Table of Contents |
---|
minLevel | 2 |
---|
maxLevel | 2 |
---|
type | flat |
---|
|
Overview
Check the list of available endpoints and methods to modify and update domains (both common and multitenant domains) using the Provisioning API:
...
Endpoints and methods
...
Description
...
/domain
see below...
Get a list of all the domains in a multitenant structure.
...
/domain/{domainName}
see below...
Get basic information about a given domain in a multitenant structure.
...
/domain/{domainName}/retention
see below...
Get the price plan retention values of the given multitenant domain.
...
/domain/{domainName}/roles
see below...
Get details of all the roles in the given domain.
...
/domain/{domainName}/roles/{roleName}
see below...
Get details of a specific role in a given domain.
...
/domain/{domainName}/policies
see below...
Get the list of role policies available in a given domain.
...
/domain/{domainName}/applications
see below...
Get the list of applications available in a given domain.
...
/domain/{domainName}/resources
see below...
Get the list of role resources available in a given domain.
...
/domain/{domainName}/roles/vaults
see below...
Get the list of role vaults available in a given domain.
...
/domain/{domainName}/preferences
see below...
Retrieve the subset of preferences of the given domain.
...
/domain/{domainName}/preferences/limits
see below...
Retrieve the limits in the preferences of the given domain.
...
/domain/{domainName}/visibility
see below...
Returns a list of all the domains from which a root domain can access data in a multitenant structure.
...
/domain/{domainName}/auth
see below...
Returns the configuration info of a multitenant domain.
...
/domain
see below...
Create a new domain in a multitenant structure.
...
/domain/{domainName}/disable
see below...
Disable a multitenant domain.
...
/domain/{domainName}/enable
see below...
Enable a multitenant domain.
...
/domain/{domainName}/roles
see below...
Create a new role in a given domain.
...
/domain/{domainName}/plan
see below...
Change the current plan of a multitenant domain.
...
Table of Contents |
---|
minLevel | 2 |
---|
maxLevel | 2 |
---|
type | flat |
---|
|
Overview
Check the list of available endpoints and methods to modify and update domains (both common and multitenant domains) using the Provisioning API:
Endpoints and methods | Description |
---|
/domain see below | Get a list of all the domains in a multitenant structure. |
/domain/{domainName} see below | Get basic information about a given domain in a multitenant structure. |
/domains/{domainName} see below | Returns a list of all the children domains a root domain has in a multitenant structure. |
/domain/{domainName}/retention see below | Update Get the price plan retention values of the given multitenant domain plan retention configuration. |
Status |
---|
colour | BlueYellow |
---|
title | PUTGET |
---|
| /domain/{domainName}/roles see below | Update a role in a Get details of all the roles in the given domain. |
Status |
---|
colour | BlueYellow |
---|
title | PUTGET |
---|
| /domain/{domainName}/roles/{roleName} see below | Update Get details of a specific role in a given domain. |
Status |
---|
colour | BlueYellow |
---|
title | PUTGET |
---|
| /domain/{domainName}/preferencespolicies see below | Update Get the subset of preferences of list of role policies available in a given domain. |
Status |
---|
colour | BlueYellow |
---|
title | PUTGET |
---|
| /domain/{domainName}/preferences/limitsapplications see below | Update the limits in the preferences of Get the list of applications available in a given domain. |
Status |
---|
colour | BlueYellow |
---|
title | PUTGET |
---|
| /domain/{domainName}/certificates/downloadresources see below | Download a certificateGet the list of role resources available in a given domain. |
Status |
---|
colour | BlueYellow |
---|
title | PUTGET |
---|
| /domain/{domainName}/roles/authvaults see below | Update Get the configuration list of role vaults available in a multitenant given domain. |
Status |
---|
colour | RedYellow |
---|
title | DELETeGET |
---|
| /domain/{domainName}/preferences see below | Delete a Retrieve the subset of preferences of the given domain. |
Status |
---|
colour | RedYellow |
---|
title | DELETeGET |
---|
| /domain/{domainName}/rolespreferences/{roleName}limits see below | Delete a role in a Retrieve the limits in the preferences of the given domain. |
...
...
...
...
...
/{domainName}/visibility see below
| Returns a list of all the domains from which a root domain can access data in a multitenant structure. |
...
...
Query string parameters
Query string parameters are optionally added after the path parameters, preceded by a question mark (?
) and separated by an ampersand (&
)
...
Parameter
...
Type
...
Description
...
all
...
boolean
...
Set this parameter to true if you want to get all the domains, including disabled ones. The default value is false.
Find below a request example:
Code Block |
---|
https://api-us.devo.com/probio/domain |
...
...
Code
...
Description and sample body
...
200
...
Successful response. List of domains retrieved.
Code Block |
---|
[
{
"name": "domain_1@demo",
"plan": "default",
"time": 36.0,
"volume": 10.0,
"status": "Active"
},
{
"name": "domain_"@demo",
"plan": "default",
"time": 60.0,
"volume": 1.3,
"status": "Active"
}
] |
...
400
...
Bad request.
Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
...
Get basic information about a given domain in a multitenant structure.
...
Path parameters
Add the following path parameters as part of the endpoint:
...
Parameter
...
Type
...
Description
...
domainName
required
...
string
...
Enter the name of the required domain. Using the format {domainName}@{resellerName} is optional.
Find below a request example:
Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName |
...
...
Code
...
Description and sample body
...
200
...
Successful response. Domain details retrieved.
Code Block |
---|
{
"name": "domainName@resellerName",
"plan": "default",
"time": 36.0,
"volume": 10.0,
"status": "Active"
} |
...
400
...
Bad request.
Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
...
Get the price plan retention values of the given multitenant domain.
...
Path parameters
Add the following path parameters as part of the endpoint:
...
Parameter
...
Type
...
Description
...
domainName
required
...
string
...
Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName}
Find below a request example:
Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/retention |
...
...
Code
...
Description and sample body
...
200
...
Successful response. Domain retention values retrieved.
Code Block |
---|
{
"retentionUnit": "DAYS",
"retentionValue": 1080,
"volume": 10.0
} |
...
400
...
Bad request.
Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
...
Get details of all the roles in the given domain, including the default ones.
...
Path parameters
Add the following path parameters as part of the endpoint:
...
Parameter
...
Type
...
Description
...
domainName
required
...
string
...
/domain/{domainName}/auth see below | Returns the configuration info of a multitenant domain. |
/domain/{domainName}/keys see below | Returns a list of all the API keys associated to the given domain. |
/domain/{domainName}/keys/{key} see below | Returns info of a specific API key. |
/domain see below | Create a new domain in a multitenant structure. |
/domain/{domainName}/disable see below | Disable a multitenant domain. |
/domain/{domainName}/enable see below | Enable a multitenant domain. |
/domain/{domainName}/roles see below | Create a new role in a given domain. |
/domain/{domainName}/keys see below | Generate a new API key/secret pair in the domain. |
/domain/{domainName}/plan see below | Change the current plan of a multitenant domain. |
/domain/{domainName}/retention see below | Update the given domain plan retention configuration. |
/domain/{domainName}/roles see below | Update a role in a given domain. |
/domain/{domainName}/roles/{roleName} see below | Update a role. |
/domain/{domainName}/preferences see below | Update the subset of preferences of a given domain. |
/domain/{domainName}/preferences/limits see below | Update the limits in the preferences of a given domain. |
/domain/{domainName}/certificates/download see below | Download a certificate. |
/domain/{domainName}/auth see below | Update the configuration of a multitenant domain. |
/domain/{domainName} see below | Delete a domain. |
/domain/{domainName}/roles/{roleName} see below | Delete a role in a given domain. |
/domain/{domainName}/keys/{key} see below | Delete a specific API key. |
Endpoints and methods
GET /domain
Get a list of all the domains in a multitenant structure. By default, only active domains are retrieved.
