Domain operations
- Borja Moro Moreno (Deactivated)
- Virginia Camuñas Núñez
- Alvaro de la Serna Martinez
- Laszlo Frazer
Overview
Check the list of available endpoints and methods to modify and update domains (both common and multitenant domains) using the Provisioning API:
Endpoints and methods | Description | |
|---|---|---|
| 1 | GET | Get a list of all the domains in a multitenant structure. |
| 2 | GET | Get basic information about a given domain in a multitenant structure. |
| 3 | GET | Returns a list of all the children domains a root domain has in a multitenant structure. |
| 4 | GET | Get the price plan retention values of the given multitenant domain. |
| 5 | GET | Get details of all the roles in the given domain. |
| 6 | GET | Get details of a specific role in a given domain. |
| 7 | GET | Get the list of role policies available in a given domain. |
| 8 | GET | Get the list of applications available in a given domain. |
| 9 | GET | Get the list of role resources available in a given domain. |
| 10 | GET | Get the list of role vaults available in a given domain. |
| 11 | GET | Retrieve the subset of preferences of the given domain. |
| 12 | GET | Retrieve the limits in the preferences of the given domain. |
| 13 | GET | Returns a list of all the domains from which a root domain can access data in a multitenant structure. |
| 14 | GET | Returns the configuration info of a multitenant domain. |
| 15 | GET | Returns a list of all the API keys associated to the given domain. |
| 16 | GET | Returns info of a specific API key. |
| 17 | POST | Create a new domain in a multitenant structure. |
| 18 | POST | Disable a multitenant domain. |
| 19 | POST | Enable a multitenant domain. |
| 20 | POST | Creates a new domain visibility configuration (i.e., custom data access) for a given domain. |
| 21 | POST | Create a new role in a given domain. |
| 22 | POST | Generate a new API key/secret pair in the domain. |
| 23 | PUT | Change the current plan of a multitenant domain. |
| 24 | PUT | Update the given domain plan retention configuration. |
| 25 | PUT | Update a role in a given domain. |
| 26 | PUT | Update a role. |
| 27 | PUT | Update the subset of preferences of a given domain. |
| 28 | PUT | Update the limits in the preferences of a given domain. |
| 29 | PUT | Download a certificate. |
| 30 | PUT | Update the configuration of a multitenant domain. |
| 31 | Put | Updates a domain visibility configuration (i.e., custom data access) for a given domain. |
| 32 | DELETe | Delete a domain. |
| 33 | DELETe | Delete a role in a given domain. |
| 34 | DELETe | Delete a specific API key. |
| 35 | delete | Deletes a domain visibility configuration (i.e., custom data access) for a given domain. |
Endpoints and methods
GET /domain
Get a list of all the domains in a multitenant structure. By default, only active domains are retrieved.
Note that this endpoint requires multitenant API credentials. Common domain API key/secret pairs wont work.
Request
Query string parameters
Query string parameters are optionally added after the path parameters, preceded by a question mark (?) and separated by an ampersand ()
Parameter | Type | Description |
|---|---|---|
|
| Set this parameter to true if you want to get all the domains, including disabled ones. The default value is false. |
Find below a request example:
https://api-us.devo.com/probio/domain
Response
Code | Description and sample body |
|---|---|
200 | Successful response. List of domains retrieved. [
{
"name": "domain_1@demo",
"plan": "default",
"time": 36.0,
"volume": 10.0,
"status": "Active"
},
{
"name": "domain_2@demo",
"plan": "default",
"time": 60.0,
"volume": 1.3,
"status": "Active"
}
] |
4xx | Bad request. {
"error": {
"code": 4xx,
"message": "string"
}
} |
GET /domain/{domainName}
Get basic information about a given domain in a multitenant structure.
Note that this endpoint requires multitenant API credentials. Common domain API key/secret pairs wont work.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. Using the format {domainName}@{multitenantName} is optional. |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName
Response
Code | Description and sample body |
|---|---|
200 | Successful response. Domain details retrieved. {
"name": "domainName@multitenantName",
"plan": "default",
"time": 36.0,
"volume": 10.0,
"status": "Active"
} |
4xx | Bad request. {
"error": {
"code": 4xx,
"message": "string"
}
} |
GET /domains/{domainName}
Returns a list of all the domains a root domain has in a multitenant structure.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domains/domainName@multitenantName
Response
Code | Description and sample body |
|---|---|
200 | Successful response. List of domains retrieved. [
"domain1@multitenant",
"domain2@multitenant",
"domain3@multitenant"
] |
204 | Successful response. No children domains. |
400 | Bad request. |
403 | Not a multitenant. |
GET /domain/{domainName}/retention
Get the price plan retention values of the given multitenant domain.
