer | false | none | protocol number |
| »»»»»»»»» process_name | string | false | none | Process Name |
| »»»»»»»»» windows_service_name | string | false | none | Windows Service Name |
| »»»»»»»» exclude | [object] | true* | none | List of excluded services (5-tuple of port/to_port/proto/process/service) |
| »»»»»»»»» port | integer | false | none | Port Number (integer 0-65535). Also the starting port when specifying a range. |
| »»»»»»»»» to_port | integer | false | none | High end of port range inclusive if specifying a range. If not specifying a range then don't send this. |
| »»»»»»»»» proto | integer | false | none | protocol number |
| »»»»»»»»» process_name | string | false | none | Process Name |
| »»»»»»»»» windows_service_name | string | false | none | Windows Service Name |
| »»»»»»»» policy_decisions | [string] | true* | none | List of policy decisions |
| »»»»»»»» boundary_decisions | [string] | false | none | List of boundary decisions |
| »»»»»»»» max_results | integer | true* | none | maximum number of flows to return |
| »»»»»»»» exclude_workloads_from_ip_list_query | boolean | false | none | exclude workload traffic when IP List is provided either in consumer or provider part of traffic query |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»» anonymous | object | false | none | Report parameters for VES report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»» anonymous | object | false | none | Returns the rule hit count stats for all the rules in a ruleset during the specified time-range |
| »»»»»»»» report_time_range | object | true* | none | Time range the report is built across |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»» anonymous | report_templates_get/properties/report_parameters/anyOf/0/properties/report_time_range/oneOf/0 | false | none | none |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»»» anonymous | report_templates_get/properties/report_parameters/anyOf/0/properties/report_time_range/oneOf/1 | false | none | none |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»»» rule_sets | [object] | true* | none | Returns the rule hit count stats for all the rules in a ruleset during the specified time-range |
| »»»»»»»»» href | string | true* | none | HREF of the ruleset |
| »»»»»»»» max_results | integer | false | none | maximum number of rules to return in the specified time-range in descending order of rule creation time |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| »»»»»»» anonymous | object | false | none | Report parameters for ransomware risk report |
| »»»»»»»» report_time_range | report_templates_get/properties/report_parameters/anyOf/0/properties/report_time_range/oneOf/1 | true* | none | none |
Enumerated Values
| Property | Value |
|---|---|
| sources_destinations_query_op | and |
| sources_destinations_query_op | or |
report_templates_put
{
"enabled": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| enabled | boolean | false | none | Determines whether this report template is enabled for this org |
report_schedules_get
{
"href": "http://example.com",
"report_template": {
"href": "http://example.com",
"name": "string"
},
"name": "string",
"report_generation_frequency": "string",
"scheduled_at": "2025-04-01T00:21:27Z",
"send_by_email": true,
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
},
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "http://example.com"
},
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"href": "http://example.com"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string(uri) | true* | none | Report Schedule URI |
| report_template | object | true* | none | Template for the report |
| » href | string(uri) | true* | none | Report Template URI |
| » name | string | false | none | Name of the report template |
| name | string | true* | none | Name of the report schedule |
| report_generation_frequency | string | true* | none | Report generation frequency |
| scheduled_at | string(date-time) | false | none | Timestamp in UTC for report generation |
| send_by_email | boolean | false | none | Flag for whether to send user report by email |
| report_parameters | object | true* | none | Any specific parameters required for this report template |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/0 | false | none | Report parameters for executive summary report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/1 | false | none | Report parameters for traffic flow query report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/2 | false | none | Report parameters for explorer report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/3 | false | none | Report parameters for VES report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/4 | false | none | Returns the rule hit count stats for all the rules in a ruleset during the specified time-range |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/5 | false | none | Report parameters for ransomware risk report |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| created_at | string(date-time) | false | none | Timestamp (rfc3339 timestamp) in UTC when this report schedule was created |
| created_by | object | false | none | none |
| » href | string(uri) | true* | none | The URI of the user who created this report schedule |
| updated_at | string(date-time) | false | none | Timestamp (rfc3339 timestamp) when this report schedule was last updated. |
| updated_by | object | false | none | none |
| » href | string(uri) | true* | none | The URI of the user who updated this report schedule |
report_schedules_post
{
"report_template": {
"href": "http://example.com"
},
"name": "string",
"send_by_email": true,
"report_generation_frequency": "daily",
"scheduled_at": "2025-04-01T00:21:27Z",
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| report_template | object | true* | none | Template for the report |
| » href | string(uri) | true* | none | Report Template URI |
| name | string | true* | none | Name of the report schedule |
| send_by_email | boolean | false | none | Flag for whether to send user report by email |
| report_generation_frequency | string | true* | none | Report generation frequency |
| scheduled_at | string(date-time) | false | none | Timestamp in UTC for report generation |
| report_parameters | object | true* | none | Any specific parameters required for this report template |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/0 | false | none | Report parameters for executive summary report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/1 | false | none | Report parameters for traffic flow query report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/2 | false | none | Report parameters for explorer report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/3 | false | none | Report parameters for VES report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/4 | false | none | Returns the rule hit count stats for all the rules in a ruleset during the specified time-range |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/5 | false | none | Report parameters for ransomware risk report |
Enumerated Values
| Property | Value |
|---|---|
| report_generation_frequency | daily |
| report_generation_frequency | weekly |
| report_generation_frequency | monthly |
| report_generation_frequency | quarterly |
| report_generation_frequency | once |
report_schedules_put
{
"report_template": {
"href": "http://example.com"
},
"name": "string",
"report_format": "pdf",
"report_generation_frequency": "once",
