REST API

Updated 2 months ago by TruSTAR

The TruSTAR REST API enables you to easily synchronize report information available in TruSTAR with the monitoring tools and analysis workflows you use in your infrastructure. All API access is over HTTPS, and all data is transmitted securely in JSON format.

API Coverage

The API provides endpoints for these functional areas of the TruSTAR platform:

Function

Description

Basic commands

Endpoints for Ping, Version, and for requesting your API quota information.

Reports

Endpoints that manage reports, including submit, update, share (with or without redaction), copy, move, delete, search for reports, find correlated reports, and get report status.

Indicators

Endpoints that work with Indicators, including submit, find/search, and summaries.

This section also includes commands for working with safelists (whitelists), including fetching the safelist contents and adding and deleting items from the safelist.

Tags

Endpoints for using tags with Reports and Indicators.

Enclaves

Fetches the list of all enclaves that the user has access to, as well as whether they can read, create, and update reports in that enclave.

Phishing Triage

Endpoints to retrieve prioritized phishing emails and their associated indicators, as well as to set the status of the email.

In addition, the API provides error codes that can help you troubleshoot an integration.


How Did We Do?