Note that this endpoint requires multitenant API credentials. Common domain API key/secret pairs wont work.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/retention
Response
Code | Description and sample body |
|---|---|
200 | Successful response. Domain retention values retrieved. {
"retentionUnit": "DAYS",
"retentionValue": 1080,
"volume": 10.0
} |
4xx | Bad request. {
"error": {
"code": 4xx,
"message": "string"
}
} |
GET /domain/{domainName}/roles
Get details of all the roles in the given domain, including the default ones.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. If it is a multitenant domain, you must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domainName@multitenantName/roles
Response
Code | Description and sample body |
|---|---|
200 | Successful response. Domain roles retrieved. [
{
"name": "Administrator",
"description": null,
"id": 724,
"type": "ADMIN",
"finderId": -1
},
{
"name": "No Privileges",
"description": null,
"id": 725,
"type": "NO_PRIVILEGES",
"finderId": -1
}
] |
4xx | Bad request. {
"error": {
"code": 4xx,
"message": "string"
}
} |
GET /domain/{domainName}/roles/{roleName}
Get details of a specific role in a given domain, either a default or a custom role.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. If it is a multitenant domain, you must enter the full domain name using the format {domainName}@{multitenantName} |
|
| Enter the name of the required role. Note that this parameter is case sensitive. For Devo default roles, you must type:
|
Query string parameters
Query string parameters are optionally added after the path parameters, preceded by a question mark (?) and separated by an ampersand (&).
Parameter | Type | Description |
|---|---|---|
|
| Set this to |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/roles/Administrator?full=true
Response
Code | Description and sample body |
|---|---|
200 | Successful response. Role info retrieved. Parameter {
"name": "Administrator",
"description": null,
"id": 724,
"type": "ADMIN",
"finderId": -1,
"policies": [
{
"action": "admin_user_resources",
"level": 5,
"label": "policy.admin_user_resources.manage",
"id": 142,
"justForReseller": false
},
{
"action": "lookups_restriction",
"level": 5,
"label": "policy.lookups_restriction.manage",
"id": 25,
"justForReseller": false
},
{
"action": "domain-queries",
"level": 1,
"label": "policy.domain-queries.view",
"id": 88,
"justForReseller": false
},
{
"action": "landing",
"level": 1,
"label": "policy.landing.view",
"id": 78,
"justForReseller": false
},
{
"action": "loxcope_columns",
"level": 5,
"label": "policy.loxcope_columns.manage",
"id": 121,
"justForReseller": false
},
{
"action": "lookups",
"level": 5,
"label": "policy.lookups.manage",
"id": 139,
"justForReseller": false
},
{
"action": "query_management",
"level": 1,
"label": "policy.query_management.view",
"id": 23,
"justForReseller": false
},
{
"action": "permalinks",
"level": 5,
"label": "policy.permalinks.manage",
"id": 131,
"justForReseller": false
},
{
"action": "lookups",
"level": 1,
"label": "policy.lookups.view",
"id": 137,
"justForReseller": false
},
{
"action": "go_to_query",
"level": 1,
"label": "policy.go_to_query.view",
"id": 140,
"justForReseller": false
},
{
"action": "alertSM_pushover",
"level": 5,
"label": "policy.alertSM_pushover.manage",
"id": 173,
"justForReseller": false
},
{
"action": "home",
"level": 1,
"label": "policy.home.view",
"id": 41,
"justForReseller": false
},
{
"action": "redadaDashboards",
"level": 5,
"label": "policy.redadaDashboards.manage",
"id": 157,
"justForReseller": false
},
{
"action": "http_tokens",
"level": 5,
"label": "policy.http_tokens.manage",
"id": 125,
"justForReseller": false
}
],
"applications": [],
"dashboards": [],
"lookups": [],
"finder": {
"id": -1,
"name": "Default",
"description": null
},
"defVault": {
"id": 2,
"name": "normal",
"label": "vault.normal",
"share": 2
},
"maxVault": {
"id": 2,
"name": "normal",
"label": "vault.normal",
"share": 2
},
"alertPermission": [
{
"level": "all",
"granted": "all",
"editable": 1
}
],
"activeboards": []
}Parameter {
"name": "Administrator",
"description": null,
"id": 724,
"type": "ADMIN",
"finderId": -1
} |
4xx | Bad request. {
"error": {
"code": 4xx,
"message": "string"
}
} |
GET /domain/{domainName}/policies
Get the list of role policies (or permissions) available in a given domain.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. If it is a multitenant domain, you must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/policies
Response
Code | Description and sample body |
|---|---|
200 | Successful response. List of available policies retrieved. [
"policy.alertSM_slack.manage",
"policy.lookups_restriction.view",
"policy.alertSM_httpjson.manage",
"policy.alertSM_jira.manage",
"policy.casperables_custom.view",
"policy.notifications.view",
"policy.alertSM_jira.view",
"policy.notifications.manage",
"policy.alertSM_servicenow.manage",
"policy.logautoparser.manage",
"policy.landing.manage",
"policy.relays.manage",
"policy.users.manage",
"policy.query_management.manage",
"policy.alerts.view",
"policy.alertSM_httpjson.view",
"policy.domain_activity.view",
"policy.userdsh.view",
"policy.domain_connections.view",
"policy.view_profile.view",
"policy.permalinks.view",
"policy.inject_myapp.view",
"policy.redadaDashboards.manage",
"policy.alerts_resetglobe.manage",
"policy.lookups.view",
"policy.inject_myapp.manage",
"policy.home.view",
"policy.domain_permalinks.view",
"policy.http_tokens.view",
"policy.alertSM_servicedesk.view",
"policy.alertSM_email.manage",
] |
4xx | Bad request. {
"error": {
"code": 4xx,
"message": "string"
}
} |
GET /domain/{domainName}/applications
Get the list of applications available in a given domain, both installed and not installed.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. If it is a multitenant domain, you must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/applications
Response
Application codes
The response list the domain applications with their corresponding codes. Check here the codes for the most common applications in Devo. If you need to know some other app codes, get in touch with us.
