![white-logo.png]](https://www.livingsecurity.com/hs-fs/hubfs/white-logo.png?height=40&name=white-logo.png){kind=logo}
Living Security Phish REST API
The REST API allows you to configure the integration between Living Security Phish and other products, and export or import data with supported API requests.
Use Cases
How to configure the REST API
Programmatic access to the API
API documentation
Use Cases
Use case 1: SOAR Integrations
-
- API integration with your security orchestration, automation, and response (SOAR) solutions enables you to respond more efficiently to harmful emails.
If the Incident Responder API endpoints are integrated with your current SOAR products, such as antivirus, firewall, endpoint detection, and response, proxy services, etc., it will save valuable time in the response to a potential threat via API endpoints in comparison with a manual investigation of a reported email.
- API integration with your security orchestration, automation, and response (SOAR) solutions enables you to respond more efficiently to harmful emails.
- Use Case 2: IAM - IDM Integration (User provisioning)
- Identity and access management is critical to success; however, manually uploading target user information to the platform is a laborious, time-consuming process. I Using the platform's API pool makes it possible to automatically perform tasks such as creating, updating, or deleting a target user.
- Use Case 3: Password Management
- The passwords of the system users registered with the platform must be changed at designated intervals. If your company does not support SAML integration, system users' passwords can be changed periodically using the platform's API pool.
- Use Case 4: SIEM Integration
- The actions of all system admin users and service accounts on the platform are recorded in audit logs for auditability and accountability.
You can transfer the audit logs to your SIEM product in real-time to manage and see audit logs on the SIEM product. You can either do it with REST API or from the Web Interface.
- The actions of all system admin users and service accounts on the platform are recorded in audit logs for auditability and accountability.
How to configure the REST API
- Navigate to Company > Company Settings > REST API, then click the + NEW button.
The components of the REST API edit page are explained in detail in the table below:
Client Name Name of the REST API configuration Generate Client Credentials Create Client ID and Client Secret keys by clicking the button Client ID Create Client ID and Client Secret keys by clicking the button Client Secret Client Secret key information (The secret key is only displayed at the time of creation. This information must be copied and saved in a safe place before finalizing). IP Restriction You can limit access to the REST API with the Client ID and Client Secret information based on IP address.
Allow all IPs = Any IP address can have the access to use Rest API.
Restrict access by IP address = Only permitted IP addresses will have access to the REST API. You may add additional IP addresses if needed by clicking Add IP Address button.Client Role The standard roles are Reseller or Company Admin to access the API endpoints with the chosen role’s privilege. Status The status can be set to Inactive to not to use Rest API anymore.
Once created, you can view, edit, or delete any API configurations at the Company > Company Settings > Rest API page.
Programmatic access to the API
Use the following request with the credentials you created to programmatically access the API. Use this in place of UI interaction:
curl --location 'https://api.keepnetlabs.com/connect/token' \
--header 'authorization: Basic <your token>' \
--header 'content-type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials'
Questions? Contact Us or Submit a Support Request