"send_by_email": true,
"scheduled_at": "2025-04-01T00:21:27Z",
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| report_template | object | false | none | Template for the report |
| » href | string(uri) | true* | none | Report Template URI |
| name | string | false | none | Name of the report schedule |
| report_format | string | false | none | Format in which the report should be generated |
| report_generation_frequency | string | false | none | Report generation frequency |
| send_by_email | boolean | false | none | Flag for whether to send user report by email |
| scheduled_at | string(date-time) | false | none | Time stamp in UTC for report generation |
| report_parameters | object | false | none | Any specific parameters required for this report template |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/0 | false | none | Report parameters for executive summary report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/1 | false | none | Report parameters for traffic flow query report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/2 | false | none | Report parameters for explorer report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/3 | false | none | Report parameters for VES report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/4 | false | none | Returns the rule hit count stats for all the rules in a ruleset during the specified time-range |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/5 | false | none | Report parameters for ransomware risk report |
Enumerated Values
| Property | Value |
|---|---|
| report_format | |
| report_format | json |
| report_generation_frequency | once |
| report_generation_frequency | daily |
| report_generation_frequency | weekly |
| report_generation_frequency | monthly |
| report_generation_frequency | quarterly |
reports_get
{
"href": "http://example.com",
"report_template": {
"href": "http://example.com",
"name": "string"
},
"description": "string",
"send_by_email": true,
"progress_percentage": 0,
"generated_at": null,
"status": "string",
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
},
"created_at": "2025-04-01T00:21:27Z",
"created_by": {
"href": "http://example.com"
},
"updated_at": "2025-04-01T00:21:27Z",
"updated_by": {
"href": "http://example.com"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string(uri) | true* | none | Report URI |
| report_template | object | true* | none | Template for the report |
| » href | string(uri) | true* | none | Report Template URI |
| » name | string | false | none | Name of the report template |
| description | string | false | none | Description of the report |
| send_by_email | boolean | false | none | Flag for whether to send user report by email |
| progress_percentage | integer | false | none | Progress percentage for this report |
| generated_at | string,null(date-time) | false | none | Report generation timestamp in UTC |
| status | string | true* | none | Current status of this report |
| report_parameters | object | true* | none | Any specific parameters required for this report template |
anyOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/0 | false | none | Report parameters for executive summary report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/1 | false | none | Report parameters for traffic flow query report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/2 | false | none | Report parameters for explorer report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/3 | false | none | Report parameters for VES report |
or
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/5 | false | none | Report parameters for ransomware risk report |
continued
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| created_at | string(date-time) | false | none | Timestamp in UTC when this report was created |
| created_by | object | false | none | none |
| » href | string(uri) | true* | none | User who created this report |
| updated_at | string(date-time) | false | none | Timestamp in UTC when this report was last updated. |
| updated_by | object | false | none | none |
| » href | string(uri) | true* | none | User who last updated this report |
reports_time_series_statistics_post
[
{
"property": "num_managed_workloads",
"resolution": "day",
"max_results": 5
}
]
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| property | string | true* | none | The property for which time series data is requested. |
| resolution | string | false | none | The granularity for the time series data. E.g. day, week, month, quarter |
| max_results | integer | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| property | num_managed_workloads |
| property | ransomware_protection_coverage_percent |
| property | num_workloads_by_exposure |
| resolution | day |
| resolution | week |
| resolution | month |
| resolution | quarter |
reports_post
{
"report_template": {
"href": "http://example.com"
},
"send_by_email": true,
"description": "string",
"report_parameters": {
"report_time_range": {
"start_date": "2025-04-01T00:21:27Z",
"end_date": "2025-04-01T00:21:27Z"
}
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| report_template | object | true* | none | Template for the report |
| » href | string(uri) | true* | none | Report Template URI |
| send_by_email | boolean | false | none | Flag for whether to send user report by email |
| description | string | false | none | Description for the report |
| report_parameters | object | true* | none | Any specific parameters required for this report template |
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/0 | false | none | Report parameters for executive summary report |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/1 | false | none | Report parameters for traffic flow query report |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/2 | false | none | Report parameters for explorer report |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/3 | false | none | Report parameters for VES report |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » anonymous | report_templates_get/properties/report_parameters/anyOf/4 | false | none | Returns the rule hit count stats for all the rules in a ruleset during the specified time-range |
reports_put
{
"status": "cancel_requested"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| status | string | false | none | State of the report |
Enumerated Values
| Property | Value |
|---|---|
| status | cancel_requested |
settings_reports_get
{
"href": "http://example.com",
"max_queued_reports": 0,
"report_retention_days": 1
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| href | string(uri) | false | none | Report Setting URI |
| max_queued_reports | integer | false | none | maximum number of queued reports at anytime per org |
| report_retention_days | integer | false | none | Number of days a report would be retained for |
settings_reports_put
{
"max_queued_reports": 1,
"report_retention_days": 1
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| max_queued_reports | integer | false | none | maximum number of queued reports at anytime per org |
| report_retention_days | integer | false | none | Number of days a report would be retained for |
product_version_get
{
"product_version": {
"version": "string",
"build": 0,
"release_info": "string",
"engineering_info": "string",
"long_display": "string",
"short_display": "string",
"product_name": "string"
}
}
Properties
None
noop_get
{}
Properties
None
--
Copyright 2018-2025 Illumio, Inc. All rights reserved.