REST API
You can access XDR from third-party solutions using the API. The XDR REST API operates over HTTP and consists of a set of request/response methods.
On the Swagger page, use the Select a definition drop-down list to switch between KUMA and XDR (OSMP) API sets.
REST API requests must be sent to the following address:
https://api.<XDR FQDN>/xdr/api/v1/<request>
https://api.<XDR FQDN>/xdr/api/v3/kuma/<request> (for KUMA-specific API)
Example:
https://api.example.com/xdr/api/v1/
https://api.example.com/xdr/api/v3/kuma/ (for KUMA-specific API)
Creating a token
To generate a user API token:
- In the main menu, go to Settings → API Tokens.
- Click Add token.
- In the Add token panel, configure the token options:
- Click Expiration date and use the calendar to specify the expiration date. If you want to disable automatic expiration for the token, select the No expiration date check box.
The maximum expiration date range is 365 days.
We recommend that you enable automatic expiration for tokens that have access to POST methods.
- Select check boxes next to the API methods you want to allow access to.
- Click Expiration date and use the calendar to specify the expiration date. If you want to disable automatic expiration for the token, select the No expiration date check box.
- Click Generate.
- Click Copy and close.
You will not be able to copy the token later.
The token is created and copied to the clipboard. Save the token in any convenient way.
Page topAuthorizing API requests
Each API request must include token-based authorization. The user whose token is used to make the API request must have the permissions to perform this type of request.
Each request must be accompanied by the following header:
Authorization: Bearer <token>
Possible errors
HTTP code |
Description |
|
400 |
Invalid header |
invalid authorization header |
403 |
The token does not exist or the owner user is disabled |
access denied |