MetaDefender Storage Security
Search
HomeGetting StartedInstallationOperationsIntegrationsConfiguration and ManagementKnowledge BaseTroubleshooting and SupportRelease NotesMetaDefender Storage Security API
MetaDefender Storage Security API
About this REST API
Useful links
Authentication
Account
GETFetch all accounts
POSTAdd an account
PATCHUpdate an account
GETFetch account by ID
DELETEDelete an account
GETFetch available storage units for an account
GETFetch the number of accounts
Audit
GETFetch audit logs
Configuration
GETExport configuration file
POSTImport configuration file
GETGet enabled modules
Connector
GETconnector
External Logger
GETRetrieve external loggers
PUTUpdate external logger state
PUTUpdate a Syslog server configuration
POSTAdd a new Syslog server configuration
PUTUpdate a Kafka server configuration
POSTAdd a new Kafka server configuration
DELETEDelete external logger
File
GETEnumerate processed files
PUTScan a file on demand
GETRetrieve archive scan results
GETFetch processing results for a file
POSTCancel a file in an ongoing scan
Group
GETFetch all groups
POSTAdd a group
PATCHUpdate a group
GETFetch group by ID
DELETEDelete a group
GETFetch the number of groups
Health Status
GETGet health status
Onboarding
GETFetch onboarding configuration
POSTFinish onboarding
POSTAccept Eula
Remediations
GETGet Remediations by workflow id
GETGet Remediation by id
DELETEDelete Remediation
POSTAdd Remediation
PATCHUpdate Remediation
Report
GETGet scans report
GETDownload PDF Report
Scan
GETGet scan by ID
POSTStart a scan
POSTStop a scan
GETGet next scheduled scan
DELETEDelete scans
GETFetch last completed scan
GETGet an active scan by scan ID
GETGet Real-Time scan by storage Id
Scan Instance
GETGet Scan Instances
PUTUpdate an existing Scan Instance
POSTAdd a new Scan Instance
GETGet Scan Instance by ID
DELETEDelete a Scan Instance
POSTTest
Scan Pool
GETGet Scan Pools
PUTUpdate an existing Scan Pool
POSTAdd a new Scan Pool
GETGet Scan Pool by ID
DELETEDelete a Scan Pool
Scan Workflow Snapshot
GETGet all scan workflow snapshots by scan ID
Settings
GETGet notifications configuration
PUTUpdate notifications configuration
GETFetch SMTP configuration
PATCHUpdate SMTP configuration
POSTOnline license activation
POSTOffline license activation
GETGet license details
POSTDeactivate license
GETFetch retention configuration
PUTUpdate retention configuration
POSTGenerate encryption key
GETGet encryption key creation date
Sso
GETGet Sso Configuration
PATCHUpdate Sso Configuration
Storage
GETFetch all storage units
GETFetch storage by ID
DELETEDelete a storage
PATCHUpdate a storage
GETFetch storage users
POSTAdd a storage
POSTAdd batch of storages
GETGet batch of add storages results
GETFetch all storage units by filters (storage type or status)
PUTAdd a scan schedule
PUTUpdate a scan schedule
GETFetch scan schedules
DELETEDelete scan schedules
GETRetrieve storage user name
GETRetrieve storage user name
User
GETFetch active users
POSTRegister a user
POSTCreate a user
POSTAuthenticate with a username and password
POSTRefresh user token
POSTLogout
PUTUpdate user role
GETFetch users
DELETEDelete a user
PUTUpdate current user
POSTRequest password reset
POSTReset user password
User Tour
GETFetch tours completed by a user
POSTMark a specific Tour as completed by a user
Webhook
POSTFile event trigger of real time processing
POSTFile event trigger of real time processing by storage client ID
POSTFile event trigger of real time processing for Box
POST{scanId}
Workflow
GETGet Workflows
POSTAdd a new Workflow
PATCHUpdate an existing Workflow
GETGet Workflow by ID
DELETEDelete a Workflow
POSTSet a Workflow as default
POSTRefresh supported technologies for a Workflow and return updated Workflow
Tenant
GETtenant
POSTtenant
GET{tenantId}
PUT{tenantId}
DELETE{tenantId}

MetaDefender Storage Security API v1

This section of the user guide describes how you can programmatically interact with the MetaDefender Storage Security REST API. Below are some common tasks that can be done using the available REST APIs:

  • Authenticate to obtain a JSON Web Token(JWT)
  • Start or stop a process(scan)
  • Add / remove storage units

About this REST API

The exposed endpoint is located by default at http(s)://md-storage-server/api/ (for example, the authentication endpoint is available at http(s)://md-storage-server/api/user/authenticate). All requests are handled by the NGINX web server before being proxied to the backend API Gateway service.

All endpoints perform authentication and authorization checks. For these checks to succeed, a valid token should be presented in the Authorization header in the form of Bearer.

Please note that all issued tokens have a timestamp and signature associated in order to prevent long-term usage without re - authentication.The lifespan of the token is currently set to 60 minutes, meaning you will have to request a new token before it expires in order to avoid error responses.

Server
http://<MDSS_HOST>
Server Variables

Authentication

http Bearer

As mentioned earlier, all endpoints perform authentication and authorization checks. In order for these checks to succeed, a valid token should be presented in the Authorization header in the form of Bearer .

Suggested application logic

If you plan to integrate MetaDefender Storage Security in your custom application or workflow, please consider the following scenarios for successfully making REST API requests:

Scenario Possible use cases
Short-lived integration You are building or enhancing an application that requires sporadic or on-demand access to MetaDefender Storage Security REST APIs.
The application is not expected to make more than a few REST API calls per hour.
The application does not need to preserve a session.
Long-lived integration You are building or enhancing an application that requires continuous, uninterrupted, or hard to predict access to MetaDefender Storage Security REST APIs.
Requests are being triggered based on external factors and your application should maintain connectivity with MetaDefender Storage Security REST API.
Session preserving is necessary and authentication should happen without user-interaction.
Your application will make a significant number of REST API requests and you need increased performance
API Key integration You are building or enhancing an application that requires continuous, uninterrupted, or hard to predict access to MetaDefender Storage Security REST APIs.
Requests are being triggered based on external factors and your application should maintain connectivity with MetaDefender Storage Security REST API.
Authentication should happen without user-interaction.
Your application will make a significant number of REST API requests and you need increased performance.

