Managing the solution through the REST API

This feature is available in MDR Expert, MDR Advanced, (available in some regions only), and MDR Prime (available in some regions only). See the comparison of license solutions in this section.

To have access to the REST API in Kaspersky Security Center, your account in Kaspersky Security Center Web Console needs to have the following access rights: Incident access and REST API access.

For some commercial license tiers it will only be possible to generate a refresh token in MDR Web Console to use it for setting up MDR Plug-in, without access to the REST API in Kaspersky Security Center.

Kaspersky Managed Detection and Response allows you to programmatically get, create, and update MDR entities via the REST API. The REST API operates over HTTP and consists of a set of request/response methods. In other words, you can manage Kaspersky Managed Detection and Response through a third-party solution, not MDR Web Console.

To start working with the REST API, you need to create a refresh token and an access token.

OPEN THE REST API REFERENCE

In this section

Scenario: performing token-based authorization

Creating an API connection in Kaspersky Security Center

Creating an API connection in MDR Web Console

Editing an API connection in Kaspersky Security Center

Editing an API connection in MDR Web Console

Creating an access token in Kaspersky Security Center

Creating an access token in MDR Web Console

Working with the REST API

Revoking a refresh token in Kaspersky Security Center

Deleting an API connection in Kaspersky Security Center

Deleting an API connection in MDR Web Console

Page top