Note |
---|
Note that this endpoint requires multitenant API credentials. Common domain API key/secret pairs won’t work. |
Expand |
---|
|
Query string parametersQuery string parameters are optionally added after the path parameters, preceded by a question mark (? ) and separated by an ampersand (& ) Parameter | Type | Description |
---|
all
| boolean
| Set this parameter to true if you want to get all the domains, including disabled ones. The default value is false. |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domainName@resellerName/rolesdomain |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. | Domain roles List of domains retrieved. | Administratordescriptionnullid724type"ADMIN"finderId-1No Privilegesdescriptionnullid725type"NO_PRIVILEGES"finderId-1400code10"Invalid signature"}, |
...
...
...
GET /domain/{domainName
...
}
Get details of a specific role in a given domain, either a default or a custom rolebasic information about a given domain in a multitenant structure.
Note |
---|
Note that this endpoint requires multitenant API credentials. Common domain API key/secret pairs won’t work. |
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. | You must enter the full domain name using Using the format {domainName}@{resellerName} |
roleName required
| string
| Enter the name of the required role. | Query string parametersQuery string parameters are optionally added after the path parameters, preceded by a question mark (? ) and separated by an ampersand (& ) |
Parameter | Type | Description |
---|
full
| boolean
| Set this to true if you want to get additional details about the role (assigned policies, resources, applications…). The default value is false. |
Find below a request example:
Code Block |
https://apiFind below a request example:
Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/roles/Administrator?full=true |
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. | Role info Domain details retrieved. |
Parameter full set to true : AdministratordomainName@resellerName",
|
| descriptionnull id724 type"ADMIN" finderId-1,
"policies": [
"action"admin_user_resources",
level5
"labelpolicy.admin_user_resources.manage", "id": 142,
"justForReseller": false
},
{
"action": "lookups_restriction",
"level": 5,
"label": "policy.lookups_restriction.manage",
"id": 25,
"justForReseller": false
},
{
"action": "domain-queries",
"level": 1,
"label": "policy.domain-queries.view",
"id": 88,
"justForReseller": false
},
{
"action": "landing",
"level": 1,
"label": "policy.landing.view",
"id": 78,
"justForReseller": false
},
|
...
GET /domains/{domainName}
Returns a list of all the domains a root domain has in a multitenant structure.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domains/domainName@resellerName |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. List of domains retrieved. Code Block |
---|
[
"domain1@multitenant",
"domain2@multitenant",
"domain3@multitenant"
] |
| 204 | Successful response. No children domains. | 400 | Bad request. | 403 | Not a reseller. |
|
GET /domain/{domainName}/retention
Get the price plan retention values of the given multitenant domain.
Note |
---|
Note that this endpoint requires multitenant API credentials. Common domain API key/secret pairs won’t work. |
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/retention |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. Domain retention values retrieved. Code Block |
---|
{
"retentionUnit": "DAYS",
"retentionValue": 1080,
"volume": 10.0
} |
| 4xx | Bad request. Code Block |
---|
{
"error": {
"code": 4xx,
"message": "string"
}
} |
|
|
...
GET /domain/{domainName}/roles
Get details of all the roles in the given domain, including the default ones.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. If it is a multitenant domain, you must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domainName@resellerName/roles |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. Domain roles retrieved. Code Block |
---|
[
{
"name": "Administrator",
"description": null,
"id": 724,
"type": "ADMIN",
"finderId": -1
},
{
"name": "No |
| action"loxcope_columns" level5 "label": "policy.loxcope_columns.manage",
"id": 121,
"justForReseller": false
},
{
"action": "lookups",
"level": 5,
"label": "policy.lookups.manage",
"id": 139,
"justForReseller": false
},
{
"action": "query_management",
"level": 1,
"label": "policy.query_management.view",
"id": 23,
"justForReseller": false
},
{
"action": "permalinks | 4xx | Bad request. Code Block |
---|
{
"error": {
"code": 4xx,
"message": "string"
}
} |
|
|
...
GET /domain/{domainName}/roles/{roleName}
Get details of a specific role in a given domain, either a default or a custom role.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. If it is a multitenant domain, you must enter the full domain name using the format {domainName}@{resellerName} | roleName required
| string
| Enter the name of the required role. Note that this parameter is case sensitive. For Devo default roles, you must type: Administrator
No privileges
|
Query string parametersQuery string parameters are optionally added after the path parameters, preceded by a question mark (? ) and separated by an ampersand (& ) Parameter | Type | Description |
---|
full
| boolean
| Set this to true if you want to get additional details about the role (assigned policies, resources, applications…). The default value is false . |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/roles/Administrator?full=true |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. Role info retrieved. Parameter full set to true : Code Block |
---|
{
"name": "Administrator",
"description": null,
"id": 724,
"type": "ADMIN",
"finderId": -1,
"policies": [
{
"action": "admin_user_resources",
"level": 5,
"label": "policy.permalinksadmin_user_resources.manage",
"id": 131142,
"justForReseller": false
},
{
"action": "lookups_restriction",
"level": 15,
"label": "policy.lookups_restriction.viewmanage",
"id": 13725,
"justForReseller": false
},
{
"action": "go_to_querydomain-queries",
"level": 1,
"label": "policy.go_to_querydomain-queries.view",
"id": 14088,
"justForReseller": false
},
{
"action": "alertSM_pushoverlanding",
"level": 51,
"label": "policy.alertSM_pushoverlanding.manageview",
"id": 17378,
"justForReseller": false
},
{
"action": "homeloxcope_columns",
"level": 15,
"label": "policy.homeloxcope_columns.viewmanage",
"id": 41121,
"justForReseller": false
},
{
"action": "redadaDashboardslookups",
"level": 5,
"label": "policy.redadaDashboardslookups.manage",
"id": 157139,
"justForReseller": false
},
{
"action": "httpquery_tokensmanagement",
"level": 51,
"label": "policy.httpquery_tokensmanagement.manageview",
"id": 12523,
"justForReseller": false
},
], {
"applications": [], "dashboards": [], "lookupsaction": [],
"permalinks",
"finder": { "idlevel": -15,
"namelabel": "Defaultpolicy.permalinks.manage",
"descriptionid": null131,
}, "defVaultjustForReseller": false
{ },
"id": 2, {
"name": "normal", "labelaction": "vault.normallookups",
"sharelevel": 1,
2 }, "maxVaultlabel": {"policy.lookups.view",
"id": 2137,
"namejustForReseller": false
"normal", },
"label": "vault.normal", {
"share": 2 }, "alertPermissionaction": ["go_to_query",
{ "level": 1,
"levellabel": "allpolicy.go_to_query.view",
"grantedid": "all"140,
"editablejustForReseller": 1false
},
], {
"activeboards": [] } |
Paremeter full set to false : Code Block |
---|
{ "nameaction": "AdministratoralertSM_pushover",
"descriptionlevel": null5,
"id": 724, "typelabel": "ADMINpolicy.alertSM_pushover.manage",
"finderId": -1
} |
| 400 | Bad request. Code Block |
---|
{ "codeid": {173,
"10": "Invalid signature" }, "messagejustForReseller": "string"
} |
|
|
...