Short-lived integration

  • Obtain a signed accessToken by calling /api/user/authenticate API

  • Use this token to call your desired REST API by providing it in the Authorization header

  • Expire the token by calling /api/user/logout

  • Repeat steps 1-3 the next time your application needs to call a REST API

Long-lived integration

  • Obtain a signed token by calling /api/user/authenticate API

  • Securely save the received accessToken and the refreshToken

  • Use the accessToken to call your desired REST API by providing it in the Authorization header

  • Add an exception handler in case you receive a 401 Unauthorized response because the JWT has expired call /api/user/refreshToken to obtain a new accessToken by providing the saved refreshToken.

    a) the accessToken expires after an hour of creation; the expiry time is represented in UTC format by the accessTokenExpiryTime value.
    b) the refreshToken expires after an hour of creation; the expiry time is represented in UTC format by the refreshTokenExpiryTime value. c) if the refreshToken has expired as well, obtain a signed token by calling /api/user/authenticate API

  • Use the newly issued accessToken to call your desired REST API by providing it in the Authorization header

API Key integration

  • In the MetaDefender Storage Security interface, Navigate to Settings -> Users

  • Find your user entry in the user list, click on the three dots on the right side of the entry, and then click on Generate an API Key

  • Generate the key, copy it, and store it somewhere safe

  • Use the API Key to call your desired REST API by providing it as a header with the Key: "ApiKey" and Value:

General considerations

The access token expiration date cannot be extended. By default, the access token is valid for an hour after calling /api/user/authenticate API to obtain it. The refresh token is also valid for an hour but can be extended by calling /api/user/refreshToken and it is also automatically extended with an hour with each non-GET request.

A refresh token is used to request a new access token when the current one expires without requiring re-authentication using a username and password.

The refresh token is used to forcibly expire any previously issued JWT when the refresh token expires or is removed by calling /api/user/logout.

A 3rd party application that needs persistent connectivity with MetaDefender Storage Security should implement a timeout mechanism to ensure that the refresh token is renewed before it expires by calling /api/user/refreshToken whenever the JWT (access token) is expired but before the refresh token expires as well.

Fetch all accounts

Auth
GET /api/account
Copy
Responses
200
Response
Copy

Add an account

Auth
Query String
Namestring
Descriptionstring
Credentialsstring
ProtocolType
VendorType
AutoDiscoveryboolean
GroupIdstring
StorageIdsarray
Request Body
objectobject
CredentialsFilefile
POST /api/account
Copy
Responses
200
Response
Copy

Update an account

Auth
Query String
AccountIdstring
Namestring
Descriptionstring
Credentialsstring
ProtocolType
VendorType
AutoDiscoveryboolean
GroupIdstring
Request Body
objectobject
CredentialsFilefile
PATCH /api/account
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
accountIdstring
Response
Copy

Fetch account by ID

Auth
Path Params
accountIdstring
GET /api/account/{accountId}
Copy
Responses
200
Response
Copy

Delete an account

Auth
Path Params
accountIdstring
DELETE /api/account/{accountId}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
accountIdstring
Response
Copy

Fetch available storage units for an account

Auth
Path Params
accountIdstring
GET /api/account/{accountId}/storages
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
entriesarray[object]
bucketNamestring
Response
Copy

Fetch the number of accounts

Auth
GET /api/account/count
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
accountCount
objectobject
countint64
Response
Copy

Audit

List audit information

Fetch audit logs

Auth
Path Params
startIndexstring
countstring
Query String
logTypestring
categoryTypestring
logLevelstring
searchTextstring
GET /api/audit/{startIndex}/{count}
Copy
Responses
200
Response
Copy

Export configuration file

Export the current configuration settings to an archive. The file will be encrypted using the provided password.

Auth
Query String
exportLicenseboolean
exportSmtpboolean
exportEmailNotificationsboolean
exportRetentionboolean
passwordstring
GET /api/configuration/export
Copy
Responses
200
filefile
Response
Copy

Import configuration file

Auth
Request Body
objectobject
ConfigurationFilefile
passwordstring
POST /api/configuration/import
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: FailedToUpgradeConfigFile
  • 2: FailedRequestBodyIsEmpty
  • 3: FailedToActivateLicense
  • 4: FailedToDeserializeConfigFile
  • 5: FailedOutdatedVersion
  • 6: FailedInvalidConfigFile
  • 7: FailedMissingPassword
  • 8: FailedWrongPassword

Enum: 0,1,2,3,0,1,2,3,4,5,6,7,8

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
areSmtpSettingsImportedboolean
isLicenseImportedboolean
isRetentionImportedboolean
activationDto
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Get enabled modules

Auth
GET /api/configuration/enabledModules
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
enabledModulesarray[integer]
Response
Copy

Connector

connector

Auth
Query String
sharePathstring
clientIdstring
GET /api/connector
Copy
Responses
200
filefile
Response
Copy

Retrieve external loggers

Auth
GET /api/externallogger
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError

Enum: 0,1,2,3,0,1,2

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
entriesarray[object]
idstring
isEnabledboolean
loggerTypeinteger
  • 0: SyslogUdp
  • 1: Kafka

Enum: 0,1

connectionSettings
objectobject
$typestring
Response
Copy

Update external logger state

Auth
Request Body
objectobject
idstring

minLength: 1

isEnabledboolean
PUT /api/externallogger/status
Copy
Responses
200
filefile
Response
Copy

Update a Syslog server configuration

Auth
Request Body
PUT /api/externallogger/udpSyslog
Copy
Responses
200
filefile
Response
Copy

Add a new Syslog server configuration

Auth
Request Body
POST /api/externallogger/udpSyslog
Copy
Responses
200
filefile
Response
Copy

Update a Kafka server configuration

Auth
Request Body
PUT /api/externallogger/kafka
Copy
Responses
200
filefile
Response
Copy

