From 91197ffc910a4143c7edf94426a986e249a6498c Mon Sep 17 00:00:00 2001 From: Gabrielle Rouillard Date: Thu, 21 May 2026 15:27:25 -0400 Subject: [PATCH] Credential actions endpoint documentation --- .../spec/firework-v2-openapi.json | 259 +- .../spec/firework-v2-swagger.json | 796 +-- .../spec/firework-v3-openapi.json | 425 +- .../spec/firework-v3-swagger.json | 448 +- .../spec/firework-v4-openapi.json | 5434 ++++++++++++++++- .../v4/endpoints/credential-actions.mdx | 31 + docs/docs.json | 1 + 7 files changed, 6525 insertions(+), 869 deletions(-) create mode 100644 docs/api-reference/v4/endpoints/credential-actions.mdx diff --git a/docs/api-reference/spec/firework-v2-openapi.json b/docs/api-reference/spec/firework-v2-openapi.json index 9baa937..8111fdb 100644 --- a/docs/api-reference/spec/firework-v2-openapi.json +++ b/docs/api-reference/spec/firework-v2-openapi.json @@ -1321,65 +1321,6 @@ ] } }, - "/firework/v2/activities/{index}/{source}/{id}/translate": { - "post": { - "operationId": "post_translate_activity_/activities////translate", - "parameters": [ - { - "in": "path", - "name": "index", - "required": true, - "schema": { - "type": "string" - } - }, - { - "in": "path", - "name": "source", - "required": true, - "schema": { - "type": "string" - } - }, - { - "in": "path", - "name": "id", - "required": true, - "schema": { - "type": "string" - } - }, - { - "description": "Set the maximum len of translated text.", - "in": "query", - "name": "max_len", - "schema": { - "default": 10000, - "type": "integer" - } - } - ], - "responses": { - "200": { - "content": {}, - "description": "Returns the translation of an activity" - }, - "404": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/HttpError" - } - } - }, - "description": "Activity not found" - } - }, - "tags": [ - "activities" - ] - } - }, "/firework/v2/assets/": { "get": { "operationId": "get_assets_/assets/", @@ -1827,7 +1768,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -1864,9 +1805,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -2147,7 +2092,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -2184,9 +2129,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -2718,7 +2667,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -2755,9 +2704,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -3038,7 +2991,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -3075,9 +3028,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -3436,7 +3393,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -3473,9 +3430,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -3778,7 +3739,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -3815,9 +3776,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -4057,7 +4022,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -4094,9 +4059,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -5181,7 +5150,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -5218,9 +5187,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -5481,7 +5454,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -5518,9 +5491,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -5975,7 +5952,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ], "example": "domain", "type": "string" @@ -5983,30 +5961,33 @@ "search_types": { "items": { "enum": [ - "forum_post", - "bucket", + "listing", + "chat_message", + "stealer_log", + "seller", "source_code_files", - "ransomleak", + "service", + "leak", + "bucket", "financial_data", - "bot", - "source_code_secrets", - "domain", + "mitigated_credential", "ad", "stack_exchange", - "chat_message", - "leak", - "google", - "bucket_object", "docker", - "seller", - "forum_profile", - "service", - "blog_post", - "stealer_log", - "forum_topic", - "listing", "paste", + "domain", "social_media_account", + "source_code_secrets", + "valid_credential", + "forum_profile", + "invalid_credential", + "forum_topic", + "bucket_object", + "blog_post", + "google", + "bot", + "forum_post", + "ransomleak", "illicit_networks", "open_web", "buckets", @@ -6020,7 +6001,7 @@ "infected_devices", "social_media" ], - "example": "forum_post", + "example": "listing", "type": "string" }, "type": "array" @@ -6074,7 +6055,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ], "example": "domain", "type": "string" @@ -6082,29 +6064,32 @@ "search_types": { "items": { "enum": [ - "forum_post", - "bucket", + "listing", + "chat_message", + "stealer_log", + "seller", "source_code_files", - "ransomleak", + "service", + "leak", + "bucket", "financial_data", - "bot", - "source_code_secrets", - "domain", + "mitigated_credential", "stack_exchange", - "chat_message", - "leak", - "google", - "bucket_object", "docker", - "seller", - "forum_profile", - "service", - "blog_post", - "stealer_log", - "forum_topic", - "listing", "paste", + "domain", "social_media_account", + "source_code_secrets", + "valid_credential", + "forum_profile", + "invalid_credential", + "forum_topic", + "bucket_object", + "blog_post", + "google", + "bot", + "forum_post", + "ransomleak", "illicit_networks", "open_web", "buckets", @@ -6117,7 +6102,7 @@ "infected_devices", "social_media" ], - "example": "forum_post", + "example": "listing", "type": "string" }, "type": "array" @@ -6164,6 +6149,7 @@ "SYSTEM_RELATION", "SELF_ONBOARDING", "ATTRIBUTE", + "AUTO_MONITOR", "IDP_SYNC" ], "example": "USER", @@ -6298,9 +6284,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -6428,6 +6418,9 @@ }, "authorization_workflow_enabled": { "type": "boolean" + }, + "allow_support_access": { + "type": "boolean" } }, "required": [ @@ -6482,6 +6475,17 @@ }, "type": "object" }, + "TenantWithCounts": { + "properties": { + "next": { + "type": "string" + }, + "items": { + "$ref": "#/components/schemas/TenantWithCounts" + } + }, + "type": "object" + }, "Tenant": { "properties": { "id": { @@ -6541,17 +6545,6 @@ }, "type": "object" }, - "TenantWithCounts": { - "properties": { - "next": { - "type": "string" - }, - "items": { - "$ref": "#/components/schemas/TenantWithCounts" - } - }, - "type": "object" - }, "UpdatedPermission": { "properties": { "updated_value": { @@ -6658,6 +6651,17 @@ ], "type": "object" }, + "OrganizationMemberPage": { + "properties": { + "members": { + "items": { + "$ref": "#/components/schemas/OrganizationMemberWithMetadata" + }, + "type": "array" + } + }, + "type": "object" + }, "OrganizationMemberWithMetadata": { "properties": { "user": { @@ -6711,17 +6715,6 @@ }, "type": "object" }, - "OrganizationMemberPage": { - "properties": { - "members": { - "items": { - "$ref": "#/components/schemas/OrganizationMemberWithMetadata" - }, - "type": "array" - } - }, - "type": "object" - }, "OrganizationMembersCount": { "properties": { "count": { @@ -7253,9 +7246,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -7463,7 +7460,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ], "example": "domain", "type": "string" @@ -7919,7 +7917,8 @@ "identifier_not_allowed", "identifier_type_not_allowed", "too_many_attributes", - "invalid_attribute_format" + "invalid_attribute_format", + "missing_attributes" ], "example": "unknown_identifier_type", "type": "string" diff --git a/docs/api-reference/spec/firework-v2-swagger.json b/docs/api-reference/spec/firework-v2-swagger.json index 032ae1e..2fffe5c 100644 --- a/docs/api-reference/spec/firework-v2-swagger.json +++ b/docs/api-reference/spec/firework-v2-swagger.json @@ -306,6 +306,17 @@ "type": "string" } ], + "delete": { + "responses": { + "200": { + "description": "Success" + } + }, + "operationId": "delete_activity_user_metadata_notes_/activities////user_metadata/notes", + "tags": [ + "activities" + ] + }, "put": { "responses": { "400": { @@ -335,17 +346,6 @@ "tags": [ "activities" ] - }, - "delete": { - "responses": { - "200": { - "description": "Success" - } - }, - "operationId": "delete_activity_user_metadata_notes_/activities////user_metadata/notes", - "tags": [ - "activities" - ] } }, "/firework/v2/activities/{index}/{source}/{id_}/user_metadata/remediated": { @@ -421,6 +421,17 @@ "type": "string" } ], + "delete": { + "responses": { + "200": { + "description": "Success" + } + }, + "operationId": "delete_activity_user_metadata_risk_score_/activities////user_metadata/risk_score", + "tags": [ + "activities" + ] + }, "put": { "responses": { "400": { @@ -450,17 +461,6 @@ "tags": [ "activities" ] - }, - "delete": { - "responses": { - "200": { - "description": "Success" - } - }, - "operationId": "delete_activity_user_metadata_risk_score_/activities////user_metadata/risk_score", - "tags": [ - "activities" - ] } }, "/firework/v2/activities/{index}/{source}/{id_}/user_metadata/tags": { @@ -484,6 +484,17 @@ "type": "string" } ], + "delete": { + "responses": { + "200": { + "description": "Success" + } + }, + "operationId": "delete_activity_user_metadata_tags_/activities////user_metadata/tags", + "tags": [ + "activities" + ] + }, "put": { "responses": { "200": { @@ -514,17 +525,6 @@ "activities" ] }, - "delete": { - "responses": { - "200": { - "description": "Success" - } - }, - "operationId": "delete_activity_user_metadata_tags_/activities////user_metadata/tags", - "tags": [ - "activities" - ] - }, "get": { "responses": { "200": { @@ -935,55 +935,25 @@ ] } }, - "/firework/v2/activities/{index}/{source}/{id}/translate": { - "parameters": [ - { - "name": "index", - "in": "path", - "required": true, - "type": "string" - }, - { - "name": "source", - "in": "path", - "required": true, - "type": "string" - }, - { - "name": "id", - "in": "path", - "required": true, - "type": "string" - } - ], - "post": { + "/firework/v2/assets/": { + "get": { "responses": { "200": { - "description": "Returns the translation of an activity" - }, - "404": { - "description": "Activity not found", + "description": "Success", "schema": { - "$ref": "#/definitions/HttpError" + "properties": { + "assets": { + "$ref": "#/definitions/Identifier" + } + } } } }, - "operationId": "post_translate_activity_/activities////translate", - "parameters": [ - { - "name": "max_len", - "in": "query", - "type": "integer", - "description": "Set the maximum len of translated text.", - "default": 10000 - } - ], + "operationId": "get_assets_/assets/", "tags": [ - "activities" + "Identifiers" ] - } - }, - "/firework/v2/assets/": { + }, "post": { "responses": { "200": { @@ -1017,27 +987,27 @@ "tags": [ "Identifiers" ] - }, + } + }, + "/firework/v2/assets/groups/": { "get": { "responses": { "200": { "description": "Success", "schema": { "properties": { - "assets": { - "$ref": "#/definitions/Identifier" + "assets_groups": { + "$ref": "#/definitions/IdentifierGroup" } } } } }, - "operationId": "get_assets_/assets/", + "operationId": "get_assets_groups_/assets/groups/", "tags": [ "Identifiers" ] - } - }, - "/firework/v2/assets/groups/": { + }, "post": { "responses": { "200": { @@ -1071,24 +1041,6 @@ "tags": [ "Identifiers" ] - }, - "get": { - "responses": { - "200": { - "description": "Success", - "schema": { - "properties": { - "assets_groups": { - "$ref": "#/definitions/IdentifierGroup" - } - } - } - } - }, - "operationId": "get_assets_groups_/assets/groups/", - "tags": [ - "Identifiers" - ] } }, "/firework/v2/assets/groups/{assets_group_id}": { @@ -1100,6 +1052,17 @@ "type": "integer" } ], + "delete": { + "responses": { + "200": { + "description": "Success" + } + }, + "operationId": "delete_assets_group_api_/assets/groups/", + "tags": [ + "Identifiers" + ] + }, "put": { "responses": { "200": { @@ -1134,17 +1097,6 @@ "Identifiers" ] }, - "delete": { - "responses": { - "200": { - "description": "Success" - } - }, - "operationId": "delete_assets_group_api_/assets/groups/", - "tags": [ - "Identifiers" - ] - }, "get": { "responses": { "200": { @@ -1173,6 +1125,24 @@ "type": "integer" } ], + "get": { + "responses": { + "200": { + "description": "Success", + "schema": { + "properties": { + "alerts": { + "$ref": "#/definitions/FeedAlert" + } + } + } + } + }, + "operationId": "get_assets_group_alerts_/assets/groups//alerts", + "tags": [ + "Identifiers" + ] + }, "post": { "responses": { "200": { @@ -1196,24 +1166,6 @@ "tags": [ "Identifiers" ] - }, - "get": { - "responses": { - "200": { - "description": "Success", - "schema": { - "properties": { - "alerts": { - "$ref": "#/definitions/FeedAlert" - } - } - } - } - }, - "operationId": "get_assets_group_alerts_/assets/groups//alerts", - "tags": [ - "Identifiers" - ] } }, "/firework/v2/assets/groups/{assets_group_id}/alerts/{alert_id}": { @@ -1231,6 +1183,17 @@ "type": "integer" } ], + "delete": { + "responses": { + "200": { + "description": "Success" + } + }, + "operationId": "delete_assets_group_alert_/assets/groups//alerts/", + "tags": [ + "Identifiers" + ] + }, "put": { "responses": { "200": { @@ -1254,17 +1217,6 @@ "tags": [ "Identifiers" ] - }, - "delete": { - "responses": { - "200": { - "description": "Success" - } - }, - "operationId": "delete_assets_group_alert_/assets/groups//alerts/", - "tags": [ - "Identifiers" - ] } }, "/firework/v2/assets/groups/{assets_group_id}/feed": { @@ -1276,7 +1228,7 @@ "type": "integer" } ], - "post": { + "get": { "responses": { "404": { "description": "Identifier group does not exist.", @@ -1297,7 +1249,7 @@ } } }, - "operationId": "post_assets_group_feed_/assets/groups//feed", + "operationId": "get_assets_group_feed_/assets/groups//feed", "parameters": [ { "name": "fields", @@ -1354,7 +1306,7 @@ "name": "types", "in": "query", "type": "array", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "items": { "type": "string" }, @@ -1391,9 +1343,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -1532,7 +1488,7 @@ "Identifiers" ] }, - "get": { + "post": { "responses": { "404": { "description": "Identifier group does not exist.", @@ -1553,7 +1509,7 @@ } } }, - "operationId": "get_assets_group_feed_/assets/groups//feed", + "operationId": "post_assets_group_feed_/assets/groups//feed", "parameters": [ { "name": "fields", @@ -1610,7 +1566,7 @@ "name": "types", "in": "query", "type": "array", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "items": { "type": "string" }, @@ -1647,9 +1603,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -1798,6 +1758,17 @@ "type": "integer" } ], + "delete": { + "responses": { + "200": { + "description": "Success" + } + }, + "operationId": "delete_asset_api_/assets/", + "tags": [ + "Identifiers" + ] + }, "put": { "responses": { "400": { @@ -1832,17 +1803,6 @@ "Identifiers" ] }, - "delete": { - "responses": { - "200": { - "description": "Success" - } - }, - "operationId": "delete_asset_api_/assets/", - "tags": [ - "Identifiers" - ] - }, "get": { "responses": { "200": { @@ -1871,6 +1831,24 @@ "type": "integer" } ], + "get": { + "responses": { + "200": { + "description": "Success", + "schema": { + "properties": { + "alerts": { + "$ref": "#/definitions/FeedAlert" + } + } + } + } + }, + "operationId": "get_asset_alerts_/assets//alerts", + "tags": [ + "Identifiers" + ] + }, "post": { "responses": { "200": { @@ -1894,24 +1872,6 @@ "tags": [ "Identifiers" ] - }, - "get": { - "responses": { - "200": { - "description": "Success", - "schema": { - "properties": { - "alerts": { - "$ref": "#/definitions/FeedAlert" - } - } - } - } - }, - "operationId": "get_asset_alerts_/assets//alerts", - "tags": [ - "Identifiers" - ] } }, "/firework/v2/assets/{asset_id}/alerts/{alert_id}": { @@ -1929,6 +1889,17 @@ "type": "integer" } ], + "delete": { + "responses": { + "200": { + "description": "Success" + } + }, + "operationId": "delete_asset_alert_/assets//alerts/", + "tags": [ + "Identifiers" + ] + }, "put": { "responses": { "200": { @@ -1952,17 +1923,6 @@ "tags": [ "Identifiers" ] - }, - "delete": { - "responses": { - "200": { - "description": "Success" - } - }, - "operationId": "delete_asset_alert_/assets//alerts/", - "tags": [ - "Identifiers" - ] } }, "/firework/v2/assets/{asset_id}/feed": { @@ -1974,7 +1934,7 @@ "type": "integer" } ], - "post": { + "get": { "responses": { "404": { "description": "Identifier does not exist.", @@ -1995,7 +1955,7 @@ } } }, - "operationId": "post_asset_feed_/assets//feed", + "operationId": "get_asset_feed_/assets//feed", "parameters": [ { "name": "fields", @@ -2052,7 +2012,7 @@ "name": "types", "in": "query", "type": "array", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "items": { "type": "string" }, @@ -2089,9 +2049,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -2230,7 +2194,7 @@ "Identifiers" ] }, - "get": { + "post": { "responses": { "404": { "description": "Identifier