Adds an Organization
This endpoint may only be used by administrators.
/organization
Methods
Gets the list of Organizations
Fields Parameter
NOTE: This endpoint is still set to return all fields on this call by default. Eventually, this will be merged to provide the minimal set as noted by the legend below.
The fields parameter should be specified along the query string, and it takes the syntax
?fields=<field>,...
Allowed Fields
*id
*uuid
**name
**description
email
address
city
state
country
phone
fax
ipInfoLinks
zoneSelection
restrictedIPs
vulnScoreLow
vulnScoreMedium
vulnScoreHigh
vulnScoreCritical
vulnScoringSystem
createdTime
modifiedTime
passwordExpires
passwordExpiration
userCount
lces
repositories
zones
nessusManagers
pubSites
ldaps
Legend
* = always comes back
** = comes back if fields list not specified on GET all
redFont = field is a JSON object ( e.g. "repository" :{ "id" : <id>, "name" : <name> } )
Request Parameters
None
Example Response
{
"type" : "regular",
"response" : [
{
"id" : "8",
"name" : "Org",
"description" : "New Org",
"email" : "",
"address" : "",
"city" : "",
"state" : "",
"country" : "",
"phone" : "",
"fax" : "",
"ipInfoLinks" : [
{
"name" : "SANS",
"link" : "https:\/\/isc.sans.edu\/ipinfo.html?ip=%IP%"
},
{
"name" : "ARIN",
"link" : "http:\/\/whois.arin.net\/rest\/ip\/%IP%"
}
],
"zoneSelection" : "auto_only",
"restrictedIPs" : "192.168.1.1",
"vulnScoreLow" : "1",
"vulnScoreMedium" : "3",
"vulnScoreHigh" : "10",
"vulnScoreCritical" : "40",
"vulnScoringSystem" : "CVSSv2",
"createdTime" : "1406321214",
"modifiedTime" : "1414509795",
"passwordExpires": "true",
"passwordExpiration": "90",
"userCount" : "4",
"lces" : [
{
"id" : "3",
"name" : "LCE 192.168.1.1",
"description" : "Copied from Box for testing"
},
{
"id" : "4",
"name" : "NEW LCE",
"description" : "Copied from Box for testing"
},
{
"id" : "5",
"name" : "qa-lce4x-lifeA",
"description" : "Copied from Box for testing"
}
],
"repositories" : [
{
"id" : "25",
"name" : "IPv6 Rep",
"description" : "",
"type" : "Local",
"dataFormat" : "IPv6",
"groupAssign" : "fullAccess",
"uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"
},
{
"id" : "26",
"name" : "agrepo",
"description" : "",
"type" : "Local",
"dataFormat" : "IPv4",
"groupAssign" : "fullAccess",
"uuid" : "29F2B9E1-ADE9-4550-B63C-CEA1423E52FC"
},
{
"id" : "27",
"name" : "mp asset tests IPv6",
"description" : "Copied from QA",
"type" : "Local",
"dataFormat" : "IPv6",
"groupAssign" : "fullAccess",
"uuid" : "96F2AD1B-1B83-462E-908A-84E6054F6B64"
},
{
"id" : "29",
"name" : "Test IPv6",
"description" : "",
"type" : "Local",
"dataFormat" : "IPv6",
"groupAssign" : "fullAccess",
"uuid" : "2DF066B8-F310-44BB-B6BE-BC6D5BDEE0AB"
}
],
"zones" : [],
"ldaps" : [],
"pubSites" : [
{
"id":"2","name":"Test1","description":"","type":"CMRS"
}
],
"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
},
{
"id" : "9",
"name" : "Test Org 1",
"description" : "",
"email" : "",
"address" : "",
"city" : "",
"state" : "",
"country" : "",
"phone" : "",
"fax" : "",
"ipInfoLinks" : [
{
"name" : "SANS",
"link" : "https:\/\/isc.sans.edu\/ipinfo.html?ip=%IP%"
},
{
"name" : "ARIN",
"link" : "http:\/\/whois.arin.net\/rest\/ip\/%IP%"
}
],
"zoneSelection" : "auto_only",
"restrictedIPs" : "",
"vulnScoreLow" : "1",
"vulnScoreMedium" : "3",
"vulnScoreHigh" : "10",
"vulnScoreCritical" : "40",
"vulnScoringSystem" : "CVSSv2",
"createdTime" : "1409944744",
"modifiedTime" : "1414521257",
"passwordExpires": "true",
"passwordExpiration": "90",
"userCount" : "1",
