Managing the solution through the REST API

This feature is available in MDR Expert, MDR Advanced, (available in some regions only), and MDR Prime (available in some regions only). See the comparison of license solutions in this section.

To have access to the REST API in Kaspersky Security Center, your account in Kaspersky Security Center Web Console needs to have the following access rights: Incident access and REST API access.

If you activated Kaspersky Managed Detection and Response with the MDR Optimum or MDR Basic license, you can only generate a refresh token in MDR Web Console to use it for setting up MDR Plug-in. You will not have access to the REST API in Kaspersky Security Center.

Kaspersky Managed Detection and Response allows you to programmatically get, create, and update MDR entities via the REST API. The REST API operates over HTTP and consists of a set of request/response methods. In other words, you can manage Kaspersky Managed Detection and Response through a third-party solution, not MDR Web Console.

To start working with the REST API, you need to create a refresh token and an access token.

OPEN THE REST API REFERENCE