false
},
{
"action": "home",
"level": 1,
"label": "policy.home.view",
"id": 41,
"justForReseller": false
},
{
"action": "redadaDashboards",
"level": 5,
"label": "policy.redadaDashboards.manage",
"id": 157,
"justForReseller": false
},
{
"action": "http_tokens",
"level": 5,
"label": "policy.http_tokens.manage",
"id": 125,
"justForReseller": false
}
],
"applications": [],
"dashboards": [],
"lookups": [],
"finder": {
"id": -1,
"name": "Default",
"description": null
},
"defVault": {
"id": 2,
"name": "normal",
"label": "vault.normal",
"share": 2
},
"maxVault": {
"id": 2,
"name": "normal",
"label": "vault.normal",
"share": 2
},
"alertPermission": [
{
"level": "all",
"granted": "all",
"editable": 1
}
],
"activeboards": []
} |
Parameter full set to false : Code Block |
---|
{
"name": "Administrator",
"description": null,
"id": 724,
"type": "ADMIN",
"finderId": -1
} |
| 4xx | Bad request. Code Block |
---|
{
"error": {
"code": 4xx,
"message": "string"
}
} |
|
|
...
GET /domain/{domainName}/policies
Get the list of role policies (or permissions) available in a given domain.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. If it is a multitenant domain, you must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/policies |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. List of available policies retrieved. Code Block |
---|
[
"policy.alertSM_slack.manage",
"policy.lookups_restriction.view",
"policy.alertSM_httpjson.manage",
"policy.alertSM_jira.manage",
"policy.casperables_custom.view",
"policy.notifications.view",
"policy.alertSM_jira.view",
"policy.notifications.manage",
"policy.alertSM_servicenow.manage",
"policy.logautoparser.manage",
"policy.landing.manage",
"policy.relays.manage",
"policy.users.manage",
"policy.query_management.manage",
"policy.alerts.view",
"policy.alertSM_httpjson.view",
"policy.domain_activity.view",
"policy.userdsh.view",
"policy.domain_connections.view",
"policy.view_profile.view",
"policy.permalinks.view",
"policy.inject_myapp.view",
"policy.redadaDashboards.manage",
"policy.alerts_resetglobe.manage",
"policy.lookups.view",
"policy.inject_myapp.manage",
"policy.home.view",
"policy.domain_permalinks.view",
"policy.http_tokens.view",
"policy.alertSM_servicedesk.view",
"policy.alertSM_email.manage",
] |
| 4xx | Bad request. Code Block |
---|
{
"error": {
"code": 4xx,
"message": "string"
}
} |
|
|
...
GET /domain/{domainName}/applications
Get the list of applications available in a given domain, both installed and not installed.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. If it is a multitenant domain, you must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/applications |
|
Expand |
---|
|
Info |
---|
Application codes The response list the domain applications with their corresponding codes. Check here the codes for the most common applications in Devo. If you need to know some other app codes, get in touch with us. |
Code | Description and sample body |
---|
200 | Successful response. List of available applications retrieved. Code Block |
---|
[
"app.avm",
"lib.tracking",
"lib.system",
"lib.webserver",
"app.report.firewall",
"app.custom.SecurityInsights_1_2_0",
"lib.appserver",
"lib.logtrust",
"lib.custom",
"lib.attack""
] |
| 4xx | Bad request. Code Block |
---|
{
"error": {
"code": 4xx,
"message": "string"
}
} |
|
|
...
GET /domain/{domainName}/resources
Get the list of role resources available in a given domain. Resources refer to lookups and activeboards created in the domain.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. If it is a multitenant domain, you must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/resources |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. List of available resources retrieved. Code Block |
---|
[
{
"id": 506,
"name": "gondor-lookup-2",
"description": null,
"editable": false
"type": "LOOKUP"
},
{
"id": 503,
"name": "my-activeboard",
"description": null,
"editable": false
"type": "ACTIVEBOARD"
}
] |
| 4xx | Bad request. Code Block |
---|
{
"error": {
"code": 4xx,
"message": "string"
}
} |
|
|
...
GET /domain/{domainName}/roles/vaults
Get the list of role vaults available in a given domain.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. If it is a multitenant domain, you must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/roles/vaults |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. List of vaults retrieved. Code Block |
---|
[
{
"id": 1,
"name": "low",
"label": "vault.low",
"share": 1
},
{
"id": 2,
"name": "normal",
"label": "vault.normal",
"share": 2
},
] |
| 4xx | Bad request. Code Block |
---|
{
"error": {
"code": 4xx,
"message": "string"
}
} |
|
|
...
GET /domain/{domainName}/preferences
Retrieves the subset of preferences of the given domain.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/preferences |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. List of preferences retrieved. Code Block |
---|
{
"inactivityPeriod": 10,
"expiresSession": true,
"getLocaleFromBrowser": true,
"locale": 1000,
"hideDemoTablesChecked": false,
"loxcopeCaseSensitivity": "yes",
"defaultRange": "1000",
"queryForever": "yes"
} |
| 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
GET /domain/{domainName}/preferences/limits
Retrieve the limits in the preferences of the given domain.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/preferences/limits |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. List of limits retrieved. Code Block |
---|
{
"userLimit": 99999,
"certificateLimit": 9999,
"keyLimit": 9999
} |
| 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
GET /domain/{domainName}/visibility
Returns a list of all the domains from which a root domain can access data in a multitenant structure.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/visibility |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. List of domains retrieved. Code Block |
---|
[
"domain1@multitenant",
"domain2@multitenant",
"domain3@multitenant"
] |
| 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
GET /domain/{domainName}/
...
auth
Get Returns the list of role policies (or permissions) available in a given domainconfiguration info of a multitenant domain.
Note |
---|
Note that this request requires multitenant API credentials. |
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required multitenant domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/policiesauth |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. | List of available policies Authentication info retrieved. | [{
"password": {
"active": true,
|
| "policy.alertSM_slack.manage",policy.lookups_restriction.view""policy.alertSM_httpjson.manage","policy.alertSM_jira.manage",policy.casperables_custom.view""policy.notifications.view","policy.alertSM_jira.view",policy.notifications.manage","policy.alertSM_servicenow.manage", "policy.logautoparser.manage",policy.landing.manage",
"policy.relays.manage",policy.users.manage",
"policy.query_management.manage"10": "Invalid signature"
},
" |
| policy.alerts.view",
"policy.alertSM_httpjson.view",
"policy.domain_activity.view",
"policy.userdsh.view",
"policy.domain_connections.view",
"policy.view_profile.view",
"policy.permalinks.view",
"policy.inject_myapp.view",
"policy.redadaDashboards.manage",
"policy.alerts_resetglobe.manage",
"policy.lookups.view",
"policy.inject_myapp.manage",
"policy.home.view",
"policy.domain_permalinks.view",
"policy.http_tokens.view",
"policy.alertSM_servicedesk.view",
"policy.alertSM_email.manage", |
GET /domain/{domainName}/keys
Returns a list of all the API keys associated to the given multitenant domain.
