Kaspersky Industrial CyberSecurity for Networks has an application programming interface (API) that provides access to application functions for external applications (hereinafter referred to as "recipient apps").
The Kaspersky Industrial CyberSecurity for Networks distribution kit includes a package containing descriptions of specifications for representing data in requests sent to the REST API server. The REST API server runs on the Kaspersky Industrial CyberSecurity for Networks Server computer and processes requests by using the architectural style of interaction known as REST (Representational State Transfer). Queries to the REST API server are sent over the HTTPS protocol. You can configure the REST API server settings under Settings → Connection Servers (including to replace the default self-signed certificate with a trusted certificate).
The JSON format is used to represent data in requests and responses.
The documentation containing descriptions of requests based on the REST architectural style is published as an Online Help Guide on the Kaspersky Online Help page. This documentation serves as the Developer Guide. The Developer Guide also provides sample code and detailed descriptions of called elements that are available in requests sent to the REST API server.
OPEN THE DOCUMENTATION DESCRIBING REQUESTS TO THE REST API SERVER, version 3
OPEN THE DOCUMENTATION DESCRIBING REQUESTS TO THE REST API SERVER, version 4
Recipient apps can use the Kaspersky Industrial CyberSecurity for Networks API to do the following:
All of the listed actions are available when making requests to the REST API server version 4. Some of these actions are not supported when making requests to the REST API server version 3.
Recipient apps that utilize the Kaspersky Industrial CyberSecurity for Networks API can connect to the Application Server through connectors. Connectors use certificates for a secure connection. For each recipient app that will send requests to the REST API server, you need to create a separate connector in Kaspersky Industrial CyberSecurity for Networks.
A recipient app must use an authentication token for a connection with Kaspersky Industrial CyberSecurity for Networks. The application issues an authentication token upon request by the recipient app, and for this token it uses certificates of the connector that was created for this recipient app. An authentication token is valid for 10 hours by default (in Kaspersky Industrial CyberSecurity for Networks version 4.0.1, you can use the kics4net-params script to change the validity period of authentication tokens). The recipient app can renew the authentication token by special request.
Documentation containing a description of queries for authentication token operations is published as an Online Help Guide on the Kaspersky Online Help page. This documentation serves as the Developer Guide.
OPEN THE DOCUMENTATION DESCRIBING QUERIES FOR AUTHENTICATION TOKEN OPERATIONS, version 3
OPEN THE DOCUMENTATION DESCRIBING QUERIES FOR AUTHENTICATION TOKEN OPERATIONS, version 4
The Kaspersky Industrial CyberSecurity for Networks API provides the following options for working with recipient apps:
Recipient apps can use the WebSocket protocol for interaction in the Kaspersky Industrial CyberSecurity for Networks API to create subscriptions to modified values received by the application. For example, this method of interaction lets you subscribe to notifications about the received values of a specific tag.