Add a new Kafka server configuration

Auth
Request Body
POST /api/externallogger/kafka
Copy
Responses
200
filefile
Response
Copy

Delete external logger

Auth
Path Params
idstring
DELETE /api/externallogger/{id}
Copy
Responses
200
filefile
Response
Copy

Enumerate processed files

Auth
Query String
startIndexinteger

maximum: 2147483647

minimum: 0

countinteger

maximum: 10000

minimum: 1

startDatestring
endDatestring
searchstring
scanTypearray

Enum: 0,1,2

storageIdarray
scanIdarray
scanWorkflowSnapshotIdarray
processingStatearray

Enum: 0,1,2,3

resultarray

Enum: 0,1,2

scanAllResultIarray

Enum: 0,1,2,3,7,8,9,10,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,36,38,39,40,41,42,43,255,1014,9999

scanResultICountarray
vulnerabilityCountarray
hasVulnerabilitiesboolean
dlpDetectionboolean
remediationsarray

Enum: 0,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,100,101,102

sortByarray

Enum: 0,1,2,3,4,5,6

sortOrderarray

Enum: 0,1

expandarray
GET /api/file
Copy
Responses
200
Response
Copy

Scan a file on demand

This request is used to update a scanned file with passwords, in case it is an encrypted archive andit could not be scanned because the passwords to decrypt it were not provided. It can also be used withoutproviding any passwords to simply rescan a specific file from a finished scan.

Auth
Request Body
objectobject
fileIdstring

minLength: 1

scanIdstring

minLength: 1

storageProtocolTypeint32
passwordsarray[string]
PUT /api/file
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Retrieve archive scan results

Retrieve the archive scan results using either the scanResultId or the parentId

Auth
Path Params
fileIdstring
Query String
expandarray

Possible values for expand: workflow_snapshot

GET /api/file/{fileId}
Copy
Responses
200
Response
Copy

Fetch processing results for a file

File processing is done asynchronously and each analysis request is tracked by a file ID. Because processing a file is a potentially time-consuming operation, scheduling a file for processing and retrieving the results needs to be done using two separate API calls.

This request needs to be made multiple times until the analysis is complete. Analysis completion can be tracked using the processingState and the progress values from the response..

Auth
Query String
scanResultIdstring
parentIdstring
startinteger
countinteger

Default: 1000

GET /api/file/archive
Copy
Responses
200
Response
Copy

Cancel a file in an ongoing scan

Auth
Request Body
objectobject
fileIdsarray[string]
POST /api/file/cancel
Copy
Responses
200
Response
Copy

Fetch all groups

Auth
GET /api/group
Copy
Responses
200
Response
Copy

Add a group

Auth
Request Body
objectobject
namestring

minLength: 1

descriptionstring
storageIdsarray[string]
POST /api/group
Copy
Responses
200
Response
Copy

Update a group

Auth
Request Body
objectobject
namestring
descriptionstring
groupIdstring

minLength: 1

PATCH /api/group
Copy
Responses
200
Response
Copy

Fetch group by ID

Auth
Path Params
groupIdstring
GET /api/group/{groupId}
Copy
Responses
200
Response
Copy

Delete a group

Auth
Path Params
groupIdstring
DELETE /api/group/{groupId}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Fetch the number of groups

Auth
GET /api/group/count
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
groupCountobject
countint64
Response
Copy

Health Status

API that responds with 200 OK if application is running.

Get health status

Auth
Query String
verboseboolean
GET /api/health
Copy
Responses
200
objectobject
apiStatusstring
Response
Copy

Fetch onboarding configuration

Auth
Query String
newConfigSetupboolean
newDefaultWorkflowboolean
GET /api/onboarding
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
hasUserConfiguredboolean
hasStorageConfiguredboolean
hasScanInstanceConfiguredboolean
isOnboardingDoneboolean
isEulaAgreedboolean
isCloudTypeboolean
Response
Copy

Finish onboarding

Auth
POST /api/onboarding
Copy
Responses
200
filefile
Response
Copy

Accept Eula

Auth
POST /api/onboarding/eula
Copy
Responses
200
filefile
Response
Copy

Get Remediations by workflow id

Auth
Path Params
idstring
GET /api/remediations/workflow/{id}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
entriesarray[object]
idstring
workflowIdstring
isEnabledboolean
configurationstring
typeinteger
  • 0: FileTagging
  • 1: DeepCdr
  • 2: BlockedFileRemediation
  • 3: AllowedSanitizedFileRemediation
  • 4: AllowedFileRemediation
  • 5: BlockedSanitizedFileRemediation
  • 6: DeleteEmptyFoldersRemediation

Enum: 0,1,2,3,4,5,6

handlingTypeinteger
  • 0: Delete
  • 1: Move
  • 2: Copy
  • 3: Keep
  • 999: NotApplicable

Enum: 0,1,2,3,999

Response
Copy

Get Remediation by id

Auth
Path Params
idstring
GET /api/remediations/{id}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
entry
objectobject
idstring
workflowIdstring
isEnabledboolean
configurationstring
typeinteger
  • 0: FileTagging
  • 1: DeepCdr
  • 2: BlockedFileRemediation
  • 3: AllowedSanitizedFileRemediation
  • 4: AllowedFileRemediation
  • 5: BlockedSanitizedFileRemediation
  • 6: DeleteEmptyFoldersRemediation

Enum: 0,1,2,3,4,5,6

handlingTypeinteger
  • 0: Delete
  • 1: Move
  • 2: Copy
  • 3: Keep
  • 999: NotApplicable

Enum: 0,1,2,3,999

Response
Copy

Delete Remediation

Auth
Path Params
idstring
DELETE /api/remediations/{id}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Add Remediation

Auth
Request Body
objectobject
workflowIdstring
isEnabledboolean
configurationstring
typeinteger
  • 0: FileTagging
  • 1: DeepCdr
  • 2: BlockedFileRemediation
  • 3: AllowedSanitizedFileRemediation
  • 4: AllowedFileRemediation
  • 5: BlockedSanitizedFileRemediation
  • 6: DeleteEmptyFoldersRemediation

Enum: 0,1,2,3,4,5,6

handlingTypeinteger
  • 0: Delete
  • 1: Move
  • 2: Copy
  • 3: Keep
  • 999: NotApplicable

Enum: 0,1,2,3,999

POST /api/remediations
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Update Remediation

Auth
Request Body
objectobject
idstring
workflowIdstring
isEnabledboolean
configurationstring
type
integerinteger
  • 0: FileTagging
  • 1: DeepCdr
  • 2: BlockedFileRemediation
  • 3: AllowedSanitizedFileRemediation
  • 4: AllowedFileRemediation
  • 5: BlockedSanitizedFileRemediation
  • 6: DeleteEmptyFoldersRemediation

Enum: 0,1,2,3,4,5,6

handlingType
integerinteger
  • 0: Delete
  • 1: Move
  • 2: Copy
  • 3: Keep
  • 999: NotApplicable

Enum: 0,1,2,3,999

PATCH /api/remediations
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Report

Generate reports

Get scans report

Auth
Query String
storageIdstring
namestring
scanTypesFilterarray

Enum: 0,1,2

scanStatesFilterarray

Enum: 0,1,2,3,4

startDatestring
endDatestring
sortDirectionFilter
startIndexinteger
countinteger
GET /api/report
Copy
Responses
200
Response
Copy

Download PDF Report

Auth
Path Params
scanIdstring
Query String
GET /api/report/download/{scanId}
Copy
Responses
200
filefile
Response
Copy

Get scan by ID

Auth
Path Params
scanIdstring
GET /api/scan/{scanId}
Copy
Responses
200
Response
Copy

Start a scan

To scan a specific folder using the optional Folder parameter, provide the absolute folder path: For Amazon S3 / S3 Compatible Types, Azure Blob, Azure Files, and Google Cloud: Including the Folder Location integrated in MDSS and excluding the Bucket Name, Container, etc. For Box: With or without the "All Files" folder For Sharepoint and Onedrive: Excluding the Document Library, Site, or Group For NFS / SMB / SFTP: Only the folder path beyond your configured storage root (do not include the base path set during integration)

Auth
Request Body
objectobject
storageIdstring

Deprecated

namestring

pattern: ^[^@#$%&*"';:.|,{}?+=><~^[]!\]+$`

folderstring
priorityint32
storageIdsarray[string]
workflowIdstring

minLength: 1

scanConfigurationIdstring
scanConfigDto
objectobject
realTimeScanConfig
objectobject
isEnabledboolean
startDatedate-time
handlingTypeinteger
  • 0: Polling
  • 1: EventBased

Enum: 0,1

POST /api/scan/start
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
scanIdstring
scanIdsarray[string]
Response
Copy

Stop a scan

Auth
Path Params
scanIdstring
POST /api/scan/stop/{scanId}
Copy
Responses
200
filefile
Response
Copy

Get next scheduled scan

Auth
Path Params
storageIdstring
GET /api/scan/scheduled/{storageId}
Copy
Responses
200
Response
Copy

Delete scans

Auth
Path Params
storageIdstring
Request Body
arrayarray[string]
DELETE /api/scan/{storageId}
Copy
Responses
200
Response
Copy

Fetch last completed scan

Auth
Path Params
storageIdstring
GET /api/scan/last_completed/{storageId}
Copy
Responses
200
Response
Copy

Get an active scan by scan ID

Auth
Path Params
scanIdstring
GET /api/scan/active/{scanId}
Copy
Responses
200
Response
Copy

Get Real-Time scan by storage Id

Auth
Path Params
storageIdstring
GET /api/scan/realtime/{storageId}
Copy
Responses
200
Response
Copy

Get Scan Instances

Auth
Query String
scanPoolIdstring
GET /api/scaninstance
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
entriesarray[object]
idstring
scanPoolIdstring
urlstring
apiKeystring
timeoutstring
scanInstanceTypeinteger
  • 0: MdCore
  • 1: MdCloud

Enum: 0,1

Response
Copy

Update an existing Scan Instance

Auth
Request Body
objectobject
idstring

minLength: 1

urlstring

pattern: ^((?!(^((https?):\/\/)?127(?:\.[0-9]+){0,2}\.[0-9]+(:(6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5]|[1-5][0-9]{4}|[1-9][0-9]{0,3})?)?$)|(^((https?):\/\/)?\[(?:0*\:)*?:?0*1\](:(6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5]|[1-5][0-9]{4}|[1-9][0-9]{0,3})?)?$)).)*$

apiKeystring
timeoutstring
PUT /api/scaninstance
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Add a new Scan Instance

Auth
Request Body
objectobject
scanPoolIdstring

minLength: 1

urlstring

minLength: 1

pattern: ^((?!(^((https?):\/\/)?127(?:\.[0-9]+){0,2}\.[0-9]+(:(6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5]|[1-5][0-9]{4}|[1-9][0-9]{0,3})?)?$)|(^((https?):\/\/)?\[(?:0*\:)*?:?0*1\](:(6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5]|[1-5][0-9]{4}|[1-9][0-9]{0,3})?)?$)).)*$

apiKeystring
timeoutstring
scanInstanceTypeinteger
  • 0: MdCore
  • 1: MdCloud

Enum: 0,1

POST /api/scaninstance
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
scanInstanceIdstring
Response
Copy

Get Scan Instance by ID

Auth
Path Params
idstring
GET /api/scaninstance/{id}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
entry
objectobject
idstring
scanPoolIdstring
urlstring
apiKeystring
timeoutstring
scanInstanceTypeinteger
  • 0: MdCore
  • 1: MdCloud

Enum: 0,1

Response
Copy

Delete a Scan Instance

Auth
Path Params
idstring
DELETE /api/scaninstance/{id}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Test

Auth
Request Body
objectobject
urlstring

minLength: 1

rulesarray[string]
apiKeystring
userAgentstring
POST /api/scaninstance/Test
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Get Scan Pools

Auth
GET /api/scanpool
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
entriesarray[object]
idstring
namestring
scanPoolTypeinteger
  • 0: MdCore
  • 1: MdCloud