Note |
---|
Note that this request will only return API keys, not API secrets. |
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required multitenant domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/keys |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. List of API keys retrieved. Code Block |
---|
[
{
"id": 12345,
"userEmail": null,
"apiKey": "27ffa******",
"status": 0,
"updateDate": 1692171865000,
"creationDate": 1692171865000
}
] |
| 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
...
GET /domain/{domainName}/
...
keys/{key}
Returns information of a specific API key.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required multitenant domain. You must enter the full domain name using the format {domainName | }@{resellerName}}@{resellerName} | key required
| string
| API key you want to retrieve. You can get this using the GET/domain/{domainName}/keys endpoint. Find the required API key in the apiKey parameter of the response. |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/applicationskeys/1234 |
|
Expand |
---|
|
Info |
---|
Application codes The response list the domain applications with their corresponding codes. Check here the codes for the most common applications in Devo. If you need to know some other app codes, get in touch with us. |
Code | Description and sample body |
---|
200 | Successful response. | List of available applications [app.avm",lib.tracking",
"lib.system",
"lib.webserverdomain": {
"id": "395ee290-*****",
"name": "mydomain@reseller",
|
| "app.report.firewall",app.custom.SecurityInsights_1_2_0",lib.appserver""lib.logtrust", "updateDate": 1692171874000,
|
| "lib.custom" "creationDate": 1692171874000,
|
| "lib.attack""
]400 | Bad request. Code Block | {code {10"Invalidsignature"},message"string"
} |
...
Get the list of role resources available in a given domain. Resources refer to lookups and activeboards created in the domain.
Expand |
---|
|
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example:
Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/resources |
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. List of available resources retrieved. Code Block | [
{true,
"reseller": {
"id": 12,
"name": "mydomain",
" |
| id506"name"gondor-lookup-2""descriptioneditablefalse},{id503name"my-activeboard","description"editable": false}]400 | Bad request. Code Block | {code {10 "Invalid signature"},message"string"
} |
...
Get the list of role vaults available in a given domain.
Expand |
---|
|
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example:
Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/roles/vaults |
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. List of vaults retrieved. Code Block | [
{id1name"low"label"vault.low"share1{id2namenormallabel"vault.normal"0,
"updateDate": 1692171874000,
" |
| share2},
]"sessionId": null,
"webAppId": null
} |
| 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
...
...
POST/domain
...
Create a new domain in a multitenant structure.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpointRequest bodyThe request JSON body must include the domainInfo object with the following key-value pairs: |
...
Retrieve the limits in the preferences of the given domain.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: |
Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example:
Code Block |
https://api-us.devo.com/probio/domain/domainName@resellerName/preferences/limitsdomainName
name required
| string
| Enter the name of the required domain |
. You must enter . The domain name might include the @{multitenantName} tail or not, but take into account that the full name will actually be used (for example, for name length validation). The name value will always contain the full domain name |
using the format {domainName}@{resellerName}Find below a request example:
Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/preferences |
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. List of preferences retrieved. Code Block |
---|
{
"inactivityPeriod": 10,
"expiresSession": true,
"getLocaleFromBrowser": true,
"locale": 1000,
"hideDemoTablesChecked": false,
"loxcopeCaseSensitivity": "yes",
"defaultRange": "1000",
"queryForever": "yes"
} |
|
400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
...
in the response, even if you have provided only the domain name without the multitenant name tail. | plan required
| string
| Enter the name of the price plan. Assigning a domain to an existing, valid multitenant price plan is mandatory. | time
| number
| Indicate the retention time in months. The maximum value is 100. | volume
| number
| Enter the storage volume in GB. The maximum value is 100. |
Note |
---|
Assign an owner to the new domain After creating a new domain, it won’t be accessible until you assign a new or existing user as the domain owner. To do this, you can use the operation described in User operations. Keep in mind that this user needs to have the role Owner. |
Info |
---|
Domain applications When you create a new domain, all the applications that belong to the assigned price plan plus all the generic applications will be activated in the new domain. If only the plan apps are required, the multitenant preferences need to include the property includeAllAvailableApps set to false . This change affects the subscribed alarms (adding or removing the default alarm subscriptions), and is applied when changing a multitenant plan. |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain |
And this is an example of a request body, including the required JSON object: Code Block |
---|
{
"name": "new-domain",
"plan": "default-1",
"time": 10.0,
"volume": 100.0
} |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. | List of limits retrieved "userLimit "name": "new-domain@myreseller",
"plan": "default-1",
"time": |
| 99999certificateLimit9999keyLimit9999 | 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
...
...
...
POST/domain/{domainName}/
...
disable
Disable a multitenant domain.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/visibilitydisable |
|
Expand |
---|
|
and sample body List of domains retrieved. Code Block |
---|
[
"domain1@multitenant",
"domain2@multitenant",
"domain3@multitenant"
] |
Domain disabled. | 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
...
...
...
POST/domain/{domainName}/
...
enable
Enable a multitenant domain.
...
Domains with the status pending cannot be activated. Also, when you try to disable or enable an already disabled or enabled domain, you will get an error response.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required | multitenant domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/authenable |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. | List of domains retrieved. Code Block |
---|
[
"domain1@multitenant",
"domain2@multitenant",
"domain3@multitenant"
] |
Domain enabled. | 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
...
...
POST/domain/{domainName}/roles
Create a new domain role in a multitenant structuregiven domain.
Expand |
---|
|
Request bodyThe request JSON body must include the domainInfo object with the following key-value pairsPath parametersAdd the following path parameters as part of the endpoint: name domainName required
| string
| Enter the name of the required domain. |
The domain name might include the @{multitenantName} tail or not, but take into account that the full name will actually be used (for example, for name length validation). The name value will always contain the full domain name in the response, even if you have provided only the domain name without the multitenant name tail. plan required
| string
| Enter the name of the price plan. Assigning a domain to an existing, valid multitenant price plan is mandatory. | time
| number
| Indicate the retention time in months. The maximum value is 100. | volume
| number
| Enter the storage volume in GB. The maximum value is 100. | Note |
---|
Assign an owner to the new domain After creating a new domain, it won’t be accessible until you assign a new or existing user as the domain owner. To do this, you can use the operation described in User operations. Keep in mind that this user needs to have the role Owner. |
Info |
---|
Domain applications When you create a new domain, all the applications that belong to the assigned price plan plus all the generic applications will be activated in the new domain. If only the plan apps are required, the multitenant preferences need to include the property includeAllAvailableApps set to false . This change affects the subscribed alarms (adding or removing the default alarm subscriptions), and is applied when changing a multitenant plan. |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain |
And this is an example of a request body, including the required JSON object: Code Block |
---|
{
"name": "new-domain",
"plan": "default-1",
"time": 10.0,
"volume": 100.0
} |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. Domain created. Code Block |
---|
{
"name": "new-domain@myreseller",
"plan": "default-1",
"time": 10.0,
"volume": 100.0,
"status" : "Active"
} |
|
400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
...
Disable a multitenant domain.
...
Path parameters
Add the following path parameters as part of the endpoint:
...
Parameter
...
Type
...
Description
...
domainName
required
...
string
...
Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName}
Find below a request example:
Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/disable |
...
...
Code
...
Description
...
200
...
Successful response. Domain disabled.
...
400
...
Bad request.
Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
...
Enable a multitenant domain.
Domains with the status pending cannot be activated. Also, when you try to disable or enable an already disabled or enabled domain, you will get an error response.
...
Path parameters
Add the following path parameters as part of the endpoint:
...
Parameter
...
Type
...
Description
...
domainName
required
...
string
...
Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName}
Find below a request example:
Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/enable |
...
...
Code
...
Description and sample body
...
200
...
Successful response. Domain enabled.
...
400
...
Bad request.
Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
...
Create a new role in a given domain.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: |
Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Request body
The request JSON body must include the userInfo
object with the following key-value pairs:
Parameter | Type | Description |
---|
name required
| string
| Enter the name of the new role. |
description
| string
| An optional description for the role. |
policies
| list
| The role policies (or permissions) of the new role. If this parameter is not included, all the available policies will be added to the role. Using the value [*] or * will also add all the available policies. For an empty policy list, use [] . Example: ["policy_1", "policy_2"] Note |
---|
Role without policies Note that a role without policies must have at least one application assigned, otherwise the creation operation will fail. |
|
applications
| list
| Specify the applications available for the new role. Using the value [*] or * will add all the available applications. For an empty application list, use [] . Example: ["application_1", "application_2"] |
defaultApplicationName
| string
| The required application to use as the default one. The default application name must be among the role applications specified. A default application name is not required when the policies list is empty (a missing registry key is interpreted as an empty list) |
resources
| object
| A JSON object where you indicate the resources to be added to the role. You mast add an array for each resource, including its ID and access level: id - (integer ) ID of the resource to be added to the role
editable - (integer ) Set the required access level for the resource. Note that you must have the required permissions to give access to a resource; otherwise, an error will be returned. Allowed values are 0 (view access) or 1 (manage access).
Example: Code Block |
---|
"resources": [
{
"id": 501,
"editable": 1
}
] |
|
resourceIds
| object
| Note |
---|
Deprecated parameter Note that this parameter is deprecated and it is recommended to use the resources parameter instead. This parameter will continue working to avoid compatibility issues. If a request includes both schemas, the resources parameter will take precedence. |
A JSON object with the resource type and a list of resources IDs. Each resource ID instance takes a name plus an integer array. The name is not really important and only exists to provide a clearer way to describe the role. Each entry resource ID list can be empty. Using the value [*] or * will add all the available domain resources. For an empty resource list, use [] . Example: Code Block |
---|
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
} |
|
finderName
| string
| Optionally, enter the name of the default finder to be assigned to the role. |
alertPermission
| string
| Level of permission over alerts that you want to grant to the new role. There are 3 options available:
Null value - Permissions over alerts will not be updated over any existing ones while updating a role, or will be created empty when creating a role.
Empty value - No permissions are given over alerts. Several policies might produce and error when the role has no permissions over any alert.
Specific value - The role will have permissions only over the provided alerts. This is the format to follow:
level
- The access level to be granted. Options are: all
, category
(can be abbreviated as cat
), subcategory
(can be abbreviated as sub
), and context
(can be abbreviated as ctx
).
granted
- The alert ID over which the access is granted. Use all
to include all alerts. For the permission to work, the level and grant value must match, meaning that
the granted ID must belong to the specified category.
editable
- Defines if the alert can be edited or not. Use values 1
(editable) and 0
(not editable).
Code Block |
---|
...
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 0 }
],
... |
Note that several policies require certain alert permissions to be assigned. For example, to include any policy related with alerts, permissions over at least one alert is required. Similarly, any alert management policy requires the same but for an alert with management permissions.
When the *
value is used for policies, the policies assigned will depend on the alert permissions granted. In the following example, we are granting view permissions over all alerts, so the policies assigned by the wildcard will include values like policy.alerts.view
but not policy.alerts.manage
Code Block |
{
"name": "test-role",You must enter the full domain name using the format {domainName}@{resellerName} |
Request body
The request JSON body must include the userInfo
object with the following key-value pairs:
Parameter | Type | Description |
---|
name required
| string
| Enter the name of the new role. |
description
| string
| An optional description for the role. |
policies
| list
| The role policies (or permissions) of the new role. If this parameter is not included, all the available policies will be added to the role. Using the value [*] or * will also add all the available policies. For an empty policy list, use [] . Example: ["policy_1", "policy_2"] Note |
---|
Role without policies Note that a role without policies must have at least one application assigned, otherwise the creation operation will fail. |
|
applications
| list
| Specify the applications available for the new role. Using the value [*] or * will add all the available applications. For an empty application list, use [] . Example: ["application_1", "application_2"] |
defaultApplicationName
| string
| The required application to use as the default one. The default application name must be among the role applications specified. A default application name is not required when the policies list is empty (a missing registry key is interpreted as an empty list) |
resources
| object
| A JSON object where you indicate the resources to be added to the role. You mast add an array for each resource, including its ID and access level: id - (integer ) ID of the resource to be added to the role
editable - (integer ) Set the required access level for the resource. Note that you must have the required permissions to give access to a resource; otherwise, an error will be returned. Allowed values are 0 (view access) or 1 (manage access).
Example: Code Block |
---|
"resources": [
{
"id": 501,
"editable": 1
}
] |
|
resourceIds
| object
| Note |
---|
Deprecated parameter Note that this parameter is deprecated and it is recommended to use the resources parameter instead. This parameter will continue working to avoid compatibility issues. If a request includes both schemas, the resources parameter will take precedence. |
A JSON object with the resource type and a list of resources IDs. Each resource ID instance takes a name plus an integer array. The name is not really important and only exists to provide a clearer way to describe the role. Each entry resource ID list can be empty. Using the key pair "*": [] will add all the available domain resources. For an empty resource list, use [] . Examples Assign specific resources: Code Block |
---|
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
} |
No resources assigned: Code Block |
---|
"resourceIds": {
"activeboard": []
"lookup": []
} |
Add all the available domain resources (lookups and activeboards): Code Block |
---|
"resourceIds": {
"*": []
} |
|
finderName
| string
| Optionally, enter the name of the default finder to be assigned to the role. |
alertPermission
| string
| Level of permission over alerts that you want to grant to the new role. There are 3 options available: Null value - Permissions over alerts will not be updated over any existing ones while updating a role, or will be created empty when creating a role. Empty value - No permissions are given over alerts. Several policies might produce and error when the role has no permissions over any alert. Specific value - The role will have permissions only over the provided alerts. This is the format to follow: level - The access level to be granted. Options are: all , category (can be abbreviated as cat ), subcategory (can be abbreviated as sub ), and context (can be abbreviated as ctx ).
granted - The alert ID over which the access is granted. Use all to include all alerts. For the permission to work, the level and grant value must match, meaning that the granted ID must belong to the specified category.
editable - Defines if the alert can be edited or not. Use values 1 (editable) and 0 (not editable).
Code Block |
---|
...