Code | Description and sample body |
|---|---|
200 | Successful response. List of available applications retrieved. [
"app.avm",
"lib.tracking",
"lib.system",
"lib.webserver",
"app.report.firewall",
"app.custom.SecurityInsights_1_2_0",
"lib.appserver",
"lib.logtrust",
"lib.custom",
"lib.attack""
] |
4xx | Bad request. {
"error": {
"code": 4xx,
"message": "string"
}
} |
GET /domain/{domainName}/resources
Get the list of role resources available in a given domain. Resources refer to lookups and activeboards created in the domain.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. If it is a multitenant domain, you must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/resources
Response
Code | Description and sample body |
|---|---|
200 | Successful response. List of available resources retrieved. [
{
"id": 506,
"name": "gondor-lookup-2",
"description": null,
"editable": false
"type": "LOOKUP"
},
{
"id": 503,
"name": "my-activeboard",
"description": null,
"editable": false
"type": "ACTIVEBOARD"
}
] |
4xx | Bad request. {
"error": {
"code": 4xx,
"message": "string"
}
} |
GET /domain/{domainName}/roles/vaults
Get the list of role vaults available in a given domain.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. If it is a multitenant domain, you must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/roles/vaults
Response
Code | Description and sample body |
|---|---|
200 | Successful response. List of vaults retrieved. [
{
"id": 1,
"name": "low",
"label": "vault.low",
"share": 1
},
{
"id": 2,
"name": "normal",
"label": "vault.normal",
"share": 2
},
] |
4xx | Bad request. {
"error": {
"code": 4xx,
"message": "string"
}
} |
GET /domain/{domainName}/preferences
Retrieves the subset of preferences of the given domain.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/preferences
Response
Code | Description and sample body |
|---|---|
200 | Successful response. List of preferences retrieved. {
"inactivityPeriod": 10,
"expiresSession": true,
"getLocaleFromBrowser": true,
"locale": 1000,
"hideDemoTablesChecked": false,
"loxcopeCaseSensitivity": "yes",
"defaultRange": "1000",
"queryForever": "yes"
} |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
GET /domain/{domainName}/preferences/limits
Retrieve the limits in the preferences of the given domain.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/preferences/limits
Response
Code | Description and sample body |
|---|---|
200 | Successful response. List of limits retrieved. {
"userLimit": 99999,
"certificateLimit": 9999,
"keyLimit": 9999
} |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
GET /domain/{domainName}/visibility
Returns a list of all the domains from which a root domain can access data in a multitenant structure.
Note that this request requires multitenant API credentials.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/visibility
Response
Code | Description and sample body |
|---|---|
200 | Successful response. List of domains retrieved. [
"domain1@multitenant",
"domain2@multitenant",
"domain3@multitenant"
] |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
GET /domain/{domainName}/auth
Returns the configuration info of a multitenant domain.
Note that this request requires multitenant API credentials.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required multitenant domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/auth
Response
Code | Description and sample body |
|---|---|
200 | Successful response. Authentication info retrieved. {
"password": {
"active": true,
"disabled": null,
"mfaActive": false,
"mfaSkip": false
}
} |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
GET /domain/{domainName}/keys
Returns a list of all the API keys associated to the given multitenant domain.
