This section describes the features of the Kaspersky CyberTrace REST API.
About the REST API
Kaspersky CyberTrace provides a REST API interface that you can use to perform the following actions:
Supported protocols
The REST API supports HTTPS protocol with basic authentication. All requests are synchronous. Kaspersky CyberTrace processes a request and returns the result in the response.
To communicate by using HTTPS, Kaspersky CyberTrace uses the certificate specified in the GUISettings > HTTPServer >SSLCertificatePath and GUISettings > HTTPServer >SSLPrivateKeyPath elements of the kl_feed_service.conf configuration file.
For more information about authentication, see section "Accessing the REST API".
The maximum number of processed requests is specified in the ServiceSettings > ScannersCount element of the kl_feed_service.conf configuration file.
REST API suppliers
Suppliers that were added with the REST API are different from regular suppliers. Only the suppliers that you add with the REST API can be accessed through the REST API. You cannot access all other suppliers through the REST API. In addition, the REST API provides a way to manage indicators from FalsePositive and InternalTI suppliers.
Suppliers that were added with the REST API are displayed on the Custom feeds tab. If a vendor is specified for a supplier, the supplier is displayed on the vendor tab instead. Each REST API supplier has a short description that marks it as a REST API supplier.
For suppliers that were added with the REST API, you cannot perform the following actions in Kaspersky CyberTrace Web:
You can perform the following actions for suppliers that were added with the REST API in Kaspersky CyberTrace Web:
User roles and REST API
Methods that are available to a user depend on the user's role:
REST API and logging
Kaspersky CyberTrace logs the following information about the REST API: