Requests

This section describes requests that you can make using the Kaspersky CyberTrace API, responses to these requests, and usage examples.

Starting from version 5.0, Kaspersky CyberTrace supports four versions of the REST API: 1.0, 1.1, 1.2, and 1.3.

If your license key supports multitenancy, each request should specify the tenant for which the request is performed.

The following table lists the requests available for each version.

REST API requests

Request

REST API v1.0

REST API v1.1 and v1.2

REST API 1.3

POST /api/%API_VERSION%/lookup

Performs an indicator search.

Yes

Yes

No

 

POST /api/%API_VERSION%/{TenantName}/lookup

Performs an indicator search in the specified tenant.

No

No

Yes

Available only if multitenancy mode is enabled.

Managing suppliers

GET /api/%API_VERSION%/suppliers

Gets a list of suppliers and their statuses.

Yes

Yes

Yes

POST /api/%API_VERSION%/suppliers

Adds a new supplier.

Yes

Yes

Yes

GET /api/%API_VERSION%/suppliers/{supplier}

Gets information about the specified supplier.

Yes

Yes

Yes

GET /api/%API_VERSION%/{TenantName}/suppliers/{supplier}

Gets information about the specified supplier within the specified tenant.

No

No

Yes

Available only if multitenancy mode is enabled.

PUT /api/%API_VERSION%/suppliers/{supplier}

Updates the specified supplier information.

Yes

Yes

Yes

PUT /api/%API_VERSION%/{TenantName}/suppliers/{supplier}

Updates the specified supplier information within the specified tenant.

No

No

Yes

Available only if multitenancy mode is enabled.

DELETE /api/%API_VERSION%/suppliers/{supplier}

Deletes the specified supplier.

Yes

Yes

Yes

Managing indicators

 

PUT /api/%API_VERSION%/suppliers/{supplier}/indicators

Adds new indicators to a supplier and updates existing indicators.

Yes

Adding tags to indicators or removing tags from indicators is not available.

Yes

Marking the indicator-related detections as false positive is available starting from version 1.2.

Yes

PUT /api/%API_VERSION%/{TenantName}/suppliers/{supplier}/indicators

Adds new indicators to a supplier and updates existing indicators within the specified tenant.

No

No

Yes

Available only if multitenancy mode is enabled.

DELETE /api/%API_VERSION%/suppliers/{supplier}/indicators

Deletes the specified indicators from a supplier.

Yes

Yes

Removing the indicator-related detections from false positives is available starting from version 1.2.

Yes

DELETE /api/%API_VERSION%/{TenantName}/suppliers/{supplier}/indicators

Deletes the specified indicators from a supplier within the specified tenant.

No

No

Yes

Available only if multitenancy mode is enabled.

PUT /api/%API_VERSION%/{TenantName}/settings/publicApi

Enables saving detections of indicators received via public API.

No

No

Yes

GET /api/%API_VERSION%/{TenantName}/settings/publicApi

Gets from a tenant the status of function for saving detections of indicators received via public API.

No

No

Yes

Managing tags

 

GET /api/%API_VERSION%/tags

Gets a list of tags.

No

Yes

Yes

POST /api/%API_VERSION%/tags

Adds a new tag.

No

Yes

Yes

GET /api/%API_VERSION%/tags/{tag}

Gets information about the specified tag.

No

Yes

Yes

PUT /api/%API_VERSION%/tags/{tag}

Updates the specified tag.

No

Yes

Yes

DELETE /api/%API_VERSION%/tags/{tag}

Deletes the specified tag.

No

Yes

Yes

Page top