Enum: 0,1

isDefaultboolean
scanInstancesarray[object]
idstring
scanPoolIdstring
urlstring
apiKeystring
timeoutstring
scanInstanceTypeinteger
  • 0: MdCore
  • 1: MdCloud

Enum: 0,1

Response
Copy

Update an existing Scan Pool

Auth
Request Body
objectobject
idstring

minLength: 1

namestring

maxLength: 30

minLength: 3

PUT /api/scanpool
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Add a new Scan Pool

Auth
Request Body
objectobject
namestring

maxLength: 30

minLength: 3

scanPoolTypeinteger
  • 0: MdCore
  • 1: MdCloud

Enum: 0,1

POST /api/scanpool
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
scanPoolIdstring
Response
Copy

Get Scan Pool by ID

Auth
Path Params
idstring
GET /api/scanpool/{id}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
entry
objectobject
idstring
namestring
scanPoolTypeinteger
  • 0: MdCore
  • 1: MdCloud

Enum: 0,1

isDefaultboolean
scanInstancesarray[object]
idstring
scanPoolIdstring
urlstring
apiKeystring
timeoutstring
scanInstanceTypeinteger
  • 0: MdCore
  • 1: MdCloud

Enum: 0,1

Response
Copy

Delete a Scan Pool

Auth
Path Params
idstring
DELETE /api/scanpool/{id}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Scan Workflow Snapshot

List scan workflow snapshots

Get all scan workflow snapshots by scan ID

Auth
Path Params
scanIdstring
GET /api/scanworkflowsnapshot/getAllFromScan/{scanId}
Copy
Responses
200
Response
Copy

Get notifications configuration

Auth
GET /api/settings/notifications
Copy
Responses
200
Response
Copy

Update notifications configuration

Auth
Request Body
PUT /api/settings/notifications
Copy
Responses
200

Fetch SMTP configuration

Auth
GET /api/settings/smtp
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
hoststring
portint32
baseUrlstring
senderAddressstring
senderNamestring
domainstring
usernamestring
secureSocketOptioninteger
  • 0: None
  • 1: Auto
  • 2: SslOnConnect
  • 3: StartTls
  • 4: StartTlsWhenAvailable

Enum: 0,1,2,3,4

ignoreCertWarningsboolean
isSmtpEnabledboolean
Response
Copy

Update SMTP configuration

Auth
Request Body
objectobject
hoststring
portint32
baseUrlstring
senderAddressstring
senderNamestring

maxLength: 320

domainstring
usernamestring
passwordstring
secureSocketOption
integerinteger
  • 0: None
  • 1: Auto
  • 2: SslOnConnect
  • 3: StartTls
  • 4: StartTlsWhenAvailable

Enum: 0,1,2,3,4

ignoreCertWarningsboolean
isSmtpEnabledboolean
PATCH /api/settings/smtp
Copy
Responses
200
Response
Copy

Online license activation

Auth
Request Body
objectobject
keystring

minLength: 1

POST /api/settings/admin/license/activate/online
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Offline license activation

Auth
Request Body
objectobject
LicenseContentfile
POST /api/settings/admin/license/activate/offline
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Get license details

Auth
GET /api/settings/admin/license
Copy
Responses
200
objectobject
apiStatusstring
Response
Copy

Deactivate license

Auth
POST /api/settings/admin/license/deactivate
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Fetch retention configuration

Auth
GET /api/settings/retention
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
retentionAuditDaysint32
reportRetentionConfiguration
objectobject
isEnabledboolean
retentionDaysint32
rtpHistoryRetentionConfiguration
objectobject
isEnabledboolean
retentionDaysint32
Response
Copy

Update retention configuration

Auth
Request Body
objectobject
retentionAuditDaysint32

maximum: 50000

minimum: 1

reportRetentionobject
isEnabledboolean
retentionDaysint32

maximum: 50000

minimum: 1

rtpHistoryRetentionobject
isEnabledboolean
retentionDaysint32

maximum: 50000

minimum: 1

PUT /api/settings/retention
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Generate encryption key

Generate a new encryption key, replacing the old one if it exists.

Auth
POST /api/settings/encryption/generate
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Get encryption key creation date

Get the creation date of the encryption key.

Auth
GET /api/settings/encryption/creation-date
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
creationDatedate-time
Response
Copy

Sso

Sso Authentication and Sso configuration update

Get Sso Configuration

Auth
GET /api/sso/config
Copy
Responses
200
objectobject
isEnabledboolean
ssoProviderinteger
  • 0: Azure
  • 1: Okta
  • 2: Auth0
  • 3: Adfs
  • 4: PingFederate
  • 5: Opswat

Enum: 0,1,2,3,4,5

ssoTypeinteger
  • 0: OpenIdConnect
  • 1: Saml2

Enum: 0,1

baseUrlstring
clientIdstring
clientSecretstring
authoritystring
identityProviderCertificatestring
identityProviderIssuerstring
loginUrlstring
logoutUrlstring
administratorRoleNamestring
readonlyRoleNamestring
Response
Copy

Update Sso Configuration

Auth
Request Body
objectobject
clientIdstring

maxLength: 255

clientSecretstring

maxLength: 255

authoritystring

maxLength: 255

baseUrlstring

maxLength: 255

identityProviderCertificateobject
contentstring
identityProviderIssuerstring

maxLength: 255

identityProviderLoginUrlstring

maxLength: 255

identityProviderLogoutUrlstring

maxLength: 255

isEnabledboolean
ssoTypeint32
ssoProviderint32
administratorRoleNamestring

maxLength: 63

readonlyRoleNamestring

maxLength: 63

PATCH /api/sso
Copy
Responses
200
Response
Copy

Fetch all storage units

Auth
GET /api/storage/all
Copy
Responses
200
Response
Copy

Fetch storage by ID

Auth
Path Params
storageIdstring
GET /api/storage/{storageId}
Copy
Responses
200
Response
Copy

Delete a storage

Auth
Path Params
storageIdstring
Query String
forceDeleteboolean
DELETE /api/storage/{storageId}
Copy
Responses
200
filefile
Response
Copy

Update a storage

Note! The following are templates for what is expected in the Credentials, CredentialsFile and Source fields. Please provide the correct values for your storage integration instead of null/false