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 0 }
],
... |
Note that several policies require certain alert permissions to be assigned. For example, to include any policy related with alerts, permissions over at least one alert is required. Similarly, any alert management policy requires the same but for an alert with management permissions. When the * value is used for policies, the policies assigned will depend on the alert permissions granted. In the following example, we are granting view permissions over all alerts, so the policies assigned by the wildcard will include values like policy.alerts.view but not policy.alerts.manage Code Block |
---|
{
"name": "test-role",
"alertPermission": [
{ "level" : "all", "granted": "all", "editable": 0 }
],
"policies": "*"
} |
|
Info |
---|
Only name required Only the name is actually required. If you define a role and give it a name only, a role with all the available policies, applications, and resources will be created. |
Currently, these parameters cannot be changed through the API but can be requested:
Parameter | Type | Description |
---|
defVaultId
| integer
| The default vault (querying priority level) defined for the role. |
maxVaultId
| integer
| The maximum vault defined to be used in the role. |
Note |
---|
Using the defVault and maxVault parameters Admin users need some additional permissions in order to use the defVault and maxVault parameters. Please contact us if you need to use these parameters and we will grant the required permissions to your user. |
Find below a request example:
Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/roles |
And this is an example of a request body, including the required JSON object:
Code Block |
---|
{
"name": "test-role",
"description": "test-role-description",
"policies": "*",
"applications": ["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}
"finderName": "myFinder"
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": |
0 "policies": "*"
} Info |
---|
Only name required Only the name is actually required. If you define a role and give it a name only, a role with all the available policies, applications, and resources will be created. |
Currently, these parameters cannot be changed through the API but can be requested:
Parameter | Type | Description |
---|
defVaultId
| integer
| The default vault (querying priority level) defined for the role. |
maxVaultId
| integer
| The maximum vault defined to be used in the role. |
Note |
---|
Using the defVault and maxVault parameters Admin users need some additional permissions in order to use the defVault and maxVault parameters. Please contact us if you need to use these parameters and we will grant the required permissions to your user. |
Find below a request example:
Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/roles |
And this is an example of a request body, including the required JSON object:
Expand |
---|
|
Code | Description |
---|
200 | Successful response. Role created. Code Block |
---|
{
"name": "test-role",
"description": "test-role-description",
"policies": "*",
"applications": ["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}
"finderName": "myFinder"
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 1 }
],
} |
| 400 | Bad request. Code Block |
---|
{
"code": {
"10": " |
|
all, editable1 }
],
} |
...
POST/domain/{domainName}/keys
Creates a new API key/secret pair for the domain. The autogenerated credentials are returned in the response. The request body of this request must be empty.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/keys |
|
Expand |
---|
|
Code | Description and sample body |
---|
200 | Successful response. | Role createdPair of credentials generated. | "name": "test-role",description"test-role-description",
"policies": "*",applications["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",resourceIds{ activeboard[501]
"lookup": [1000, 2000]}
finderNamemyFinder"
"alertPermission": [
{ "level" : "all",
granted"all" editable1}],"creationDate": 1724067437287
} |
| 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
PUT/domain/{domainName}/plan
Change the current plan of a multitenant domain. The new plan must be valid for the multitenant structure and different from the current one.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Query string parametersQuery string parameters are added after the path parameters, preceded by a question mark (? ) and separated by an ampersand (& ) Parameter | Type | Description |
---|
pricePlan required
| string
| Name of the new plan to be set. | keepRole
| string
| Decide what to do with users that have a custom role, that is to say, roles other than Admin and No privileges. Possible values are: true - roles in the current plan will be searched in the new one and used where available. If the role of a user is not found in the new plan, they will be set to No provileges.
false (or null) - all custom roles will be updated to No privileges. This is the default behavior.
Finally, providing a specific role name will work the same as with true , but using the provided role when a matching custom role is not found. This fallback role must exist, or a bad request error will be returned.
|
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/plan/?pricePlan=plan-name&keepRole=true |
|
Expand |
---|
|
Code | Description |
---|
200 | Successful response. Plan updated. | 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
PUT/domain/{domainName}/retention
Update the price plan configuration (retention & volume) of a given domain. Partial updates are permitted.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Request bodyThe request JSON body must include the retentionConfig object with the following key-value pairs: Parameter | Type | Description |
---|
volume
| number
| Enter the maximum ingestion volume. | retentionUnit
| string
| Specify the required unit of the retention value.. Allowed values are DAYS , MONTHS , WEEKS and YEARS . | retentionValue
| integer
| Required retention value. |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/retention |
And this is an example of a request body, including the required JSON object: Code Block |
---|
{
"volume": 2.5,
"retentionUnit": "MONTHS",
"retentionValue": 6
} |
|
Expand |
---|
|
Code | Description |
---|
200 | Successful response. Plan updated. Code Block |
---|
{
"volume": 2.5,
"retentionUnit": "MONTHS",
"retentionValue": 6
} |
| 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
PUT/domain/{domainName}/roles
Updates a domain custom role in a given domain.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Request bodyThe request JSON body must include the userInfo object with the following key-value pairs: Parameter | Type | Description |
---|
name required
| string
| Enter the name of the role to be updated. | description
| string
| An optional description for the role. | policies
| list
| The role policies (or permissions) of the role. If this parameter is not included, all the available policies will be added to the role. Using the value [*] or * will also add all the available policies. For an empty policy list, use [] . Example: ["policy_1", "policy_2"] Note |
---|
Role without policies Note that a role without policies must have at least one application assigned, otherwise the creation operation will fail. |
| applications
| list
| Specify the applications available for the role. Using the value [*] or * will add all the available applications. For an empty application list, use [] . Example: ["application_1", "application_2"] | defaultApplicationName
| string
| The required application to use as the default one. The default application name must be among the role applications specified. A default application name is not required when the policies list is empty (a missing registry key is interpreted as an empty list.) | resourceIds
| object
| A JSON object with the resource type and a list of resources IDs. Each resource ID instance takes a name plus an integer array. The name is not really important and only exists to provide a clearer way to describe the role. Each entry resource ID list can be empty. Using the value [*] or * key pair "*": [] will add all the available domain resources. For an empty resource list, use [] .Example Examples Assign specific resources: Code Block |
---|
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
} |
No resources assigned: Code Block |
---|
"resourceIds": {
"activeboard": []
"lookup": []
} |
Add all the available domain resources (lookups and activeboards): Code Block |
---|
"resourceIds": {
"activeboard*": [501]
"lookup": [1000, 2000]
} |
| finderName
| string
| Optionally, enter the name of the default finder to be assigned to the role. | alertPermission
| string
| Level of permission over alerts that you want to grant to the role. There are 3 options available: Null value - Permissions over alerts will not be updated over any existing ones while updating a role, or will be created empty when creating a role. Empty value - No permissions are given over alerts. Several policies might produce and error when the role has no permissions over any alert. Specific value - The role will have permissions only over the provided alerts. This is the format to follow: level - The access level to be granted. Options are: all , category (can be abbreviated as cat ), subcategory (can be abbreviated as sub ), and context (can be abbreviated as ctx ).
granted - The alert ID over which the access is granted. Use all to include all alerts. For the permission to work, the level and grant value must match, meaning that the granted ID must belong to the specified category.
editable - Defines if the alert can be edited or not. Use values 1 (editable) and 0 (not editable).
Code Block |
---|
...