Note that this request will only return API keys, not API secrets.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required multitenant domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/keys
Response
Code | Description and sample body |
|---|---|
200 | Successful response. List of API keys retrieved. [
{
"id": 12345,
"userEmail": null,
"apiKey": "27ffa******",
"status": 0,
"updateDate": 1692171865000,
"creationDate": 1692171865000
}
] |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
GET /domain/{domainName}/keys/{key}
Returns information of a specific API key.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required multitenant domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
|
| API key you want to retrieve. You can get this using the GET |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/keys/1234
Response
Code | Description and sample body |
|---|---|
200 | Successful response. API key info retrieved. {
"id": 12345,
"domain": {
"id": "395ee290-*****",
"name": "mydomain@multitenant",
"status": 0,
"type": 15,
"updateDate": 1692171874000,
"creationDate": 1692171874000,
"subscribed": 1,
"daysLeft": 0,
"showLanding": true,
"reseller": {
"id": 12,
"name": "mydomain",
"preferences": null,
"contactInformation": null,
"pricePlans": null,
"updateDate": 1689150931000,
"creationDate": 1689150931000,
"permPolicy": null,
"menuView": null,
"limits": null,
"groupId": null,
"webPreferences": null,
"authRestrictions": false
},
"groupId": null,
"alertsLastReseted": 1694433600000,
"authRestrictions": false,
"dataRetrieval": false
},
"userDomain": null,
"apiKey": "52d****",
"apiSecret": "479****",
"status": 0,
"updateDate": 1692171874000,
"creationDate": 1692171874000,
"sessionId": null,
"webAppId": null
} |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
POST /domain
Create a new domain in a multitenant structure.
Request
Request body
The request JSON body must include the domainInfo object with the following key-value pairs:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. The domain name might include the@{multitenantName}tail or not, but take into account that the full name will actually be used (for example, for name length validation). The name value will always contain the full domain name in the response, even if you have provided only the domain name without the multitenant name tail. |
|
| Enter the name of the price plan. Assigning a domain to an existing, valid multitenant price plan is mandatory. |
|
| Indicate the retention time in months. The maximum value is 100. Contact us to have the ability to redefine table retention enabled or disabled on a plan. If the request attempts to change retention time when the ability to change retention time is disabled, the response will be |
|
| Enter the storage volume in GB. The maximum value is 100. |
Assign an owner to the new domain
After creating a new domain, it wont be accessible until you assign a new or existing user as the domain owner. To do this, you can use the operation described in User operations. Keep in mind that this user needs to have the role Owner.
Domain applications
When you create a new domain, all the applications that belong to the assigned price plan plus all the generic applications will be activated in the new domain.
If only the plan apps are required, the multitenant preferences need to include the property includeAllAvailableApps set to false. This change affects the subscribed alarms (adding or removing the default alarm subscriptions), and is applied when changing a multitenant plan.
Find below a request example:
https://api-us.devo.com/probio/domainAnd this is an example of a request body, including the required JSON object:
{
"name": "new-domain",
"plan": "default-1",
"time": 10.0,
"volume": 100.0
}
Response
Code | Description and sample body |
|---|---|
200 | Successful response. Domain created. {
"name": "new-domain@mymultitenant",
"plan": "default-1",
"time": 10.0,
"volume": 100.0,
"status" : "Active"
} |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
POST /domain/{domainName}/disable
Disable a multitenant domain.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/disable
Response
Code | Description |
|---|---|
200 | Successful response. Domain disabled. |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
POST /domain/{domainName}/enable
Enable a multitenant domain.
Domains with the status pending cannot be activated. Also, when you try to disable or enable an already disabled or enabled domain, you will get an error response.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/enable
Response
Code | Description and sample body |
|---|---|
200 | Successful response. Domain enabled. |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
POST /domain/{domainName}/visibility
Creates a new domain visibility configuration (i.e., custom data access) for a given domain.
Note that this request requires multitenant API credentials.