Alibaba Cloud storage units:
Credentials: "{"Endpoint":null,"AccessKeyId":null,"AccessKeySecret":null,"UseRamRole":false}"
Source: "{"BucketName":null,"FolderLocation":null}"

Amazon S3 / S3 Compatible storage units:
Credentials: "{"ServiceUrl":null,"AccessKeyId":null,"SecretAccessKey":null,"RegionEndpoint":null,"AssumeRoleArn":null,"UseIamRole":false}"
Source: "{"BucketName":null,"FolderLocation":null}"

Azure Blob storage units:
Credentials: "{"TenantId":null,"ClientId":null,"ClientSecret":null,"StorageAccount":null}"
Source: "{"Container":null}"

Azure Files storage units:
Credentials: "{"AccountName":null,"AccountKey":null,"ShareName":null}"
Source: "{"FolderLocation":null}"

Box storage units:
CredentialsFile: upload the credentials file
Source: "{"FolderLocation":null}"

Dell Isilon / SMB Compatible storage units:
Credentials: "{"User":null,"Password":null,"Server":null}"
Source: "{"SharePath":null}"

Google Cloud storage units:
CredentialsFile: upload the credentials file
Credentials: "{"UseAdc":false}"
Source: "{"BucketName":null,"FolderLocation":null}"

Graph storage units:
Credentials: "{"TenantId":null,"ClientId":null,"ClientSecret":null}"
Source: "{"Group":null}"

Auth
Path Params
storageIdstring
Request Body
objectobject
Namestring
StorageVendorTypestring
StorageProtocolTypestring
CredentialsFilefile
Credentialsstring
Sourcestring
GroupIdstring
AccountIdstring
WorkflowIdstring
TransferMetadataAndChecksumboolean
PATCH /api/storage/{storageId}
Copy
Responses
200
Response
Copy

Fetch storage users

Auth
Path Params
storageIdstring
Query String
filterstring
GET /api/storage/{storageId}/users
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
entriesarray[object]
idstring
fullNamestring
Response
Copy

Add a storage

Note! The following are templates for what is expected in the Credentials, CredentialsFile and Source fields. Please provide the correct values for your storage integration instead of null/false

Alibaba Cloud storage units:
Credentials: "{"Endpoint":null,"AccessKeyId":null,"AccessKeySecret":null,"UseRamRole":false}"
Source: "{"BucketName":null,"FolderLocation":null}"

Amazon S3 / S3 Compatible storage units:
Credentials: "{"ServiceUrl":null,"AccessKeyId":null,"SecretAccessKey":null,"RegionEndpoint":null,"AssumeRoleArn":null,"UseIamRole":false}"
Source: "{"BucketName":null,"FolderLocation":null}"

Azure Blob storage units:
Credentials: "{"TenantId":null,"ClientId":null,"ClientSecret":null,"StorageAccount":null}"
Source: "{"Container":null}"

Azure Files storage units:
Credentials: "{"AccountName":null,"AccountKey":null,"ShareName":null}"
Source: "{"FolderLocation":null}"

Box storage units:
CredentialsFile: upload the credentials file
Source: "{"FolderLocation":null}"

Dell Isilon / SMB Compatible storage units:
Credentials: "{"User":null,"Password":null,"Server":null}"
Source: "{"SharePath":null}"

Google Cloud storage units:
CredentialsFile: upload the credentials file
Credentials: "{"UseAdc":false}"
Source: "{"BucketName":null,"FolderLocation":null}"

Graph storage units:
Credentials: "{"TenantId":null,"ClientId":null,"ClientSecret":null}"
Source: "{"Group":null}"

Auth
Request Body
objectobject
Namestring
StorageVendorTypestring
StorageProtocolTypestring
CredentialsFilefile
Credentialsstring
Sourcestring
GroupIdstring
AccountIdstring
WorkflowIdstring
TransferMetadataAndChecksumboolean
POST /api/storage
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
storageIdstring
Response
Copy

Add batch of storages

Note! The following are templates for what is expected in the Credentials, CredentialsFile and Source fields. Please provide the correct values for your storage integration instead of null/false

Alibaba Cloud storage units:
Credentials: "{"Endpoint":null,"AccessKeyId":null,"AccessKeySecret":null,"UseRamRole":false}"
Source: "{"BucketName":null,"FolderLocation":null}"

Amazon S3 / S3 Compatible storage units:
Credentials: "{"ServiceUrl":null,"AccessKeyId":null,"SecretAccessKey":null,"RegionEndpoint":null,"AssumeRoleArn":null,"UseIamRole":false}"
Source: "{"BucketName":null,"FolderLocation":null}"

Azure Blob storage units:
Credentials: "{"TenantId":null,"ClientId":null,"ClientSecret":null,"StorageAccount":null}"
Source: "{"Container":null}"

Azure Files storage units:
Credentials: "{"AccountName":null,"AccountKey":null,"ShareName":null}"
Source: "{"FolderLocation":null}"

Box storage units:
CredentialsFile: upload the credentials file
Source: "{"FolderLocation":null}"

Dell Isilon / SMB Compatible storage units:
Credentials: "{"User":null,"Password":null,"Server":null}"
Source: "{"SharePath":null}"

Google Cloud storage units:
CredentialsFile: upload the credentials file
Credentials: "{"UseAdc":false}"
Source: "{"BucketName":null,"FolderLocation":null}"

Graph storage units:
Credentials: "{"TenantId":null,"ClientId":null,"ClientSecret":null}"
Source: "{"Group":null}"

Auth
Request Body
POST /api/storage/batch
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
storageIdstring
Response
Copy

Get batch of add storages results

Auth
Query String
tokenstring
GET /api/storage/results
Copy
Responses
200
Response
Copy

Fetch all storage units by filters (storage type or status)

Auth
Path Params
startIndexstring
countstring
Query String
sortingOrderstring
searchstring
storageTypeinteger
storageStatusinteger
GET /api/storage/enumerate/{startIndex}/{count}
Copy
Responses
200
Response
Copy

Add a scan schedule

Auth
Path Params
storageIdstring
Request Body
PUT /api/storage/{storageId}/scan_schedule
Copy
Responses
200
filefile
Response
Copy