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 0 }
],
... |
Note that several policies require certain alert permissions to be assigned. For example, to include any policy related with alerts, permissions over at least one alert is required. Similarly, any alert management policy requires the same but for an alert with management permissions. When the * value is used for policies, the policies assigned will depend on the alert permissions granted. In the following example, we are granting view permissions over all alerts, so the policies assigned by the wildcard will include values like policy.alerts.view but not policy.alerts.manage Code Block |
---|
{
"name": "test-role",
"alertPermission": [
{ "level" : "all", "granted": "all", "editable": 0 }
],
"policies": "*"
} |
|
Info |
---|
Only name required Only the name is actually required. If you define a role and give it a name only, a role with all the available policies, applications, and resources will be created. |
Currently, these parameters cannot be changed through the API but can be requested: Parameter | Type | Description |
---|
defVaultId
| integer
| The default vault (querying priority level) defined for the role. | maxVaultId
| integer
| The maximum vault defined to be used in the role. |
Note |
---|
Using the defVault and maxVault parameters Admin users need some additional permissions in order to use the defVault and maxVault parameters. Please contact us if you need to use these parameters and we will grant the required permissions to your user. |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/roles |
And this is an example of a request body, including the required JSON object: Code Block |
---|
{
"name": "test-role",
"description": "test-role-description",
"policies": "*",
"applications": ["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}
"finderName": "myFinder"
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 1 }
],
} |
|
Expand |
---|
|
Code | Description |
---|
200 | Successful response. Role updated. Code Block |
---|
{
"name": "test-role",
"description": "test-role-description",
"policies": "*",
"applications": ["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}
"finderName": "myFinder"
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 1 }
],
} |
| 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
PUT/domain/{domainName}/roles/{roleName}
Updates a domain custom role.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} | roleName required
| string
| Enter the name of the role to be updated. |
Request bodyThe request JSON body must include the userInfo object with the following key-value pairs: Parameter | Type | Description |
---|
name required
| string
| Enter the name of the role to be updated. | description
| string
| An optional description for the role. | policies
| list
| The role policies (or permissions) of the role. If this parameter is not included, all the available policies will be added to the role. Using the value [*] or * will also add all the available policies. For an empty policy list, use [] . Example: ["policy_1", "policy_2"] Note |
---|
Role without policies Note that a role without policies must have at least one application assigned, otherwise the creation operation will fail. |
| applications
| list
| Specify the applications available for the role. Using the value [*] or * will add all the available applications. For an empty application list, use [] . Example: ["application_1", "application_2"] | defaultApplicationName
| string
| The required application to use as the default one. The default application name must be among the role applications specified. A default application name is not required when the policies list is empty (a missing registry key is interpreted as an empty list.) | resourceIds
| object
| A JSON object with the resource type and a list of resources IDs. Each resource ID instance takes a name plus an integer array. The name is not really important and only exists to provide a clearer way to describe the role. Each entry resource ID list can be empty. Using the value [*] or * will add all the available domain resources. For an empty resource list, use [] .Examplekey pair "*": [] will add all the available domain resources. For an empty resource list, use [] . Examples Assign specific resources: Code Block |
---|
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
} |
No resources assigned: Code Block |
---|
"resourceIds": {
"activeboard": []
"lookup": []
} |
Add all the available domain resources (lookups and activeboards): Code Block |
---|
"resourceIds": {
"activeboard*": [501]
"lookup":
[1000, 2000] } |
| finderName
| string
| Optionally, enter the name of the default finder to be assigned to the role. | alertPermission
| string
| Level of permission over alerts that you want to grant to the role. There are 3 options available: Null value - Permissions over alerts will not be updated over any existing ones while updating a role, or will be created empty when creating a role. Empty value - No permissions are given over alerts. Several policies might produce and error when the role has no permissions over any alert. Specific value - The role will have permissions only over the provided alerts. This is the format to follow: level - The access level to be granted. Options are: all , category (can be abbreviated as cat ), subcategory (can be abbreviated as sub ), and context (can be abbreviated as ctx ).
granted - The alert ID over which the access is granted. Use all to include all alerts. For the permission to work, the level and grant value must match, meaning that the granted ID must belong to the specified category.
editable - Defines if the alert can be edited or not. Use values 1 (editable) and 0 (not editable).
Code Block |
---|
...
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 0 }
],
... |
Note that several policies require certain alert permissions to be assigned. For example, to include any policy related with alerts, permissions over at least one alert is required. Similarly, any alert management policy requires the same but for an alert with management permissions. When the * value is used for policies, the policies assigned will depend on the alert permissions granted. In the following example, we are granting view permissions over all alerts, so the policies assigned by the wildcard will include values like policy.alerts.view but not policy.alerts.manage Code Block |
---|
{
"name": "test-role",
"alertPermission": [
{ "level" : "all", "granted": "all", "editable": 0 }
],
"policies": "*"
} |
|
Info |
---|
Only name required Only the name is actually required. If you define a role and give it a name only, a role with all the available policies, applications, and resources will be created. |
Currently, these parameters cannot be changed through the API but can be requested: Parameter | Type | Description |
---|
defVaultId
| integer
| The default vault (querying priority level) defined for the role. | maxVaultId
| integer
| The maximum vault defined to be used in the role. |
Note |
---|
Using the defVault and maxVault parameters Admin users need some additional permissions in order to use the defVault and maxVault parameters. Please contact us if you need to use these parameters and we will grant the required permissions to your user. |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/roles |
And this is an example of a request body, including the required JSON object: Code Block |
---|
{
"name": "test-role",
"description": "test-role-description",
"policies": "*",
"applications": ["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}
"finderName": "myFinder"
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 1 }
],
} |
|
Expand |
---|
|
Code | Description |
---|
200 | Successful response. Role updated. Code Block |
---|
{
"name": "test-role",
"description": "test-role-description",
"policies": "*",
"applications": ["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}
"finderName": "myFinder"
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 1 }
],
} |
| 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
PUT/domain/{domainName}/preferences
Update the subset of preferences of a given domain.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Request bodyThe request JSON body must include the spec object with the following key-value pairs: Parameter | Type | Description |
---|
inactivityPeriod required
| number
| Specify the period of time during which a user can be inactive (that is, not interact with the system in any way) without any impact on their session. After the inactivity period expires, the user is locked out of the session and must log back in to continue working with Devo. This is valid only when the expiresSession parameter is set to true . | expiresSession
| boolean
| Select if you want to set an inactivity timeout for domain session. Otherwise, user sessions remain open until manually closed. | getLocaleFromBrowser
| boolean
| Set this parameter to true to use the language configured in your web browser. If your browser language is not supported by Devo, English is the language automatically applied. You can only use this parameter if you don’t include the parameter locale , or set it to false . | locale
