Kaspersky Managed Detection and Response

Managing the solution through the REST API

February 12, 2024

ID 204467

This feature is available in MDR Expert, MDR Advanced, (available in some regions only), and MDR Prime (available in some regions only). See the comparison of license solutions in this section.

To have access to the REST API in Kaspersky Security Center, your account in Kaspersky Security Center Web Console needs to have the following access rights: Incident access and REST API access.

If you activated Kaspersky Managed Detection and Response with the MDR Optimum or MDR Basic license, you can only generate a refresh token in MDR Web Console to use it for setting up MDR Plug-in. You will not have access to the REST API in Kaspersky Security Center.

Kaspersky Managed Detection and Response allows you to programmatically get, create, and update MDR entities via the REST API. The REST API operates over HTTP and consists of a set of request/response methods. In other words, you can manage Kaspersky Managed Detection and Response through a third-party solution, not MDR Web Console.

To start working with the REST API, you need to create a refresh token and an access token.

OPEN THE REST API REFERENCE

In this section

Scenario: performing token-based authorization

Creating an API connection in Kaspersky Security Center

Creating an API connection in MDR Web Console

Editing an API connection in Kaspersky Security Center

Editing an API connection in MDR Web Console

Creating an access token in Kaspersky Security Center

Creating an access token in MDR Web Console

Working with the REST API

Revoking a refresh token in Kaspersky Security Center

Deleting an API connection in Kaspersky Security Center

Deleting an API connection in MDR Web Console

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.