Please bear in mind that alerts, injections, aggregations, and periodic query lookups in the root domain will not be updated automatically to meet the new data access permission.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the domain you want to grant data access to other domains. You must enter the full domain name using the format {domainName}@{multitenantName} |
Request body
The request JSON body must include the spec object with the following key-value pairs for the domainVibilityDTO:
Parameter | Type | Description |
|---|---|---|
|
| The name of the domain you want to grant data access to other domains. You must enter the full domain name: {domainName}@{multitenantName} |
|
| The name of the multitenant structure the domain belongs to. |
|
| The type of criteria you want to use to find domains to grant access to:
|
|
| The specific criteria to find domains to grant access to, which consists of finding a string at the beginning or end of their names. |
|
| The specific criteria to find domains to grant access to, which consists of listing specific domains. You must enter the full domain name: {domainName}@{multitenantName}
|
Request example
Path
https://api-us.devo.com/probio/domain/domainName@multitenantName/visibilityRequest body with the JSON object:
{
"domain": "domain0@multitenant0",
"reseller": "multitenant0",
"type": "DOMAIN_LIST",
"targets": [
"domain1@multitenant0",
"domain2@multitenant0"
]
}
Response
Code | Description and sample body |
|---|---|
200 | Success. Domain visibility configuration created. |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
POST /domain/{domainName}/roles
Create a new role in a given domain.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Request body
The request JSON body must include the roleInfo object with the following key-value pairs:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the new role. |
|
| An optional description for the role. |
|
| The role policies (or permissions) of the new role. If this parameter is not included, all the available policies will be added to the role. Using the value Example: Role without policies Note that a role without policies must have at least one application assigned, otherwise the creation operation will fail. |
|
| Specify the applications available for the new role. Using the value Example: |
|
| The required application to use as the default one. The default application name must be among the role applications specified. A default application name is not required when the policies list is empty (a missing registry key is interpreted as an empty list) |
|
| A JSON object where you indicate the resources to be added to the role. You mast add an array for each resource, including its ID and access level:
Example: "resources": [
{
"id": 501,
"editable": 1
}
] |
|
| Deprecated parameter Note that this parameter is deprecated and it is recommended to use the If a request includes both schemas, the A JSON object with the resource type and a list of resources IDs. Each resource ID instance takes a name plus an integer array. The name is not really important and only exists to provide a clearer way to describe the role. Each entry resource ID list can be empty. Using the key pair Examples Assign specific resources: "resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}No resources assigned: "resourceIds": {
"activeboard": []
"lookup": []
}Add all the available domain resources (lookups and activeboards): "resourceIds": {
"*": []
} |
|
| Optionally, enter the name of the default finder to be assigned to the role. |
|
| Level of permission over alerts that you want to grant to the new role. There are 3 options available:
...
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 0 }
],
...Note that several policies require certain alert permissions to be assigned. For example, to include any policy related with alerts, permissions over at least one alert is required. Similarly, any alert management policy requires the same but for an alert with management permissions. When the {
"name": "test-role",
"alertPermission": [
{ "level" : "all", "granted": "all", "editable": 0 }
],
"policies": "*"
} |
Only name required
Only the name is actually required. If you define a role and give it a name only, a role with all the available policies, applications, and resources will be created.
Currently, these parameters cannot be changed through the API but can be requested:
Parameter | Type | Description |
|---|---|---|
|
| The default vault (querying priority level) defined for the role. |
|
| The maximum vault defined to be used in the role. |
Using the defVault and maxVault parameters
Admin users need some additional permissions in order to use the defVault and maxVault parameters. Please contact us if you need to use these parameters and we will grant the required permissions to your user.
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/rolesAnd this is an example of a request body, including the required JSON object:
{
"name": "test-role",
"description": "test-role-description",
"policies": "*",
"applications": ["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}
"finderName": "myFinder"
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 1 }
],
}
Response
Code | Description |
|---|---|
200 | Successful response. Role created. {
"name": "test-role",
"description": "test-role-description",
"policies": "*",
"applications": ["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}
"finderName": "myFinder"
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 1 }
],
} |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
POST /domain/{domainName}/keys
Creates a new API key/secret pair for the domain. The autogenerated credentials are returned in the response. The request body of this request must be empty.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/keys
Response
Code | Description and sample body |
|---|---|
200 | Successful response. Pair of credentials generated. {
"id": 12345,
"domainName": "mydomain@multitenant",
"userEmail": null,
"apiKey": "7d4***",
"apiSecret": "33b***",
"status": 0,
"updateDate": 1724067437287,
"creationDate": 1724067437287
} |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
PUT /domain/{domainName}/plan
Change the current plan of a multitenant domain. The new plan must be valid for the multitenant structure and different from the current one.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Query string parameters
Query string parameters are added after the path parameters, preceded by a question mark (?) and separated by an ampersand (&).