does not exist.", @@ -2251,7 +2215,7 @@ } } }, - "operationId": "get_asset_feed_/assets//feed", + "operationId": "post_asset_feed_/assets//feed", "parameters": [ { "name": "fields", @@ -2308,7 +2272,7 @@ "name": "types", "in": "query", "type": "array", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "items": { "type": "string" }, @@ -2345,9 +2309,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -2631,7 +2599,7 @@ "name": "types", "in": "query", "type": "array", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "items": { "type": "string" }, @@ -2668,9 +2636,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -2849,7 +2821,7 @@ } }, "/firework/v2/me/feed": { - "post": { + "get": { "responses": { "200": { "description": "The user's home feed activities", @@ -2858,7 +2830,7 @@ } } }, - "operationId": "post_current_user_home_feed_/me/feed", + "operationId": "get_current_user_home_feed_/me/feed", "parameters": [ { "name": "time", @@ -2905,7 +2877,7 @@ "name": "types", "in": "query", "type": "array", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "items": { "type": "string" }, @@ -2942,9 +2914,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -3083,7 +3059,7 @@ "me" ] }, - "get": { + "post": { "responses": { "200": { "description": "The user's home feed activities", @@ -3092,7 +3068,7 @@ } } }, - "operationId": "get_current_user_home_feed_/me/feed", + "operationId": "post_current_user_home_feed_/me/feed", "parameters": [ { "name": "time", @@ -3139,7 +3115,7 @@ "name": "types", "in": "query", "type": "array", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "items": { "type": "string" }, @@ -3176,9 +3152,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -3319,30 +3299,6 @@ } }, "/firework/v2/me/feed/credentials": { - "post": { - "responses": { - "200": { - "description": "Success", - "schema": { - "$ref": "#/definitions/PaginatedCredentials" - } - } - }, - "operationId": "post_leaked_credentials_feed_endpoint_/me/feed/credentials", - "parameters": [ - { - "name": "payload", - "required": true, - "in": "body", - "schema": { - "$ref": "#/definitions/UserUpdate" - } - } - ], - "tags": [ - "me" - ] - }, "get": { "responses": { "200": { @@ -3379,6 +3335,30 @@ "tags": [ "me" ] + }, + "post": { + "responses": { + "200": { + "description": "Success", + "schema": { + "$ref": "#/definitions/PaginatedCredentials" + } + } + }, + "operationId": "post_leaked_credentials_feed_endpoint_/me/feed/credentials", + "parameters": [ + { + "name": "payload", + "required": true, + "in": "body", + "schema": { + "$ref": "#/definitions/UserUpdate" + } + } + ], + "tags": [ + "me" + ] } }, "/firework/v2/me/profile": { @@ -3450,7 +3430,7 @@ "type": "integer" } ], - "post": { + "get": { "responses": { "404": { "description": "Organization not found", @@ -3461,30 +3441,34 @@ "200": { "description": "Success", "schema": { - "properties": { - "member": { - "$ref": "#/definitions/OrganizationMemberWithMetadata" - } - } + "$ref": "#/definitions/OrganizationMemberPage" } } }, - "operationId": "post_organization_members_api_/organizations//members", + "operationId": "get_organization_members_api_/organizations//members", "parameters": [ { - "name": "payload", - "required": true, - "in": "body", - "schema": { - "$ref": "#/definitions/OrganizationMemberData" - } + "name": "size", + "in": "query", + "type": "integer", + "default": 20 + }, + { + "name": "from", + "in": "query", + "type": "string" + }, + { + "name": "q", + "in": "query", + "type": "string" } ], "tags": [ "organizations" ] }, - "get": { + "post": { "responses": { "404": { "description": "Organization not found", @@ -3495,27 +3479,23 @@ "200": { "description": "Success", "schema": { - "$ref": "#/definitions/OrganizationMemberPage" + "properties": { + "member": { + "$ref": "#/definitions/OrganizationMemberWithMetadata" + } + } } } }, - "operationId": "get_organization_members_api_/organizations//members", + "operationId": "post_organization_members_api_/organizations//members", "parameters": [ { - "name": "size", - "in": "query", - "type": "integer", - "default": 20 - }, - { - "name": "from", - "in": "query", - "type": "string" - }, - { - "name": "q", - "in": "query", - "type": "string" + "name": "payload", + "required": true, + "in": "body", + "schema": { + "$ref": "#/definitions/OrganizationMemberData" + } } ], "tags": [ @@ -3798,6 +3778,20 @@ "type": "integer" } ], + "get": { + "responses": { + "200": { + "description": "Success", + "schema": { + "$ref": "#/definitions/TenantWithCounts" + } + } + }, + "operationId": "get_organization_tenants_api_/organizations//tenants", + "tags": [ + "organizations" + ] + }, "post": { "responses": { "200": { @@ -3821,23 +3815,20 @@ "tags": [ "organizations" ] - }, + } + }, + "/firework/v2/reporting/reports": { "get": { "responses": { "200": { - "description": "Success", - "schema": { - "$ref": "#/definitions/TenantWithCounts" - } + "description": "Lists reports for the current tenant, ordered from newest to oldest." } }, - "operationId": "get_organization_tenants_api_/organizations//tenants", + "operationId": "get_reports_endpoint_/reporting/reports", "tags": [ - "organizations" + "reporting" ] - } - }, - "/firework/v2/reporting/reports": { + }, "post": { "responses": { "200": { @@ -3858,17 +3849,6 @@ "tags": [ "reporting" ] - }, - "get": { - "responses": { - "200": { - "description": "Lists reports for the current tenant, ordered from newest to oldest." - } - }, - "operationId": "get_reports_endpoint_/reporting/reports", - "tags": [ - "reporting" - ] } }, "/firework/v2/reporting/reports/{report_id}": { @@ -3880,45 +3860,45 @@ "type": "integer" } ], - "patch": { + "delete": { "responses": { "200": { - "description": "Updates a report." + "description": "Deletes a report." } }, - "operationId": "patch_report_endpoint_/reporting/reports/", - "parameters": [ - { - "name": "payload", - "required": true, - "in": "body", - "schema": { - "$ref": "#/definitions/UpdatedReport" - } - } - ], + "operationId": "delete_report_endpoint_/reporting/reports/", "tags": [ "reporting" ] }, - "delete": { + "get": { "responses": { "200": { - "description": "Deletes a report." + "description": "Returns a report and its elements." } }, - "operationId": "delete_report_endpoint_/reporting/reports/", + "operationId": "get_report_endpoint_/reporting/reports/", "tags": [ "reporting" ] }, - "get": { + "patch": { "responses": { "200": { - "description": "Returns a report and its elements." + "description": "Updates a report." } }, - "operationId": "get_report_endpoint_/reporting/reports/", + "operationId": "patch_report_endpoint_/reporting/reports/", + "parameters": [ + { + "name": "payload", + "required": true, + "in": "body", + "schema": { + "$ref": "#/definitions/UpdatedReport" + } + } + ], "tags": [ "reporting" ] @@ -3967,7 +3947,7 @@ } }, "/firework/v2/search/": { - "post": { + "get": { "responses": { "400": { "description": "Query is invalid.", @@ -3982,7 +3962,7 @@ } } }, - "operationId": "post_search_/search/", + "operationId": "get_search_/search/", "parameters": [ { "name": "fields", @@ -4039,7 +4019,7 @@ "name": "types", "in": "query", "type": "array", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "items": { "type": "string" }, @@ -4076,9 +4056,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -4215,7 +4199,7 @@ "search" ] }, - "get": { + "post": { "responses": { "400": { "description": "Query is invalid.", @@ -4230,7 +4214,7 @@ } } }, - "operationId": "get_search_/search/", + "operationId": "post_search_/search/", "parameters": [ { "name": "fields", @@ -4287,7 +4271,7 @@ "name": "types", "in": "query", "type": "array", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: forum_post, financial_data, blog_post, stealer_log, bot, forum_topic, seller, listing, forum_profile, ransomleak, chat_message\n- open_web: google, bucket_object, docker, source_code_secrets, bucket, paste, source_code_files, social_media_account, stack_exchange, service\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: seller, listing, forum_profile, chat_message, financial_data, bot, forum_post, forum_topic, stealer_log, ransomleak, blog_post\n- open_web: source_code_files, service, source_code_secrets, bucket, stack_exchange, docker, social_media_account, paste, bucket_object, google\n- leaks: valid_credential, leak, invalid_credential, mitigated_credential\n- domains: domain\n", "items": { "type": "string" }, @@ -4324,9 +4308,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -4542,6 +4530,20 @@ "type": "integer" } ], + "get": { + "responses": { + "200": { + "description": "Success", + "schema": { + "$ref": "#/definitions/TenantUsers" + } + } + }, + "operationId": "get_tenant_users_api_/tenants//users", + "tags": [ + "tenants" + ] + }, "post": { "responses": { "200": { @@ -4562,20 +4564,6 @@ "tags": [ "tenants" ] - }, - "get": { - "responses": { - "200": { - "description": "Success", - "schema": { - "$ref": "#/definitions/TenantUsers" - } - } - }, - "operationId": "get_tenant_users_api_/tenants//users", - "tags": [ - "tenants" - ] } }, "/firework/v2/tenants/{tenant_id}/users/{user_id}": { @@ -4726,39 +4714,43 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ] }, "search_types": { "type": "array", "items": { "type": "string", - "example": "forum_post", + "example": "listing", "enum": [ - "forum_post", - "bucket", + "listing", + "chat_message", + "stealer_log", + "seller", "source_code_files", - "ransomleak", + "service", + "leak", + "bucket", "financial_data", - "bot", - "source_code_secrets", - "domain", + "mitigated_credential", "ad", "stack_exchange", - "chat_message", - "leak", - "google", - "bucket_object", "docker", - "seller", - "forum_profile", - "service", - "blog_post", - "stealer_log", - "forum_topic", - "listing", "paste", + "domain", "social_media_account", + "source_code_secrets", + "valid_credential", + "forum_profile", + "invalid_credential", + "forum_topic", + "bucket_object", + "blog_post", + "google", + "bot", + "forum_post", + "ransomleak", "illicit_networks", "open_web", "buckets", @@ -4824,38 +4816,42 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ] }, "search_types": { "type": "array", "items": { "type": "string", - "example": "forum_post", + "example": "listing", "enum": [ - "forum_post", - "bucket", + "listing", + "chat_message", + "stealer_log", + "seller", "source_code_files", - "ransomleak", + "service", + "leak", + "bucket", "financial_data", - "bot", - "source_code_secrets", - "domain", + "mitigated_credential", "stack_exchange", - "chat_message", - "leak", - "google", - "bucket_object", "docker", - "seller", - "forum_profile", - "service", - "blog_post", - "stealer_log", - "forum_topic", - "listing", "paste", + "domain", "social_media_account", + "source_code_secrets", + "valid_credential", + "forum_profile", + "invalid_credential", + "forum_topic", + "bucket_object", + "blog_post", + "google", + "bot", + "forum_post", + "ransomleak", "illicit_networks", "open_web", "buckets", @@ -4920,6 +4916,7 @@ "SYSTEM_RELATION", "SELF_ONBOARDING", "ATTRIBUTE", + "AUTO_MONITOR", "IDP_SYNC" ] }, @@ -5078,9 +5075,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -5261,6 +5262,9 @@ }, "authorization_workflow_enabled": { "type": "boolean" + }, + "allow_support_access": { + "type": "boolean" } }, "type": "object" @@ -5380,6 +5384,24 @@ }, "type": "object" }, + "TenantWithCounts": { + "properties": { + "next": { + "type": "string" + }, + "items": { + "$ref": "#/definitions/TenantWithCounts" + }, + "total_count": { + "type": [ + "integer", + "null" + ], + "example": "nullable integer" + } + }, + "type": "object" + }, "Tenant": { "properties": { "id": { @@ -5452,23 +5474,13 @@ "format": "date-time", "description": "The date when tenant access ends", "example": "nullable date" - } - }, - "type": "object" - }, - "TenantWithCounts": { - "properties": { - "next": { - "type": "string" }, - "items": { - "$ref": "#/definitions/TenantWithCounts" - }, - "total_count": { + "hubspot_tenant_id": { "type": [ "integer", "null" ], + "description": "The HubSpot tenant ID", "example": "nullable integer" } }, @@ -5547,6 +5559,13 @@ "send_welcome_email": { "type": "boolean", "default": true + }, + "auth_tenant_id": { + "type": [ + "integer", + "null" + ], + "example": "nullable integer" } }, "type": "object" @@ -5574,6 +5593,24 @@ }, "type": "object" }, + "OrganizationMemberPage": { + "properties": { + "members": { + "type": "array", + "items": { + "$ref": "#/definitions/OrganizationMemberWithMetadata" + } + }, + "next": { + "type": [ + "string", + "null" + ], + "example": "nullable string" + } + }, + "type": "object" + }, "OrganizationMemberWithMetadata": { "properties": { "user": { @@ -5619,6 +5656,13 @@ "urn": { "type": "string", "description": "The uniform resource name of the member." + }, + "auth_tenant_id": { + "type": [ + "integer", + "null" + ], + "example": "nullable integer" } }, "type": "object" @@ -5634,24 +5678,6 @@ }, "type": "object" }, - "OrganizationMemberPage": { - "properties": { - "members": { - "type": "array", - "items": { - "$ref": "#/definitions/OrganizationMemberWithMetadata" - } - }, - "next": { - "type": [ - "string", - "null" - ], - "example": "nullable string" - } - }, - "type": "object" - }, "OrganizationMembersCount": { "properties": { "count": { @@ -6231,9 +6257,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -6440,7 +6470,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ] } }, @@ -6905,7 +6936,8 @@ "identifier_not_allowed", "identifier_type_not_allowed", "too_many_attributes", - "invalid_attribute_format" + "invalid_attribute_format", + "missing_attributes" ] }, "message": { diff --git a/docs/api-reference/spec/firework-v3-openapi.json b/docs/api-reference/spec/firework-v3-openapi.json index d357a6f..3d22e99 100644 --- a/docs/api-reference/spec/firework-v3-openapi.json +++ b/docs/api-reference/spec/firework-v3-openapi.json @@ -237,21 +237,47 @@ "name": "type", "schema": { "enum": [ - "subdomain_of", - "mentioned_in", - "contributed_to", + "analysis_of", + "attributed_to", + "authored_by", + "based_on", + "beacons_to", + "characterizes", "commits_with", + "communicates_with", + "compromises", + "consists_of", + "contributed_to", + "controls", + "delivers", + "downloads", + "drops", + "dynamic_analysis_of", + "exfiltrate_to", + "exploits", "found_from", - "resolves_to", + "has", "has_account_on", "has_favicon", "has_screenshot", - "looks_like", + "hosts", + "impersonates", + "indicates", + "investigates", "links_to_azure_tenant", + "located_at", + "looks_like", + "mentioned_in", + "mitigates", + "originates_from", "owns", + "related_to", + "resolves_to", + "static_analysis_of", + "subdomain_of", + "targets", "uses", - "consists_of", - "related_to" + "variant_of" ], "type": "string" } @@ -262,28 +288,55 @@ "name": "target_type", "schema": { "enum": [ - "github_repository", - "username", - "user_id", - "domain", - "brand", - "name", - "keyword", - "search_query", - "bin", - "ip", - "email", "account", - "secret", + "azure_tenant", + "bin", + "brand", "credentials", + "cve", + "directory", + "domain", + "email", + "external_id", "favicon", + "file", + "filename", + "canonical_name", + "country", + "github_repository", + "ip", + "ipv6_addr", + "keyword", + "mac_addr", + "mitre_technique", + "mutex", + "name", + "ransomleak", "screenshot", - "azure_tenant", + "search_query", + "secret", "thread", + "url", + "user_id", + "username", + "windows_registry_key", + "x509_certificate", "actor", - "cve", + "attack_pattern", + "chat_channel", + "campaign", + "external_report", + "forum_thread", "identity", - "forum_thread" + "indicator", + "infrastructure", + "location", + "malware", + "organization", + "threat_actor", + "threat_actor_group", + "tool", + "vulnerability" ], "type": "string" } @@ -294,28 +347,55 @@ "name": "source_type", "schema": { "enum": [ - "github_repository", - "username", - "user_id", - "domain", - "brand", - "name", - "keyword", - "search_query", - "bin", - "ip", - "email", "account", - "secret", + "azure_tenant", + "bin", + "brand", "credentials", + "cve", + "directory", + "domain", + "email", + "external_id", "favicon", + "file", + "filename", + "canonical_name", + "country", + "github_repository", + "ip", + "ipv6_addr", + "keyword", + "mac_addr", + "mitre_technique", + "mutex", + "name", + "ransomleak", "screenshot", - "azure_tenant", + "search_query", + "secret", "thread", + "url", + "user_id", + "username", + "windows_registry_key", + "x509_certificate", "actor", - "cve", + "attack_pattern", + "chat_channel", + "campaign", + "external_report", + "forum_thread", "identity", - "forum_thread" + "indicator", + "infrastructure", + "location", + "malware", + "organization", + "threat_actor", + "threat_actor_group", + "tool", + "vulnerability" ], "type": "string" } @@ -483,7 +563,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: blog_post, ransomleak, chat_message, forum_post, stealer_log, forum_profile, bot, forum_topic, financial_data, seller, listing\n- open_web: docker, source_code_files, stack_exchange, google, bucket_object, source_code_secrets, social_media_account, bucket, service, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, forum_post, forum_profile, chat_message, stealer_log, blog_post, ransomleak, bot, seller, listing, forum_topic\n- open_web: source_code_secrets, bucket_object, source_code_files, service, paste, docker, stack_exchange, social_media_account, google, bucket\n- leaks: leak, valid_credential, invalid_credential, mitigated_credential\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -520,9 +600,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -803,7 +887,7 @@ } }, { - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: blog_post, ransomleak, chat_message, forum_post, stealer_log, forum_profile, bot, forum_topic, financial_data, seller, listing\n- open_web: docker, source_code_files, stack_exchange, google, bucket_object, source_code_secrets, social_media_account, bucket, service, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, forum_post, forum_profile, chat_message, stealer_log, blog_post, ransomleak, bot, seller, listing, forum_topic\n- open_web: source_code_secrets, bucket_object, source_code_files, service, paste, docker, stack_exchange, social_media_account, google, bucket\n- leaks: leak, valid_credential, invalid_credential, mitigated_credential\n- domains: domain\n", "explode": true, "in": "query", "name": "types", @@ -840,9 +924,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -1063,21 +1151,47 @@ "name": "type", "schema": { "enum": [ - "subdomain_of", - "mentioned_in", - "contributed_to", + "analysis_of", + "attributed_to", + "authored_by", + "based_on", + "beacons_to", + "characterizes", "commits_with", + "communicates_with", + "compromises", + "consists_of", + "contributed_to", + "controls", + "delivers", + "downloads", + "drops", + "dynamic_analysis_of", + "exfiltrate_to", + "exploits", "found_from", - "resolves_to", + "has", "has_account_on", "has_favicon", "has_screenshot", - "looks_like", + "hosts", + "impersonates", + "indicates", + "investigates", "links_to_azure_tenant", + "located_at", + "looks_like", + "mentioned_in", + "mitigates", + "originates_from", "owns", + "related_to", + "resolves_to", + "static_analysis_of", + "subdomain_of", + "targets", "uses", - "consists_of", - "related_to" + "variant_of" ], "type": "string" } @@ -1088,28 +1202,55 @@ "name": "related_type", "schema": { "enum": [ - "github_repository", - "username", - "user_id", - "domain", - "brand", - "name", - "keyword", - "search_query", - "bin", - "ip", - "email", "account", - "secret", + "azure_tenant", + "bin", + "brand", "credentials", + "cve", + "directory", + "domain", + "email", + "external_id", "favicon", + "file", + "filename", + "canonical_name", + "country", + "github_repository", + "ip", + "ipv6_addr", + "keyword", + "mac_addr", + "mitre_technique", + "mutex", + "name", + "ransomleak", "screenshot", - "azure_tenant", + "search_query", + "secret", "thread", + "url", + "user_id", + "username", + "windows_registry_key", + "x509_certificate", "actor", - "cve", + "attack_pattern", + "chat_channel", + "campaign", + "external_report", + "forum_thread", "identity", - "forum_thread" + "indicator", + "infrastructure", + "location", + "malware", + "organization", + "threat_actor", + "threat_actor_group", + "tool", + "vulnerability" ], "type": "string" } @@ -1214,7 +1355,8 @@ "COUNTED", "SYSTEM", "USER_AND_ATTRIBUTE", - "USER_AND_SYSTEM" + "USER_AND_SYSTEM", + "AUTO_MONITOR" ], "type": "string" } @@ -1269,7 +1411,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ], "items": { "type": "string" @@ -1356,7 +1499,8 @@ "COUNTED", "SYSTEM", "USER_AND_ATTRIBUTE", - "USER_AND_SYSTEM" + "USER_AND_SYSTEM", + "AUTO_MONITOR" ], "type": "string" } @@ -1411,7 +1555,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ], "items": { "type": "string" @@ -1673,7 +1818,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ], "items": { "type": "string" @@ -1764,30 +1910,57 @@ }, "asset_type": { "enum": [ - "github_repository", - "username", - "user_id", - "domain", - "brand", - "name", - "keyword", - "search_query", - "bin", - "ip", - "email", "account", - "secret", + "azure_tenant", + "bin", + "brand", "credentials", + "cve", + "directory", + "domain", + "email", + "external_id", "favicon", + "file", + "filename", + "canonical_name", + "country", + "github_repository", + "ip", + "ipv6_addr", + "keyword", + "mac_addr", + "mitre_technique", + "mutex", + "name", + "ransomleak", "screenshot", - "azure_tenant", + "search_query", + "secret", "thread", + "url", + "user_id", + "username", + "windows_registry_key", + "x509_certificate", "actor", - "cve", + "attack_pattern", + "chat_channel", + "campaign", + "external_report", + "forum_thread", "identity", - "forum_thread" + "indicator", + "infrastructure", + "location", + "malware", + "organization", + "threat_actor", + "threat_actor_group", + "tool", + "vulnerability" ], - "example": "github_repository", + "example": "account", "type": "string" }, "data": { @@ -1901,23 +2074,49 @@ }, "type": { "enum": [ - "subdomain_of", - "mentioned_in", - "contributed_to", + "analysis_of", + "attributed_to", + "authored_by", + "based_on", + "beacons_to", + "characterizes", "commits_with", + "communicates_with", + "compromises", + "consists_of", + "contributed_to", + "controls", + "delivers", + "downloads", + "drops", + "dynamic_analysis_of", + "exfiltrate_to", + "exploits", "found_from", - "resolves_to", + "has", "has_account_on", "has_favicon", "has_screenshot", - "looks_like", + "hosts", + "impersonates", + "indicates", + "investigates", "links_to_azure_tenant", + "located_at", + "looks_like", + "mentioned_in", + "mitigates", + "originates_from", "owns", + "related_to", + "resolves_to", + "static_analysis_of", + "subdomain_of", + "targets", "uses", - "consists_of", - "related_to" + "variant_of" ], - "example": "subdomain_of", + "example": "analysis_of", "type": "string" }, "metadata": { @@ -2063,7 +2262,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ], "example": "domain", "type": "string" @@ -2102,9 +2302,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -2175,6 +2379,7 @@ "SYSTEM_RELATION", "SELF_ONBOARDING", "ATTRIBUTE", + "AUTO_MONITOR", "IDP_SYNC" ], "example": "USER", @@ -2357,7 +2562,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ], "example": "domain", "type": "string" @@ -2521,7 +2727,8 @@ "activity_discovery", "subdomain_from_domain", "azure_tenant_from_domain", - "domain_from_azure_tenant" + "domain_from_azure_tenant", + "llm_based" ], "example": "email_from_domain", "type": "string" @@ -2529,6 +2736,9 @@ "seen_at": { "format": "date-time", "type": "string" + }, + "reason": { + "type": "string" } }, "type": "object" @@ -2541,13 +2751,12 @@ "tenant_id": { "type": "integer" }, - "asset_id": { - "type": "integer" - }, - "name": { - "type": "string" - }, - "asset_type": { + "group_type": { + "enum": [ + "identifiers", + "llm" + ], + "example": "identifiers", "type": "string" }, "filtered_recommendations_count": { @@ -2562,6 +2771,12 @@ }, "type": "array" }, + "available_relevancy_score_types": { + "items": { + "type": "string" + }, + "type": "array" + }, "last_updated_at": { "format": "date-time", "type": "string" @@ -2577,10 +2792,12 @@ "tenant_id": { "type": "integer" }, - "asset_id": { - "type": "integer" - }, - "name": { + "group_type": { + "enum": [ + "identifiers", + "llm" + ], + "example": "identifiers", "type": "string" } }, diff --git