"lces" : [],
"repositories" : [
{
"id" : "25",
"name" : "IPv6 Rep",
"description" : "",
"type" : "Local",
"dataFormat" : "IPv6",
"groupAssign" : "fullAccess",
"uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"
},
{
"id" : "26",
"name" : "agrepo",
"description" : "",
"type" : "Local",
"dataFormat" : "IPv4",
"groupAssign" : "fullAccess",
"uuid" : "29F2B9E1-ADE9-4550-B63C-CEA1423E52FC"
},
{
"id" : "27",
"name" : "mp asset tests IPv6",
"description" : "Copied from QA",
"type" : "Local",
"dataFormat" : "IPv6",
"groupAssign" : "fullAccess",
"uuid" : "96F2AD1B-1B83-462E-908A-84E6054F6B64"
}
],
"zones" : [],
"ldaps" : [],
"nessusManagers" : [],
"pubSites" : [],
"uuid" : "F8F1B126-1B50-4A65-851A-1168F3283D7B"
}
],
"error_code" : 0,
"error_msg" : "",
"warnings" : [],
"timestamp" : 1418050287
}
Adds an Organization
Request Parameters
NOTE: "zoneSelection" has specific "zone" restrictions noted below:
- auto_only cannot have any zones assigned
- locked must have one zone assigned
- selectable and selectable+auto_restricted must have at least one zone assigned
- selectable+auto has no restrictions
{
"name" : <string>,
"passwordExpires" : <string> "false" | "true" OPTIONAL,
"passwordExpiration" : <number> (a number between 1 and 365) OPTIONAL,
"zoneSelection" : <string> "auto_only" | "locked" | "selectable" | "selectable+auto" | "selectable+auto_restricted",
"restrictedIPs" : <string> (valid IP address or range of IP addresses) OPTIONAL,
"lces" : [
{
"id" : <number>
}...
] DEFAULT [],
"repositories" : [
{
"id" : <number> OR "uuid" : <string>
}...
] DEFAULT [],
"pubSites" : [
{
"id" : <number>
}...
] DEFAULT [],
"zones" : [
{
"id" : <number> OR "uuid" : <string>
}...
] DEFAULT [],
"ldaps" : [
{
"id" : <number>
}...
] DEFAULT [],
"nessusManagers" : [
{
"id" : <number>
}...
] DEFAULT [],
"vulnScoreLow" : <number> DEFAULT 1,
"vulnScoreMedium" : <number> DEFAULT 3,
"vulnScoreHigh" : <number> DEFAULT 10,
"vulnScoreCritical" : <number> DEFAULT 40,
"vulnScoringSystem" : <string> "CVSSv2" | "CVSSv3",
"ipInfoLinks" : [
{
"link" : <string>,
"name" : <string>
}
{
"link" : <string>,
"name" : <string>
}
] DEFAULT []
...
}
Example Response
{
"type" : "regular",
"response" : {
"id" : "10",
"name" : "Org Post",
"description" : "",
"email" : "",
"address" : "",
"city" : "",
"state" : "",
"country" : "",
"phone" : "",
"fax" : "",
"ipInfoLinks" : [
{
"name" : "SANS",
"link" : "https:\/\/isc.sans.edu\/ipinfo.html?ip=%IP%"
},
{
"name" : "ARIN",
"link" : "http:\/\/whois.arin.net\/rest\/ip\/%IP%"
}
],
"zoneSelection" : "auto_only",
"restrictedIPs" : "",
"vulnScoreLow" : "1",
"vulnScoreMedium" : "3",
"vulnScoreHigh" : "10",
"vulnScoreCritical" : "40",
"vulnScoringSystem" : "CVSSv2",
"createdTime" : "1418052290",
"modifiedTime" : "1418052290",
"passwordExpires": "true",
"passwordExpiration": "90",
"userCount" : "0",
"lces" : [
{
"id" : "5",
"name" : "qa-lce4x-lifeA",
"description" : "Copied from Box for testing"
}
],
"repositories" : [
{
"id" : "26",
"name" : "agrepo",
"description" : "",
"type" : "Local",
"dataFormat" : "IPv4",
"groupAssign" : "all",
"uuid" : "51C9083D-3AF6-4557-9492-7B25FCF6BAEB"
}
],
"passwordExpires" : "true",
"passwordExpiration" : "90",
"zones" : [],
"ldaps" : [],
"nessusManagers" : [],
"pubSites" : [],
"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
},
"error_code" : 0,
"error_msg" : "",
"warnings" : [],
"timestamp" : 1418052290
}
/organization/{id}
/organization/{uuid}
Methods
Gets the Organization associated with {id} or {uuid}.