Parameter | Type | Description |
|---|---|---|
|
| Name of the new plan to be set. |
|
| Decide what to do with users that have a custom role, that is to say, roles other than Admin and No privileges. Possible values are:
|
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/plan/?pricePlan=plan-name&keepRole=true
Response
Code | Description |
|---|---|
200 | Successful response. Plan updated. |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
PUT /domain/{domainName}/retention
Update the price plan configuration (retention volume) of a given domain. Partial updates are permitted.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Request body
The request JSON body must include the retentionConfig object with the following key-value pairs:
Parameter | Type | Description |
|---|---|---|
|
| Enter the maximum ingestion volume. |
|
| Specify the required unit of the retention value.. Allowed values are |
|
| Required retention value. Contact us to have the ability to redefine table retention enabled or disabled on a plan. If the request attempts to change retention time when the ability to change retention time is disabled, the response will be |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/retentionAnd this is an example of a request body, including the required JSON object:
{
"volume": 2.5,
"retentionUnit": "MONTHS",
"retentionValue": 6
}
Response
Code | Description |
|---|---|
200 | Successful response. Plan updated. {
"volume": 2.5,
"retentionUnit": "MONTHS",
"retentionValue": 6
} |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
PUT /domain/{domainName}/roles
Updates a domain custom role in a given domain.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Request body
The request JSON body must include the roleInfo object with the following key-value pairs:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the role to be updated. |
|
| An optional description for the role. |
|
| The role policies (or permissions) of the role. If this parameter is not included, all the available policies will be added to the role. Using the value Example: Role without policies Note that a role without policies must have at least one application assigned, otherwise the creation operation will fail. |
|
| Specify the applications available for the role. Using the value Example: |
|
| The required application to use as the default one. The default application name must be among the role applications specified. A default application name is not required when the policies list is empty (a missing registry key is interpreted as an empty list.) |
|
| A JSON object with the resource type and a list of resources IDs. Each resource ID instance takes a name plus an integer array. The name is not really important and only exists to provide a clearer way to describe the role. Each entry resource ID list can be empty. Using the key pair Examples Assign specific resources: "resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}No resources assigned: "resourceIds": {
"activeboard": []
"lookup": []
}Add all the available domain resources (lookups and activeboards): "resourceIds": {
"*": []
} |
|
| Optionally, enter the name of the default finder to be assigned to the role. |
|
| Level of permission over alerts that you want to grant to the role. There are 3 options available:
...
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 0 }
],
...Note that several policies require certain alert permissions to be assigned. For example, to include any policy related with alerts, permissions over at least one alert is required. Similarly, any alert management policy requires the same but for an alert with management permissions. When the {
"name": "test-role",
"alertPermission": [
{ "level" : "all", "granted": "all", "editable": 0 }
],
"policies": "*"
} |
Only name required
Only the name is actually required. If you define a role and give it a name only, a role with all the available policies, applications, and resources will be created.
Currently, these parameters cannot be changed through the API but can be requested:
Parameter | Type | Description |
|---|---|---|
|
| The default vault (querying priority level) defined for the role. |
|
| The maximum vault defined to be used in the role. |
Using the defVault and maxVault parameters
Admin users need some additional permissions in order to use the defVault and maxVault parameters. Please contact us if you need to use these parameters and we will grant the required permissions to your user.
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/rolesAnd this is an example of a request body, including the required JSON object:
{
"name": "test-role",
"description": "test-role-description",
"policies": "*",
"applications": ["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}
"finderName": "myFinder"
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 1 }
],
}
Response
Code | Description |
|---|---|
200 | Successful response. Role updated. {
"name": "test-role",
"description": "test-role-description",
"policies": "*",
"applications": ["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}
"finderName": "myFinder"
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 1 }
],
} |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
PUT /domain/{domainName}/roles/{roleName}
Updates a domain custom role.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
|
| Enter the name of the role to be updated. |
Request body
The request JSON body must include the roleInfo object with the following key-value pairs:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the role to be updated. |
|
| An optional description for the role. |
|
| The role policies (or permissions) of the role. If this parameter is not included, all the available policies will be added to the role. Using the value Example: Role without policies Note that a role without policies must have at least one application assigned, otherwise the creation operation will fail. |
|
| Specify the applications available for the role. Using the value Example: |
|
| The required application to use as the default one. The default application name must be among the role applications specified. A default application name is not required when the policies list is empty (a missing registry key is interpreted as an empty list.) |
|
| A JSON object with the resource type and a list of resources IDs. Each resource ID instance takes a name plus an integer array. The name is not really important and only exists to provide a clearer way to describe the role. Each entry resource ID list can be empty. Using the key pair Examples Assign specific resources: "resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}No resources assigned: "resourceIds": {
"activeboard": []
"lookup": []
}Add all the available domain resources (lookups and activeboards): "resourceIds": {
"*": []
} |
|
| Optionally, enter the name of the default finder to be assigned to the role. |
|
| Level of permission over alerts that you want to grant to the role. There are 3 options available:
...
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 0 }
],
...Note that several policies require certain alert permissions to be assigned. For example, to include any policy related with alerts, permissions over at least one alert is required. Similarly, any alert management policy requires the same but for an alert with management permissions. When the {
"name": "test-role",
"alertPermission": [
{ "level" : "all", "granted": "all", "editable": 0 }
],
"policies": "*"
} |
Only name required
Only the name is actually required. If you define a role and give it a name only, a role with all the available policies, applications, and resources will be created.
