The REST API server, which provides access to the NDR functionality to external systems, runs on the Central Node server and processes requests using the REST (Representational State Transfer) architectural style. Requests to the REST API server are made using HTTPS. You can configure the REST API server under Settings → Connection Servers (including replacing the default self-signed certificate with a trusted certificate).
The JSON format is used to represent data in requests and responses.
The documentation containing descriptions of requests based on the REST architectural style is published as an Online Help Guide on the Kaspersky Online Help page. This documentation is a developer guide in English. The developer guide also provides sample code and detailed descriptions of callable elements that are available in requests sent to the REST API server.
Open the documentation describing requests to the REST API server, version 3
Open the documentation describing requests to the REST API server, version 4
External systems can use Kaspersky Anti Targeted Attack Platform API to:
All of the listed actions are available when making requests to the REST API server version 4. Some of these actions are not supported when making requests to the REST API server version 3.
External systems using the Kaspersky Anti Targeted Attack Platform API connect to the Central Node component via connectors. Connectors use certificates for a secure connection. For each external system that you want to send requests to the REST API server, you need to create a separate connector in Kaspersky Anti Targeted Attack Platform.
The external system must use an authentication token to connect to Kaspersky Anti Targeted Attack Platform. Kaspersky Anti Targeted Attack Platform issues an authentication token at the request of an external system and token uses the certificates of the connector that was created for this system. The authentication token remains valid for 10 hours. The external system can renew the authentication token by special request.
Documentation containing a description of queries for authentication token operations is published as an Online Help Guide on the Kaspersky Online Help page. This documentation is a developer guide in English.
Open the documentation describing queries for authentication token operations, version 3.0
Open the documentation describing queries for authentication token operations, version 4
Kaspersky Anti Targeted Attack Platform API allows interacting with external systems in the following ways:
External systems can use the WebSocket protocol for interaction in the Kaspersky Anti Targeted Attack Platform API to create subscriptions to modified values received by the application.