Fields Parameter
The fields parameter should be specified along the query string, and it takes the syntax
?fields=<field>,...
Allowed Fields
*id
*uuid
**name
**description
email
address
city
state
country
phone
fax
ipInfoLinks
zoneSelection
restrictedIPs
vulnScoreLow
vulnScoreMedium
vulnScoreHigh
vulnScoreCritical
vulnScoringSystem
createdTime
modifiedTime
passwordExpires
passwordExpiration
userCount
lces
repositories
zones
nessusManagers
pubSites
ldaps
Legend
* = always comes back
** = comes back if fields list not specified on GET all
redFont = field is a JSON object ( e.g. "repository" :{ "id" : <id>, "name" : <name> } )
Request Parameters
None
Example Response
{
"type" : "regular",
"response" : {
"id" : "8",
"name" : "Org",
"description" : "Testing for Policies with New Schema",
"email" : "",
"address" : "",
"city" : "",
"state" : "",
"country" : "",
"phone" : "",
"fax" : "",
"ipInfoLinks" : [
{
"name" : "SANS",
"link" : "https:\/\/isc.sans.edu\/ipinfo.html?ip=%IP%"
},
{
"name" : "ARIN",
"link" : "http:\/\/whois.arin.net\/rest\/ip\/%IP%"
}
],
"zoneSelection" : "auto_only",
"restrictedIPs" : "192.168.1.1",
"vulnScoreLow" : "1",
"vulnScoreMedium" : "3",
"vulnScoreHigh" : "10",
"vulnScoreCritical" : "40",
"vulnScoringSystem" : "CVSSv2",
"createdTime" : "1406321214",
"modifiedTime" : "1414509795",
"passwordExpires": "true",
"passwordExpiration": "90",
"userCount" : "4",
"lces" : [
{
"id" : "3",
"name" : "LCE 192.168.1.1",
"description" : "Copied from Box for testing"
},
{
"id" : "4",
"name" : "NEW LCE",
"description" : "Copied from Box for testing"
},
{
"id" : "5",
"name" : "qa-lce4x-lifeA",
"description" : "Copied from Box for testing"
}
],
"repositories" : [
{
"id" : "25",
"name" : "IPv6 Rep",
"description" : "",
"type" : "Local",
"dataFormat" : "IPv6",
"groupAssign" : "fullAccess",
"uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"
},
{
"id" : "26",
"name" : "agrepo",
"description" : "",
"type" : "Local",
"dataFormat" : "IPv4",
"groupAssign" : "fullAccess",
"uuid" : "29F2B9E1-ADE9-4550-B63C-CEA1423E52FC"
},
{
"id" : "27",
"name" : "mp asset tests IPv6",
"description" : "Copied from QA",
"type" : "Local",
"dataFormat" : "IPv6",
"groupAssign" : "fullAccess",
"uuid" : "96F2AD1B-1B83-462E-908A-84E6054F6B64"
},
{
"id" : "29",
"name" : "Test IPv6",
"description" : "",
"type" : "Local",
"dataFormat" : "IPv6",
"groupAssign" : "fullAccess",
"uuid" : "2DF066B8-F310-44BB-B6BE-BC6D5BDEE0AB"
}
],
"zones" : [],
"ldaps" : [],
"nessusManagers" : [],
"pubSites" : [
{
"id":"2","name":"Test1","description":"","type":"CMRS"
}
],
"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
},
"error_code" : 0,
"error_msg" : "",
"warnings" : [],
"timestamp" : 1418050303
}
Edits the Organization associated with {id} or {uuid}, changing only the passed in fields.
Request Parameters
All fields are optional.
See /organization::POST for parameters.
NOTE: Additionally, each "repositories" object may have an extra parameter "allUsers" not listed for the POST:
{
...