| string
| Specify the language of the application. This can be overridden in a user's individual preferences. | hideDemoTablesChecked
| booleang
| Check this box to hide the demo* tables in the finder. | loxcopeCaseSensitivity
| string
| Some query operations have a case-sensitive and a case insensitive version. You can choose which one is used by default when both options exist. There are two options available: | defaultRange
| string
| Specify the time range that determines which events to load by default. The maximum is 24 hours. This applies to all users and all data tables in the domain. | queryForever
| string
| Select to activate real-time data flow by default when opening a data table or query. Otherwise, data tables open with a time range whose end date corresponds to the moment they were opened. |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/preferences |
And this is an example of a request body, including the required JSON object: Code Block |
---|
{
"inactivityPeriod": 10,
"expiresSession": true,
"getLocaleFromBrowser": true,
"locale": 1000,
"hideDemoTablesChecked": false,
"loxcopeCaseSensitivity": "yes",
"defaultRange": "1000"
} |
|
Expand |
---|
|
Code | Description |
---|
200 | Successful response. Preferences updated. Code Block |
---|
{
"inactivityPeriod": 10,
"expiresSession": true,
"getLocaleFromBrowser": true,
"locale": 1000,
"hideDemoTablesChecked": false,
"loxcopeCaseSensitivity": "yes",
"defaultRange": "1000"
} |
| 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
PUT/domain/{domainName}/preferences/limits
Update the limits in the preferences of a given domain.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Request bodyThe request JSON body must include the spec object with the following key-value pairs: Parameter | Type | Description |
---|
userLimit
| number
| Specify the limit of users in the domain. | certificateLimit
| number
| Specify the number of certificates that can be created in a domain. | keyLimit
| number
| Specify the number of access keys that can be created in a domain |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/preferences/limits |
And this is an example of a request body, including the required JSON object: Code Block |
---|
{
"userLimit": 99999,
"certificateLimit": 9999,
"keyLimit": 9999
} |
|
Expand |
---|
|
Code | Description |
---|
200 | Successful response. Limits updated. Code Block |
---|
{
"userLimit": 99999,
"certificateLimit": 9999,
"keyLimit": 9999
} |
| 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
PUT/domain/{domainName}/certificates/download
Download the certificates of a given domain.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. For multitenant domains, enter the full domain name using the format {domainName}@{resellerName} |
Query string parametersQuery string parameters are added after the path parameters, preceded by a question mark (? ) and separated by an ampersand (& ) Parameter | Type | Description |
---|
name
| string
| Name of the certificate to be downloaded. Note that this is the name that appears in the Administration → Credentials → X.509 Certificates area. | pwd
| string
| Password of the required certificate. This is the password for the private key in the Administration → Credentials → X.509 Certificates area. | type
| string
| Type of certificate to be downloaded. Possible values are pkcs12 , tar , jks , or bks (default value is pkcs12 ). |
Depending on the parameters given, the behavior will be different: Name and password provided → The service will look for a certificate matching the given values. A failure response will be sent on errors. Name given, but no password provided → The service will assume the domain API secret as the certificate password. If the certificate exists but has a different password, an error will be returned. No name nor password → In this case, a certificate named '{domainName}_0' will be used, creating it when not found, and using the domain API secret as the password.
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/certificates/download |
|
PUT /domain/{domainName}/auth
...
Note |
---|
Note that this request requires multitenant API credentials. |
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Request bodyThe request JSON body must include the saml2 , openid or password object with the following key-value pairs: SAML Parameter | Type | Description |
---|
active
| boolean
| Set this parameter to true to activate this method. | userProvisioning
| boolean
| Set this parameter to true to automatically register the new user during the authentication process. | roleMapping
| boolean
| Set this parameter to true to link your external roles with the ones in your Devo domain. | usePostMappingRequest
| boolean
| Set this parameter to true to use a POST-Binding workflow instead of HTTP-Redirect. | idp
| array
| Include the following parameters in this array: id (string )
ssoUrl (string )
certificate (string )
nameIdFormat (string )
Learn more about this parameters in this article. | sp
| array
| Include the following parameters in this array: acsUrl (string )
id (string )
homeUrl (string )
Learn more about this parameters in this article. |
OpenID Parameter | Type | Description |
---|
active
| boolean
| Set this parameter to true to activate this method. | userProvisioning
| boolean
| Set this parameter to true to automatically register the new user during the authentication process. | roleMapping
| boolean
| Set this parameter to true to link your external roles with the ones in your Devo domain. | idp
| array
| Include the following parameters in this array: id (string )
secret (string )
ssoUrl (string )
certificate (string )
nameIdFormat (string )
Learn more about these parameters in this article. | sp
| array
| Include the following parameters in this array: Learn more about these parameters in this article. |
Password Parameter | Type | Description |
---|
active
| boolean
| Set this parameter to true to activate this method. | mfaActive
| boolean
| Set this parameter to true to enable MFA (Multi-factor authentication). Learn more about this authentication method in this article. | mfaSkip
| boolean
| Set this parameter to true if you want to make MFA optional for your domain users temporarily. Learn more about this in this article. |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/auth |
And these are examples of the required JSON bodies: SAML Code Block |
---|
{
"saml2": {
"active": false,
"userProvisioning": true,
"roleMapping": true,
"usePostMappingRequest": true,
"sp": {
"homeUrl": "",
"acsUrl": "",
"id": ""
},
"idp": {
"id": "",
"ssoUrl": "",
"certificate": "",
"nameIdFormat": ""
}
}
} |
OpenID Code Block |
---|
{
"openid": {
"active": false,
"userProvisioning": true,
"roleMapping": true,
"sp": {
"homeUrl": ""
},
"idp": {
"id": "",
"secret": "",
"ssoUrl": "",
"tokenUrl": "",
"userInfoUrl": ""
}
}
} |
Password Code Block |
---|
{
"secretpassword": "",{
"ssoUrlactive": ""true,
"tokenUrlmfaActive": ""true,
"userInfoUrlmfaSkip": ""true
}
}
} |
Password |
DELETE/domain/{domainName}
Delete a multitenant domain. This will additionally delete all user domains belonging to the multitenant domain. Any user that ends up without at least one user domain will be deleted as well.
Note |
---|
Note that this request requires multitenant API credentials. |
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName |
|
Expand |
---|
|
Code | Description |
---|
200 | Successful response. Domain deleted. | 400 | Bad request. |
activetrue, mfaActivetrue,
"mfaSkip": true
}
} |
...
...
...
DELETE/domain/{domainName}/roles/{roleName}
Delete a multitenant domain. This will additionally delete all user domains belonging to the multitenant domain. Any user that ends up without at least one user domain will be deleted as well.
Note |
---|
Note that this request requires multitenant API credentials. |
role in a given domain. Note that a role cannot be deleted while it is assigned to a user.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} | roleName required
| string
| Enter the name of the role to be deleted. |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/roles/myRole |
|
Expand |
---|
|
Code | Description |
---|
200 | Successful response. | Domain Role deleted. | 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|
...
...
DELETE/domain/{domainName}/
...
keys/{
...
key}
Delete a role in a specific API key from the given domain. Note that a role cannot be deleted while it is assigned to a user.
Expand |
---|
|
Path parametersAdd the following path parameters as part of the endpoint: Parameter | Type | Description |
---|
domainName required
| string
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName} |
roleName Enter the name of the role to be deleted | API key you want to delete. You can get this using the GET/domain/{domainName}/keys endpoint. Find the required API key in the apiKey parameter of the response. |
Find below a request example: Code Block |
---|
https://api-us.devo.com/probio/domain/domainName@resellerName/roleskeys/myRole1234 |
|
Expand |
---|
|
Code | Description |
---|
200 | Successful response. | Role API key deleted. | 400 | Bad request. Code Block |
---|
{
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
|
|