Currently, these parameters cannot be changed through the API but can be requested:
Parameter | Type | Description |
|---|---|---|
|
| The default vault (querying priority level) defined for the role. |
|
| The maximum vault defined to be used in the role. |
Using the defVault and maxVault parameters
Admin users need some additional permissions in order to use the defVault and maxVault parameters. Please contact us if you need to use these parameters and we will grant the required permissions to your user.
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/roles/test-roleAnd this is an example of a request body, including the required JSON object:
{
"name": "test-role",
"description": "test-role-description",
"policies": "*",
"applications": ["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}
"finderName": "myFinder"
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 1 }
],
}
Response
Code | Description |
|---|---|
200 | Successful response. Role updated. {
"name": "test-role",
"description": "test-role-description",
"policies": "*",
"applications": ["my-custom-app","another-app"],
"defaultApplicationName": "my-custom-app",
"resourceIds": {
"activeboard": [501]
"lookup": [1000, 2000]
}
"finderName": "myFinder"
"alertPermission": [
{ "level" : "all",
"granted": "all",
"editable": 1 }
],
} |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
PUT /domain/{domainName}/preferences
Update the subset of preferences of a given domain.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Request body
The request JSON body must include the spec object with the following key-value pairs:
Parameter | Type | Description |
|---|---|---|
|
| Specify the period of time during which a user can be inactive (that is, not interact with the system in any way) without any impact on their session. After the inactivity period expires, the user is locked out of the session and must log back in to continue working with Devo. This is valid only when the |
|
| Select if you want to set an inactivity timeout for domain session. Otherwise, user sessions remain open until manually closed. |
|
| Set this parameter to If your browser language is not supported by Devo, English is the language automatically applied. You can only use this parameter if you dont include the parameter |
|
| Specify the language of the application. This can be overridden in a user's individual preferences. |
|
| Check this box to hide the |
|
| Some query operations have a case-sensitive and a case insensitive version. You can choose which one is used by default when both options exist. There are two options available:
|
|
| Specify the time range that determines which events to load by default. The maximum is 24 hours. This applies to all users and all data tables in the domain. |
|
| Select to activate real-time data flow by default when opening a data table or query. Otherwise, data tables open with a time range whose end date corresponds to the moment they were opened. |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/preferencesAnd this is an example of a request body, including the required JSON object:
{
"inactivityPeriod": 10,
"expiresSession": true,
"getLocaleFromBrowser": true,
"locale": 1000,
"hideDemoTablesChecked": false,
"loxcopeCaseSensitivity": "yes",
"defaultRange": "1000"
}
Response
Code | Description |
|---|---|
200 | Successful response. Preferences updated. {
"inactivityPeriod": 10,
"expiresSession": true,
"getLocaleFromBrowser": true,
"locale": 1000,
"hideDemoTablesChecked": false,
"loxcopeCaseSensitivity": "yes",
"defaultRange": "1000"
} |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
PUT /domain/{domainName}/preferences/limits
Update the limits in the preferences of a given domain.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Request body
The request JSON body must include the spec object with the following key-value pairs:
Parameter | Type | Description |
|---|---|---|
|
| Specify the limit of users in the domain. |
|
| Specify the number of certificates that can be created in a domain. |
|
| Specify the number of access keys that can be created in a domain |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/preferences/limitsAnd this is an example of a request body, including the required JSON object:
{
"userLimit": 99999,
"certificateLimit": 9999,
"keyLimit": 9999
}
Response
Code | Description |
|---|---|
200 | Successful response. Limits updated. {
"userLimit": 99999,
"certificateLimit": 9999,
"keyLimit": 9999
} |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
PUT /domain/{domainName}/certificates/download
Download the certificates of a given domain.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. For multitenant domains, enter the full domain name using the format {domainName}@{multitenantName} |
Query string parameters
Query string parameters are added after the path parameters, preceded by a question mark (?) and separated by an ampersand ()
Parameter | Type | Description |
|---|---|---|
|
| Name of the certificate to be downloaded. Note that this is the name that appears in the Administration Credentials X.509 Certificates area. |
|
| Password of the required certificate. This is the password for the private key in the Administration Credentials X.509 Certificates area. |
|
| Type of certificate to be downloaded. Possible values are |
Depending on the parameters given, the behavior will be different:
Name and password provided The service will look for a certificate matching the given values. A failure response will be sent on errors.
Name given, but no password provided The service will assume the domain API secret as the certificate password. If the certificate exists but has a different password, an error will be returned.
No name nor password In this case, a certificate named '{domainName}_0' will be used, creating it when not found, and using the domain API secret as the password.
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/certificates/downloadPUT /domain/{domainName}/auth
Updates the configuration info of a multitenant domain.