Update a scan schedule

Auth
Path Params
storageIdstring
Request Body
PUT /api/storage/scan_schedule/update/{storageId}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Fetch scan schedules

Auth
Path Params
storageIdstring
sortDirectioninteger

Enum: 0,1

startIndexinteger

maximum: 2147483647

minimum: 0

countinteger

maximum: 2147483647

minimum: 1

Query String
namestring

pattern: ^[^@#$%&*"';:.|,{}?+=><~^[]!\]+$`

userstring

pattern: ^[\p{L}\p{M} ',.-]+$

typestring
GET /api/storage/scan_schedules/{storageId}/{sortDirection}/{startIndex}/{count}
Copy
Responses
200
Response
Copy

Delete scan schedules

Auth
Request Body
arrayarray[string]
DELETE /api/storage/scan_schedule
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: FailedInvalidListOfIds

Enum: 0,1,2,3,0,1

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
areAllDeletedboolean
Response
Copy

Retrieve storage user name

Auth
Path Params
storageIdstring
Query String
userIdstring
GET /api/storage/{storageId}/user
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
userNamestring
Response
Copy

Retrieve storage user name

Auth
Path Params
storageIdstring
userIdstring
GET /api/storage/{storageId}/{userId}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
userNamestring
Response
Copy

Fetch active users

Auth
Path Params
startIndexstring
countstring
Query String
searchTermstring

pattern: ^[\p{L}\p{M} ',.-]+$

orderType
orderBy
searchTextstring

pattern: ^[\p{L}\p{M} ',.-]+$

GET /api/user/active/{startIndex}/{count}
Copy
Responses
200
objectobject
entriesarray[object]
idstring
userNamestring
fullNamestring
emailstring
roleinteger
  • 0: None
  • 1: ReadOnlyAdministrator
  • 2: Administrator
  • 4: SsoAdministrator
  • 5: SsoReadOnlyAdministrator
  • 6: TenantAdministrator
  • 999: Invalid

Enum: 0,1,2,4,5,6,999

totalCountint64
Response
Copy

Register a user

Auth
Request Body
objectobject
fullNamestring

minLength: 1

userNamestring

minLength: 1

passwordstring
emailstring

minLength: 1

ssoUserIdstring
POST /api/user/register
Copy
Responses
200
filefile
Response
Copy

Create a user

Auth
Request Body
objectobject
fullNamestring

minLength: 1

userNamestring

minLength: 1

passwordstring
emailstring

minLength: 1

ssoUserIdstring
roleinteger
  • 0: None
  • 1: ReadOnlyAdministrator
  • 2: Administrator
  • 4: SsoAdministrator
  • 5: SsoReadOnlyAdministrator
  • 6: TenantAdministrator
  • 999: Invalid

Enum: 0,1,2,4,5,6,999

POST /api/user/create
Copy
Responses
200
filefile
Response
Copy

Authenticate with a username and password

Authenticate with a username and password to obtain a JWT token,Most of the APIs require authentication in the form of providing a JWT token. Call this API in order to receive a token but please note that it's only valid for an hour so it should be periodically refreshed.

Auth
Request Body
objectobject
userNamestring

minLength: 1

passwordstring

minLength: 1

POST /api/user/authenticate
Copy
Responses
200
Response
Copy

Refresh user token

Auth
Request Body
objectobject
accessTokenstring

minLength: 1

refreshTokenstring

minLength: 1

POST /api/user/refreshToken
Copy
Responses
200
filefile
Response
Copy

Logout

Auth
POST /api/user/logout
Copy
Responses
200
filefile
Response
Copy

Update user role

Auth
Request Body
objectobject
userIdstring

minLength: 1

roleinteger
  • 0: None
  • 1: ReadOnlyAdministrator
  • 2: Administrator
  • 4: SsoAdministrator
  • 5: SsoReadOnlyAdministrator
  • 6: TenantAdministrator
  • 999: Invalid

Enum: 0,1,2,4,5,6,999

PUT /api/user/role
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
user
objectobject
idstring
userNamestring
fullNamestring
emailstring
roleinteger
  • 0: None
  • 1: ReadOnlyAdministrator
  • 2: Administrator
  • 4: SsoAdministrator
  • 5: SsoReadOnlyAdministrator
  • 6: TenantAdministrator
  • 999: Invalid

Enum: 0,1,2,4,5,6,999

Response
Copy

Fetch users

Auth
Query String
startIndexinteger

maximum: 2147483647

minimum: 0

countinteger

maximum: 2147483647

minimum: 1

orderType
orderBy
searchTextstring

pattern: ^[\p{L}\p{M} ',.-]+$

GET /api/user/requests
Copy
Responses
200
objectobject
entriesarray[object]
idstring
userNamestring
fullNamestring
emailstring
roleinteger
  • 0: None
  • 1: ReadOnlyAdministrator
  • 2: Administrator
  • 4: SsoAdministrator
  • 5: SsoReadOnlyAdministrator
  • 6: TenantAdministrator
  • 999: Invalid

Enum: 0,1,2,4,5,6,999

totalCountint64
Response
Copy

Delete a user

Auth
Path Params
userIdstring
DELETE /api/user/{userId}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
user
objectobject
idstring
userNamestring
fullNamestring
emailstring
roleinteger
  • 0: None
  • 1: ReadOnlyAdministrator
  • 2: Administrator
  • 4: SsoAdministrator
  • 5: SsoReadOnlyAdministrator
  • 6: TenantAdministrator
  • 999: Invalid

Enum: 0,1,2,4,5,6,999

Response
Copy

Update current user

Auth
Request Body
objectobject
userIdstring
roleinteger
  • 0: None
  • 1: ReadOnlyAdministrator
  • 2: Administrator
  • 4: SsoAdministrator
  • 5: SsoReadOnlyAdministrator
  • 6: TenantAdministrator
  • 999: Invalid

