Admin
Account, user, system-status, and version endpoints.
Open →
API Documentation
314 endpoints. Every one with a curl example. The schema your CISO can review before signing.
314 endpoints across 31 tag groups. Every endpoint includes method, path, summary, a copy-pasteable curl example, and the OpenAPI spec for the full request and response shape. Pick a tag group below, or jump to the show-all view.
Getting started
1. Authentication
All requests authenticate with a bearer token. Obtain a token via POST /prime/webui/auth/login and pass it on subsequent requests as Authorization: Bearer <token>. LDAP login is also supported via POST /prime/webui/auth/ldaplogin.
2. Base URL
Replace <host> in the curl examples with the hostname of your CybrIQ deployment. For SaaS-managed deployments this is provided at provisioning; for customer-managed deployments it is the hostname of your control plane.
3. Response formats
Most endpoints return JSON by default. CSV and PDF exports are available on collection-style endpoints (e.g., POST .../exportcsv, POST .../exportpdf).
4. Need access?
API access is provisioned alongside platform deployment. Book a working session to scope access for your environment, or write to contact_us@cybriq.io for the security partnership package and OpenAPI source spec.
Tag Groups
31 tag groups, 314 endpoints.
Pick the area you are working in.
Agents
Endpoints for managing CybrIQ agents, agentless connections, and worker pollers.
Open →AssetProducer
Asset-producer replay and monitor endpoints.
Open →Auth
Authentication endpoints, including local and LDAP login.
Open →Bom
Bill-of-materials component endpoints.
Open →Config
Platform configuration endpoints.
Open →CrowdstrikeIntegration
CrowdStrike integration configuration.
Open →DataApi
Data API for indicator and sub-indicator types.
Open →Elements
Bulk export of elements as CSV or PDF.
Open →EmergencyKey
Emergency-key lookup, status, and export endpoints.
Open →EventApi
Alarm destinations, audit trails, and event export.
Open →General
Debug-log retrieval and general utility endpoints.
Open →GeneralConfig
General platform configuration: tags, server settings, integrations, licensing, and SMTP.
Open →Integration
Integration health and syslog test endpoints.
Open →License
License upload, retrieval, and EULA endpoints.
Open →Location
Location metadata endpoints.
Open →Email-send and notification endpoints.
Open →NetApi
Network-infrastructure endpoints: switches, ports, policies, infrastructure, scan engines, and risk insights.
Open →NetsApiAnalysis
Network analysis endpoints.
Open →Notification
Notification configuration and dispatch endpoints.
Open →Peripherals
Peripheral-device endpoints, including export.
Open →PolicyEngine
Policy-engine configuration and execution endpoints.
Open →ReportManagerApi
Report-manager endpoints for generating and exporting reports.
Open →Reports
Report retrieval and export endpoints.
Open →SendNotification
Notification dispatch endpoints.
Open →ServerSettings
Server-side platform settings.
Open →Tags
Tag management endpoints.
Open →TransformerDataApi
Transformer-data endpoints for ingest pipelines.
Open →UserAttributes
User-defined attribute endpoints.
Open →UserConfigTable
User-configuration table endpoints.
Open →UserQuery
User-saved query endpoints.
Open →API access starts at platform deployment.
Pre-provisioned tokens, OpenAPI spec, and integration support all ship with the engagement.