Note that this request requires multitenant API credentials.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Request body
The request JSON body must include the saml2 , openid or password object with the following key-value pairs:
SAML
Parameter | Type | Description |
|---|---|---|
|
| Set this parameter to |
|
| Set this parameter to |
|
| Set this parameter to |
|
| Set this parameter to |
|
| Include the following parameters in this array:
Learn more about this parameters in this article. |
|
| Include the following parameters in this array:
Learn more about this parameters in this article. |
OpenID
Parameter | Type | Description |
|---|---|---|
|
| Set this parameter to |
|
| Set this parameter to |
|
| Set this parameter to |
|
| Include the following parameters in this array:
Learn more about these parameters in this article. |
|
| Include the following parameters in this array:
Learn more about these parameters in this article. |
Password
Parameter | Type | Description |
|---|---|---|
|
| Set this parameter to |
|
| Set this parameter to |
|
| Set this parameter to |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/authAnd these are examples of the required JSON bodies:
SAML
{
"saml2": {
"active": false,
"userProvisioning": true,
"roleMapping": true,
"usePostMappingRequest": true,
"sp": {
"homeUrl": "",
"acsUrl": "",
"id": ""
},
"idp": {
"id": "",
"ssoUrl": "",
"certificate": "",
"nameIdFormat": ""
}
}
}OpenID
{
"openid": {
"active": false,
"userProvisioning": true,
"roleMapping": true,
"sp": {
"homeUrl": ""
},
"idp": {
"id": "",
"secret": "",
"ssoUrl": "",
"tokenUrl": "",
"userInfoUrl": ""
}
}
} Password
{
"password": {
"active": true,
"mfaActive": true,
"mfaSkip": true
}
} PUT /domain/{domainName}/visibility
Updates a domain visibility configuration (i.e., custom data access) for a given domain.
Note that this request requires multitenant API credentials.
Please bear in mind that alerts, injections, aggregations, and periodic query lookups in the root domain will not be updated automatically to meet the new data access permission.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the domain you want to grant data access to other domains. You must enter the full domain name using the format {domainName}@{multitenantName} |
Request body
The request JSON body must include the spec object with the following key-value pairs for the domainVibilityDTO:
Parameter | Type | Description |
|---|---|---|
|
| The name of the domain you want to grant data access to other domains. You must enter the full domain name: {domainName}@{multitenantName} |
|
| The name of the multitenant structure the domain belongs to. |
|
| The type of criteria you want to use to find domains to grant access to:
|
|
| The specific criteria to find domains to grant access to, which consists of finding a string at the beginning or end of their names. |
|
| The specific criteria to find domains to grant access to, which consists of listing specific domains. You must enter the full domain name: {domainName}@{multitenantName} |
Request example
Path
https://api-us.devo.com/probio/domain/domainName@multitenantName/visibilityRequest body with the JSON object:
{
"domain": "domain0@multitenant0",
"reseller": "multitenant0",
"type": "DOMAIN_LIST",
"targets": [
"domain1@multitenant0",
"domain2@multitenant0"
]
}
Response
Code | Description and sample body |
|---|---|
200 | Success. Domain visibility configuration updated. |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
DELETE /domain/{domainName}
Delete a multitenant domain. This will additionally delete all user domains belonging to the multitenant domain. Any user that ends up without at least one user domain will be deleted as well.
Note that this request requires multitenant API credentials.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName
Response
Code | Description |
|---|---|
200 | Successful response. Domain deleted. |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
DELETE /domain/{domainName}/roles/{roleName}
Delete a role in a given domain. Note that a role cannot be deleted while it is assigned to a user.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
|
| Enter the name of the role to be deleted. |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/roles/myRole
Response
Code | Description |
|---|---|
200 | Successful response. Role deleted. |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
DELETE /domain/{domainName}/keys/{key}
Delete a specific API key from the given domain.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{multitenantName} |
|
| API key you want to delete. You can get this using the GET |
Find below a request example:
https://api-us.devo.com/probio/domain/domainName@multitenantName/keys/1234
Response
Code | Description |
|---|---|
200 | Successful response. API key deleted. |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |
DELETE /domain/{domainName}/visibility
Deletes a domain visibility configuration (i.e., custom data access) for a given domain.
Note that this request requires multitenant API credentials.
Please bear in mind that alerts, injections, aggregations, and periodic query lookups in the root domain will not be updated automatically to meet the new data access permission.
Request
Path parameters
Add the following path parameters as part of the endpoint:
Parameter | Type | Description |
|---|---|---|
|
| Enter the name of the domain you want to grant data access to other domains. You must enter the full domain name using the format {domainName}@{multitenantName} |
Request example
Path
https://api-us.devo.com/probio/domain/domainName@multitenantName/visibility
Response
Code | Description |
|---|---|
200 | Success. Domain visibility configuration deleted. |
400 | Bad request. {
"code": {
"10": "Invalid signature"
},
"message": "string"
} |