Enum: 0,1,2,4,5,6,999

userNamestring
fullNamestring
currentPasswordstring
newPasswordstring
emailstring
accountSecurity
objectobject
incrementalDelaystring
failedLoginDatedate-time
PUT /api/user
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
user
objectobject
idstring
userNamestring
fullNamestring
emailstring
roleinteger
  • 0: None
  • 1: ReadOnlyAdministrator
  • 2: Administrator
  • 4: SsoAdministrator
  • 5: SsoReadOnlyAdministrator
  • 6: TenantAdministrator
  • 999: Invalid

Enum: 0,1,2,4,5,6,999

Response
Copy

Request password reset

Auth
Request Body
objectobject
userInputstring

minLength: 1

POST /api/user/password/reset
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Reset user password

Auth
Request Body
objectobject
newPasswordstring

minLength: 12

newPasswordConfirmationstring

minLength: 12

secureTokenstring
POST /api/user/password
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
user
objectobject
idstring
userNamestring
fullNamestring
emailstring
roleinteger
  • 0: None
  • 1: ReadOnlyAdministrator
  • 2: Administrator
  • 4: SsoAdministrator
  • 5: SsoReadOnlyAdministrator
  • 6: TenantAdministrator
  • 999: Invalid

Enum: 0,1,2,4,5,6,999

Response
Copy

User Tour

Finalize and list user tours

Fetch tours completed by a user

Auth
Path Params
userIdstring
GET /api/usertour/{userId}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
userIdstring
userToursarray[object]
tourTypeinteger
  • 0: OnboardingUi
  • 1: WorkflowUi

Enum: 0,1

finalizedDatedate-time
Response
Copy

Mark a specific Tour as completed by a user

Auth
Request Body
objectobject
userIdstring

minLength: 1

userTourTypeinteger
  • 0: OnboardingUi
  • 1: WorkflowUi

Enum: 0,1

POST /api/usertour/finalizeUserTour
Copy
Responses
200
filefile
Response
Copy

File event trigger of real time processing

This endpoint takes the parameters and tries to find the file in the specified storage and applies the workflow for the specified file

Auth
Request Body
objectobject
metadatastring

minLength: 1

storageClientIdstring

minLength: 1

POST /api/webhook/realtime
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
correlationIdstring
400
404
Response
Copy

File event trigger of real time processing by storage client ID

This endpoint takes the parameter and tries to find the file in the specified storage and applies the workflow for the specified file

Auth
Path Params
storageClientIdstring
Request Body
No request body
POST /api/webhook/realtime/{storageClientId}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
correlationIdstring
400
404
Response
Copy

File event trigger of real time processing for Box

This endpoint takes the parameter and tries to find the file in the specified Box storage and applies the workflow for the specified file

Auth
Path Params
storageClientIdstring
Request Body
No request body
POST /api/webhook/realtime/public/{storageClientId}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
correlationIdstring
400
404
Response
Copy

{scanId}

Auth
Path Params
storageClientIdstring
scanIdstring
Query String
validationTokenstring
Request Body
No request body
POST /api/webhook/realtime/graph/{storageClientId}/{scanId}
Copy
Responses
200
filefile
Response
Copy

Get Workflows

Auth
GET /api/workflow
Copy
Responses
200

Add a new Workflow

Auth
Request Body
objectobject
scanPoolIdstring

minLength: 1

rulesarray[string]
namestring

maxLength: 30

minLength: 3

userAgentstring
failOverScanPoolIdstring
filtersobject
minimumSizeint64
maximumSizeint64
minimumDateTimedate-time
maximumDateTimedate-time
POST /api/workflow
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
workflowIdstring
Response
Copy

Update an existing Workflow

Auth
Request Body
objectobject
idstring

minLength: 1

scanPoolIdstring
rulesarray[string]
namestring

maxLength: 30

minLength: 3

userAgentstring
failOverScanPoolIdstring
failOverDisabledboolean
filters
objectobject
minimumSizeint64
maximumSizeint64
minimumDateTimedate-time
maximumDateTimedate-time
fileDefinition
objectobject
blockingStrategyinteger
  • 0: Strict
  • 1: Configurable

Enum: 0,1

configurableBlockingStrategyobject
shouldTreatFilesWithSensitiveDataAsBlockedboolean
shouldTreatFilesWithVulnerabilitiesAsBlockedboolean
PATCH /api/workflow
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Get Workflow by ID

Auth
Path Params
idstring
GET /api/workflow/{id}
Copy
Responses
200

Delete a Workflow

Auth
Path Params
idstring
DELETE /api/workflow/{id}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Set a Workflow as default

Auth
Path Params
idstring
POST /api/workflow/setDefault/{id}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
Response
Copy

Refresh supported technologies for a Workflow and return updated Workflow

Auth
Request Body
objectobject
workflowIdstring
POST /api/workflow/enabledTechnologies
Copy
Responses
200

tenant

Auth
GET /api/tenant
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
tenantsarray[object]
idstring
customerNamestring
createdAtdate-time
lastUpdateddate-time
Response
Copy

tenant

Auth
Request Body
objectobject
customerNamestring

minLength: 1

pattern: ^(?!\s*$).+

POST /api/tenant
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
tenant
objectobject
idstring
customerNamestring
createdAtdate-time
lastUpdateddate-time
Response
Copy

{tenantId}

Auth
Path Params
tenantIdstring
GET /api/tenant/{tenantId}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
tenant
objectobject
idstring
customerNamestring
createdAtdate-time
lastUpdateddate-time
Response
Copy

{tenantId}

Auth
Path Params
tenantIdstring
Request Body
objectobject
customerNamestring

minLength: 1

pattern: ^(?!\s*$).+

PUT /api/tenant/{tenantId}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
tenant
objectobject
idstring
customerNamestring
createdAtdate-time
lastUpdateddate-time
Response
Copy

{tenantId}

Auth
Path Params
tenantIdstring
DELETE /api/tenant/{tenantId}
Copy
Responses
200
objectobject
resultinteger
  • 0: Success
  • 1: Error
  • 2: InternalError
  • 3: NotFound

Enum: 0,1,2,3

responseKeystring
responseMessagestring
responseMessageParamsobject
*string
tenant
objectobject
idstring
customerNamestring
createdAtdate-time
lastUpdateddate-time
Response
Copy