Page tree

Contents

Dossier API

Customers commonly use Dossier API Basic. It provides access to all information available on the portal. The Dossier API Basic Guide describes all available filters and options. Before using the Dossier API Guide, you need to enter an API Key in “api_key” field. The API keys are configured on the User Settings page under “Manage API Keys”.

The BloxOne platform leverages the Basic Auth method in HTTP/HTTPS to transport the API key. The API key is passed in the username field. The password field should be set to an empty string.

When a test query is executed, the API Guide returns: a CURL command to request the data, response body and response code. The listing below contains a sample CURL command which retrieves information about “eicar.top” domain in JSON format, which is the only supported export format for API based indicator search.

curl -H “Content-Type”:”application/json” -X POST “https://platform.activetrust.net:8000/api/services/intel/lookup/jobs?wait=true” -u <User_API_Key>: -d ‘{“target”:{“one”:{“type”: “host”,”target”: “eicar.top”, “sources”: [“alexa”,”atp”,”dns”,”gcs”,”gsb”,”malware_analysis”,”pdns”,”ptr”,”rwhois”,”whois”]}}}

Depending on the amount of data being requested, it may take some time to retrieve the data. In the case where the data is not required immediately, a search can be executed with the “wait” parameter set to “false” and retrieved later using the Dossier API Advanced call. In this case the first search (Basic API call) will return the “job_id”. The status of the job and results can be retrieved using the Advanced API “lookup_jobs_management” calls. The URL below retrieves results of a job using the “job_id” parameter:

https://platform.activetrust.net:8000/api/services/intel/lookup/jobs/job_id/results

The Dossier Advanced API provides these API calls:

  • Lookup Jobs APIs (lookup_jobs_management) API calls – return status and results of the lookup jobs.
  • Lookup Job Index (lookup_jobs_index) API calls – return list of the performed searches per user or organization.
  • Worker Status (worker_stats) API calls – provide statistics per source, e.g. alexa, atp, dns etc.
  • Service Metadata (service_metadata) API calls – return information about supported sources, targets, supported sources by targets and targets descriptions.










  • No labels

This page has no comments.