"repositories" : [
{
"id" : <number> OR "uuid" : <string>,
"allUsers" : <string> "false" | "true" OPTIONAL
}...
]
...
}
Example Response
See /organization/{id}::GETDeletes the Organization associated with {id} or {uuid}, depending on access and permissions.
Request Parameters
None
Example Response
{
"type" : "regular",
"response" : "",
"error_code" : 0,
"error_msg" : "",
"warnings" : [],
"timestamp" : 1408726272
}
/organization/{id}/acceptRiskRule
/organization/{uuid}/acceptRiskRule
Methods
Gets the list of Accept Risk Rules in the Organization associated with {id} or {uuid}, unless filters are provided.
Fields Parameter
The fields parameter should be specified along the query string, and it takes the syntax
?fields=<field>,...
Allowed Fields
*id
**repository
**organization
**user
**plugin
**hostType
**hostValue
**port
**protocol
**expires
**status
comments
createdTime
modifiedTime
Legend
* = always comes back
** = comes back if fields list not specified on GET all
redFont = field is a JSON object ( e.g. "repository" :{ "id" : <id>, "name" : <name> } )
Filters
repositoryIDs=<number>,... DEFAULT 0 (i.e. all Repositories) OR repositoryUUIDs=<string>,... pluginID=<number> | <string> "all" DEFAULT "all" (i.e. all Plugins) port=<number> | <string> "all" DEFAULT "all" (i.e. all Ports)
Example Response
{
"type" : "regular",
"response" : [
{
"id" : "3",
"hostType" : "all",
"hostValue" : "",
"port" : "any",
"protocol" : "any",
"expires" : "-1",
"status" : "0",
"repository" : {
"id" : "17",
"name" : "New Fields Repo",
"description" : "",
"type" : "Local",
"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
},
"organization" : {
"id" : "8",
"name" : "Org",
"description" : "Testing for Policies with New Schema",
"uuid" : "2E950182-08B6-4737-830B-4ACC8F6B92F9"
},
"user" : {
"id" : "1",
"username" : "head",
"firstname" : "Security Manager",
"lastname" : "",
"uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"
},
"plugin" : {
"id" : "0",
"name" : "Open Port",
"description" : "",
"type" : "active"
}
}
],
"error_code" : 0,
"error_msg" : "",
"warnings" : [],
"timestamp" : 1410275054
}
/organization/{id}/recastRiskRule
/organization/{uuid}/recastRiskRule
Methods
Gets the list of Recast Risk Rules in the Organization associated with {id} or {uuid}, unless filters are provided.
Fields Parameter
The fields parameter should be specified along the query string, and it takes the syntax
?fields=<field>,...
Allowed Fields
*id
**repository
**organization
**user
**plugin
**newSeverity
**hostType
**hostValue
**port
**protocol
**order
**status
comments
createdTime
modifiedTime
Legend
* = always comes back
** = comes back if fields list not specified on GET all
redFont = field is a JSON object ( e.g. "repository" :{ "id" : <id>, "name" : <name> } )
Filters
repositoryIDs=<number>,... DEFAULT 0 (i.e. all Repositories) OR repositoryUUIDs=<string>,... pluginID=<number> | <string> "all" DEFAULT "all" (i.e. all Plugins) port=<number> | <string> "all" DEFAULT "all" (i.e. all Ports)
Example Response
{
"type" : "regular",
"response" : [
{
"id" : "1",
"newSeverity" : "0",
"hostType" : "all",
"hostValue" : "",
"port" : "any",
"protocol" : "any",
"order" : "1",
"status" : "0",
"repository" : {
"id" : "18",
"name" : "New Rep 1",
"description" : "",
"type" : "Local",
"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
},
"organization" : {
"id" : "8",
"name" : "Org",
"description" : "Testing for Policies with New Schema",
"uuid" : "2E950182-08B6-4737-830B-4ACC8F6B92F9"
},
"user" : {
"id" : "1",
"username" : "head",
"firstname" : "Security Manager",
"lastname" : "",
"uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"
},
"plugin" : {
"id" : "0",
"name" : "Open Port",
"description" : "",
"type" : "active"
}
}
],
"error_code" : 0,
"error_msg" : "",
"warnings" : [],
"timestamp" : 1410281615
}