a/docs/api-reference/spec/firework-v3-swagger.json b/docs/api-reference/spec/firework-v3-swagger.json index 4ebfd96..c07ce93 100644 --- a/docs/api-reference/spec/firework-v3-swagger.json +++ b/docs/api-reference/spec/firework-v3-swagger.json @@ -176,21 +176,47 @@ "type": "string", "description": "The `type` parameter is used to filter which type of relation we want to list \n\n", "enum": [ - "subdomain_of", - "mentioned_in", - "contributed_to", + "analysis_of", + "attributed_to", + "authored_by", + "based_on", + "beacons_to", + "characterizes", "commits_with", + "communicates_with", + "compromises", + "consists_of", + "contributed_to", + "controls", + "delivers", + "downloads", + "drops", + "dynamic_analysis_of", + "exfiltrate_to", + "exploits", "found_from", - "resolves_to", + "has", "has_account_on", "has_favicon", "has_screenshot", - "looks_like", + "hosts", + "impersonates", + "indicates", + "investigates", "links_to_azure_tenant", + "located_at", + "looks_like", + "mentioned_in", + "mitigates", + "originates_from", "owns", + "related_to", + "resolves_to", + "static_analysis_of", + "subdomain_of", + "targets", "uses", - "consists_of", - "related_to" + "variant_of" ] }, { @@ -199,28 +225,55 @@ "type": "string", "description": "The `target_type` parameter is used to filter which type of target assets related we want to list \n\nUsed only with `source_uuid` \n\n", "enum": [ - "github_repository", - "username", - "user_id", - "domain", - "brand", - "name", - "keyword", - "search_query", - "bin", - "ip", - "email", "account", - "secret", + "azure_tenant", + "bin", + "brand", "credentials", + "cve", + "directory", + "domain", + "email", + "external_id", "favicon", + "file", + "filename", + "canonical_name", + "country", + "github_repository", + "ip", + "ipv6_addr", + "keyword", + "mac_addr", + "mitre_technique", + "mutex", + "name", + "ransomleak", "screenshot", - "azure_tenant", + "search_query", + "secret", "thread", + "url", + "user_id", + "username", + "windows_registry_key", + "x509_certificate", "actor", - "cve", + "attack_pattern", + "chat_channel", + "campaign", + "external_report", + "forum_thread", "identity", - "forum_thread" + "indicator", + "infrastructure", + "location", + "malware", + "organization", + "threat_actor", + "threat_actor_group", + "tool", + "vulnerability" ] }, { @@ -229,28 +282,55 @@ "type": "string", "description": "The `source_type` parameter is used to filter which type of source assets related we want to list \n\nUsed only with `target_uuid` \n\n", "enum": [ - "github_repository", - "username", - "user_id", - "domain", - "brand", - "name", - "keyword", - "search_query", - "bin", - "ip", - "email", "account", - "secret", + "azure_tenant", + "bin", + "brand", "credentials", + "cve", + "directory", + "domain", + "email", + "external_id", "favicon", + "file", + "filename", + "canonical_name", + "country", + "github_repository", + "ip", + "ipv6_addr", + "keyword", + "mac_addr", + "mitre_technique", + "mutex", + "name", + "ransomleak", "screenshot", - "azure_tenant", + "search_query", + "secret", "thread", + "url", + "user_id", + "username", + "windows_registry_key", + "x509_certificate", "actor", - "cve", + "attack_pattern", + "chat_channel", + "campaign", + "external_report", + "forum_thread", "identity", - "forum_thread" + "indicator", + "infrastructure", + "location", + "malware", + "organization", + "threat_actor", + "threat_actor_group", + "tool", + "vulnerability" ] }, { @@ -401,7 +481,7 @@ "name": "types", "in": "query", "type": "array", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: blog_post, ransomleak, chat_message, forum_post, stealer_log, forum_profile, bot, forum_topic, financial_data, seller, listing\n- open_web: docker, source_code_files, stack_exchange, google, bucket_object, source_code_secrets, social_media_account, bucket, service, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, forum_post, forum_profile, chat_message, stealer_log, blog_post, ransomleak, bot, seller, listing, forum_topic\n- open_web: source_code_secrets, bucket_object, source_code_files, service, paste, docker, stack_exchange, social_media_account, google, bucket\n- leaks: leak, valid_credential, invalid_credential, mitigated_credential\n- domains: domain\n", "items": { "type": "string" }, @@ -438,9 +518,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -657,7 +741,7 @@ "name": "types", "in": "query", "type": "array", - "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, illicit_networks, open_web, domains, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: blog_post, ransomleak, chat_message, forum_post, stealer_log, forum_profile, bot, forum_topic, financial_data, seller, listing\n- open_web: docker, source_code_files, stack_exchange, google, bucket_object, source_code_secrets, social_media_account, bucket, service, paste\n- leaks: leak\n- domains: domain\n", + "description": "\nType of activities to search through.\n\n*Expected values* : attachment, listing, ransomleak, forum_post, forum_topic, forum_profile, blog_post, seller, paste, leak, chat_message, domain, bot, stealer_log, infected_devices, driller, driller_forum_topic, driller_forum_post, driller_profile, cc, ccbin, financial_data, leaked_data, leaked_file, document, account, actor, forum_content, blog_content, profile, leaked_credential, valid_credential, invalid_credential, mitigated_credential, illicit_networks, open_web, domains, intelligence_object, leaks, social_media_account, social_media, source_code, source_code_secrets_np, source_code_secrets, source_code_files, docker, stack_exchange, google, service, driller_host, buckets, bucket, bucket_object, whois, cookie, pii, experimental\n\n*Some search types contain others*\n- illicit_networks: financial_data, forum_post, forum_profile, chat_message, stealer_log, blog_post, ransomleak, bot, seller, listing, forum_topic\n- open_web: source_code_secrets, bucket_object, source_code_files, service, paste, docker, stack_exchange, social_media_account, google, bucket\n- leaks: leak, valid_credential, invalid_credential, mitigated_credential\n- domains: domain\n", "items": { "type": "string" }, @@ -694,9 +778,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -862,21 +950,47 @@ "type": "string", "description": "The `type` parameter is used to filter which type of relation we want to list \n\n", "enum": [ - "subdomain_of", - "mentioned_in", - "contributed_to", + "analysis_of", + "attributed_to", + "authored_by", + "based_on", + "beacons_to", + "characterizes", "commits_with", + "communicates_with", + "compromises", + "consists_of", + "contributed_to", + "controls", + "delivers", + "downloads", + "drops", + "dynamic_analysis_of", + "exfiltrate_to", + "exploits", "found_from", - "resolves_to", + "has", "has_account_on", "has_favicon", "has_screenshot", - "looks_like", + "hosts", + "impersonates", + "indicates", + "investigates", "links_to_azure_tenant", + "located_at", + "looks_like", + "mentioned_in", + "mitigates", + "originates_from", "owns", + "related_to", + "resolves_to", + "static_analysis_of", + "subdomain_of", + "targets", "uses", - "consists_of", - "related_to" + "variant_of" ] }, { @@ -885,28 +999,55 @@ "type": "string", "description": "The `related_type` parameter is used to filter which type of assets related we want to list \n\n", "enum": [ - "github_repository", - "username", - "user_id", - "domain", - "brand", - "name", - "keyword", - "search_query", - "bin", - "ip", - "email", "account", - "secret", + "azure_tenant", + "bin", + "brand", "credentials", + "cve", + "directory", + "domain", + "email", + "external_id", "favicon", + "file", + "filename", + "canonical_name", + "country", + "github_repository", + "ip", + "ipv6_addr", + "keyword", + "mac_addr", + "mitre_technique", + "mutex", + "name", + "ransomleak", "screenshot", - "azure_tenant", + "search_query", + "secret", "thread", + "url", + "user_id", + "username", + "windows_registry_key", + "x509_certificate", "actor", - "cve", + "attack_pattern", + "chat_channel", + "campaign", + "external_report", + "forum_thread", "identity", - "forum_thread" + "indicator", + "infrastructure", + "location", + "malware", + "organization", + "threat_actor", + "threat_actor_group", + "tool", + "vulnerability" ] }, { @@ -992,7 +1133,8 @@ "COUNTED", "SYSTEM", "USER_AND_ATTRIBUTE", - "USER_AND_SYSTEM" + "USER_AND_SYSTEM", + "AUTO_MONITOR" ] }, { @@ -1043,7 +1185,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ] }, { @@ -1108,7 +1251,8 @@ "COUNTED", "SYSTEM", "USER_AND_ATTRIBUTE", - "USER_AND_SYSTEM" + "USER_AND_SYSTEM", + "AUTO_MONITOR" ] }, { @@ -1159,7 +1303,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ] }, { @@ -1367,7 +1512,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ] }, { @@ -1459,30 +1605,57 @@ }, "asset_type": { "type": "string", - "example": "github_repository", + "example": "account", "enum": [ - "github_repository", - "username", - "user_id", - "domain", - "brand", - "name", - "keyword", - "search_query", - "bin", - "ip", - "email", "account", - "secret", + "azure_tenant", + "bin", + "brand", "credentials", + "cve", + "directory", + "domain", + "email", + "external_id", "favicon", + "file", + "filename", + "canonical_name", + "country", + "github_repository", + "ip", + "ipv6_addr", + "keyword", + "mac_addr", + "mitre_technique", + "mutex", + "name", + "ransomleak", "screenshot", - "azure_tenant", + "search_query", + "secret", "thread", + "url", + "user_id", + "username", + "windows_registry_key", + "x509_certificate", "actor", - "cve", + "attack_pattern", + "chat_channel", + "campaign", + "external_report", + "forum_thread", "identity", - "forum_thread" + "indicator", + "infrastructure", + "location", + "malware", + "organization", + "threat_actor", + "threat_actor_group", + "tool", + "vulnerability" ] }, "data": { @@ -1595,23 +1768,49 @@ }, "type": { "type": "string", - "example": "subdomain_of", + "example": "analysis_of", "enum": [ - "subdomain_of", - "mentioned_in", - "contributed_to", + "analysis_of", + "attributed_to", + "authored_by", + "based_on", + "beacons_to", + "characterizes", "commits_with", + "communicates_with", + "compromises", + "consists_of", + "contributed_to", + "controls", + "delivers", + "downloads", + "drops", + "dynamic_analysis_of", + "exfiltrate_to", + "exploits", "found_from", - "resolves_to", + "has", "has_account_on", "has_favicon", "has_screenshot", - "looks_like", + "hosts", + "impersonates", + "indicates", + "investigates", "links_to_azure_tenant", + "located_at", + "looks_like", + "mentioned_in", + "mitigates", + "originates_from", "owns", + "related_to", + "resolves_to", + "static_analysis_of", + "subdomain_of", + "targets", "uses", - "consists_of", - "related_to" + "variant_of" ] }, "metadata": { @@ -1764,7 +1963,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ] }, "search_types": { @@ -1804,9 +2004,13 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", + "intelligence_object", "leaks", "social_media_account", "social_media", @@ -1882,6 +2086,7 @@ "SYSTEM_RELATION", "SELF_ONBOARDING", "ATTRIBUTE", + "AUTO_MONITOR", "IDP_SYNC" ] }, @@ -2094,7 +2299,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ] }, "q": { @@ -2265,12 +2471,16 @@ "activity_discovery", "subdomain_from_domain", "azure_tenant_from_domain", - "domain_from_azure_tenant" + "domain_from_azure_tenant", + "llm_based" ] }, "seen_at": { "type": "string", "format": "date-time" + }, + "reason": { + "type": "string" } }, "type": "object" @@ -2284,13 +2494,33 @@ "type": "integer" }, "asset_id": { - "type": "integer" + "type": [ + "integer", + "null" + ], + "example": "nullable integer" }, "name": { - "type": "string" + "type": [ + "string", + "null" + ], + "example": "nullable string" }, "asset_type": { - "type": "string" + "type": [ + "string", + "null" + ], + "example": "nullable string" + }, + "group_type": { + "type": "string", + "example": "identifiers", + "enum": [ + "identifiers", + "llm" + ] }, "filtered_recommendations_count": { "type": "integer" @@ -2304,6 +2534,12 @@ "type": "string" } }, + "available_relevancy_score_types": { + "type": "array", + "items": { + "type": "string" + } + }, "last_updated_at": { "type": "string", "format": "date-time" @@ -2320,10 +2556,26 @@ "type": "integer" }, "asset_id": { - "type": "integer" + "type": [ + "integer", + "null" + ], + "example": "nullable integer" }, "name": { - "type": "string" + "type": [ + "string", + "null" + ], + "example": "nullable string" + }, + "group_type": { + "type": "string", + "example": "identifiers", + "enum": [ + "identifiers", + "llm" + ] } }, "type": "object" diff --git a/docs/api-reference/spec/firework-v4-openapi.json b/docs/api-reference/spec/firework-v4-openapi.json index c674624..4fb7b5f 100644 --- a/docs/api-reference/spec/firework-v4-openapi.json +++ b/docs/api-reference/spec/firework-v4-openapi.json @@ -96,6 +96,181 @@ } } }, + "/firework/v4/admin/banners/": { + "get": { + "tags": [ + "private", + "team=collection-platform" + ], + "summary": "List Banners", + "operationId": "list_banners_admin_banners__get", + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ListBannersResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + }, + "put": { + "tags": [ + "private", + "team=collection-platform" + ], + "summary": "Set Banner", + "operationId": "set_banner_admin_banners__put", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SetBannerPayload" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/BannerResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + }, + "delete": { + "tags": [ + "private", + "team=collection-platform" + ], + "summary": "Clear Banner", + "operationId": "clear_banner_admin_banners__delete", + "parameters": [ + { + "name": "organization_id", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Organization Id" + } + }, + { + "name": "tenant_id", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Tenant Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/admin/events/import": { + "post": { + "tags": [ + "private" + ], + "summary": "Import Event", + "operationId": "import_event_admin_events_import_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ImportExperimentalEventModel" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ImportEventResult" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, "/firework/v4/admin/cookies/configurations": { "get": { "tags": [ @@ -304,15 +479,155 @@ } } } + }, + "post": { + "tags": [ + "private" + ], + "summary": "Create Feature Flag", + "operationId": "create_feature_flag_admin_feature_flags__post", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CreateFeatureFlagPayload" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/FeatureFlagResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } } }, - "/firework/v4/admin/feature_flags/{feature_flag_name}": { + "/firework/v4/admin/feature_flags/status": { + "get": { + "tags": [ + "private" + ], + "summary": "Get Feature Flag Status", + "operationId": "get_feature_flag_status_admin_feature_flags_status_get", + "parameters": [ + { + "name": "page", + "in": "query", + "required": false, + "schema": { + "type": "integer", + "default": 1, + "title": "Page" + } + }, + { + "name": "size", + "in": "query", + "required": false, + "schema": { + "type": "integer", + "default": 100, + "title": "Size" + } + }, + { + "name": "user_id", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "User Id" + } + }, + { + "name": "tenant_id", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Tenant Id" + } + }, + { + "name": "organization_id", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Organization Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ListFeatureFlagsStatusResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/admin/feature_flags/details/{feature_flag_name}": { "get": { "tags": [ "private" ], "summary": "Get Feature Flag", - "operationId": "get_feature_flag_admin_feature_flags__feature_flag_name__get", + "operationId": "get_feature_flag_admin_feature_flags_details__feature_flag_name__get", "parameters": [ { "name": "feature_flag_name", @@ -348,6 +663,527 @@ } } }, + "/firework/v4/admin/feature_flags/user-lists": { + "get": { + "tags": [ + "private" + ], + "summary": "List Feature Flag User Lists", + "operationId": "list_feature_flag_user_lists_admin_feature_flags_user_lists_get", + "parameters": [ + { + "name": "page", + "in": "query", + "required": false, + "schema": { + "type": "integer", + "default": 1, + "title": "Page" + } + }, + { + "name": "size", + "in": "query", + "required": false, + "schema": { + "type": "integer", + "default": 100, + "title": "Size" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ListFeatureFlagUserListsResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + }, + "post": { + "tags": [ + "private" + ], + "summary": "Create Feature Flag User List", + "operationId": "create_feature_flag_user_list_admin_feature_flags_user_lists_post", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CreateFeatureFlagUserListPayload" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/FeatureFlagUserListResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/admin/feature_flags/user-lists/{iid}": { + "get": { + "tags": [ + "private" + ], + "summary": "Get Feature Flag User List", + "operationId": "get_feature_flag_user_list_admin_feature_flags_user_lists__iid__get", + "parameters": [ + { + "name": "iid", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "Iid" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/FeatureFlagUserList" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/admin/feature_flags/user-lists/{user_list_iid}": { + "put": { + "tags": [ + "private" + ], + "summary": "Update Feature Flag User List", + "operationId": "update_feature_flag_user_list_admin_feature_flags_user_lists__user_list_iid__put", + "parameters": [ + { + "name": "user_list_iid", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "User List Iid" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/UpdateFeatureFlagUserListPayload" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/FeatureFlagUserListResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + }, + "delete": { + "tags": [ + "private" + ], + "summary": "Delete Feature Flag User List", + "operationId": "delete_feature_flag_user_list_admin_feature_flags_user_lists__user_list_iid__delete", + "parameters": [ + { + "name": "user_list_iid", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "User List Iid" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/admin/feature_flags/by_name/{feature_flag_name}/add_member": { + "post": { + "tags": [ + "private" + ], + "summary": "Add Member For Feature Flag", + "operationId": "add_member_for_feature_flag_admin_feature_flags_by_name__feature_flag_name__add_member_post", + "parameters": [ + { + "name": "feature_flag_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Feature Flag Name" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/MemberMutationPayload" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/admin/feature_flags/by_name/{feature_flag_name}/remove_member": { + "post": { + "tags": [ + "private" + ], + "summary": "Remove Member For Feature Flag", + "operationId": "remove_member_for_feature_flag_admin_feature_flags_by_name__feature_flag_name__remove_member_post", + "parameters": [ + { + "name": "feature_flag_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Feature Flag Name" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/MemberMutationPayload" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/admin/feature_flags/by_name/{feature_flag_name}": { + "patch": { + "tags": [ + "private" + ], + "summary": "Update Feature Flag", + "operationId": "update_feature_flag_admin_feature_flags_by_name__feature_flag_name__patch", + "parameters": [ + { + "name": "feature_flag_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Feature Flag Name" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/UpdateFeatureFlagPayload" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + }, + "delete": { + "tags": [ + "private" + ], + "summary": "Delete Feature Flag", + "operationId": "delete_feature_flag_admin_feature_flags_by_name__feature_flag_name__delete", + "parameters": [ + { + "name": "feature_flag_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Feature Flag Name" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/admin/feature_flags/by_name/{feature_flag_name}/strategies/{strategy_id}": { + "patch": { + "tags": [ + "private" + ], + "summary": "Update Strategy For Feature Flag", + "operationId": "update_strategy_for_feature_flag_admin_feature_flags_by_name__feature_flag_name__strategies__strategy_id__patch", + "parameters": [ + { + "name": "feature_flag_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Feature Flag Name" + } + }, + { + "name": "strategy_id", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "Strategy Id" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/UpdateStrategyPayload" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/admin/feature_flags/by_name/{feature_flag_name}/strategies": { + "post": { + "tags": [ + "private" + ], + "summary": "Create Strategy For Feature Flag", + "operationId": "create_strategy_for_feature_flag_admin_feature_flags_by_name__feature_flag_name__strategies_post", + "parameters": [ + { + "name": "feature_flag_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Feature Flag Name" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CreateStrategyPayload" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, "/firework/v4/admin/identifiers/{identifier_id}/update_domain_identifier_properties": { "post": { "tags": [ @@ -831,12 +1667,27 @@ } } ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/EnableFlareCommunityRequest", + "default": { + "auto_provision_users": false, + "manual_users": [] + } + } + } + } + }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { - "schema": {} + "schema": { + "$ref": "#/components/schemas/EnableFlareCommunityResponse" + } } } }, @@ -1272,6 +2123,115 @@ } } } + }, + "patch": { + "tags": [ + "private" + ], + "summary": "Update User Features", + "operationId": "update_user_features_admin_tenants__tenant_id__flare_community_users__user_id__patch", + "parameters": [ + { + "name": "user_id", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "User Id" + } + }, + { + "name": "tenant_id", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "Tenant Id" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/UpdateFlareCommunityUserFeaturesRequest" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/admin/tenants/{tenant_id}/flare_community/parse_csv": { + "post": { + "tags": [ + "private" + ], + "summary": "Parse Csv", + "operationId": "parse_csv_admin_tenants__tenant_id__flare_community_parse_csv_post", + "parameters": [ + { + "name": "tenant_id", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "Tenant Id" + } + } + ], + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "$ref": "#/components/schemas/Body_parse_csv_admin_tenants__tenant_id__flare_community_parse_csv_post" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CSVParseResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } } }, "/firework/v4/admin/threat_flow/reports": { @@ -2884,6 +3844,48 @@ } } }, + "/firework/v4/intels/validate-topic": { + "post": { + "tags": [ + "private" + ], + "summary": "Validate Intel Topic", + "description": "UX-only guidance: validates that an intel topic does not contain PII\nbefore submission. Note that this check is not enforced server-side when\nthe intel is created", + "operationId": "validate_intel_topic_intels_validate_topic_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ValidateIntelTopicPayload" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ValidateIntelTopicResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, "/firework/v4/assets/by_data": { "post": { "tags": [ @@ -2938,6 +3940,9 @@ }, { "$ref": "#/components/schemas/IdentityData" + }, + { + "$ref": "#/components/schemas/RansomLeakData" } ], "title": "Asset Data" @@ -3217,6 +4222,46 @@ } } }, + "/firework/v4/banner/current": { + "get": { + "tags": [ + "private", + "team=collection-platform" + ], + "summary": "Get Current Banner", + "operationId": "get_current_banner_banner_current_get", + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "anyOf": [ + { + "$ref": "#/components/schemas/BannerResponse" + }, + { + "type": "null" + } + ], + "title": "Response Get Current Banner Banner Current Get" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, "/firework/v4/tasks/": { "post": { "tags": [ @@ -3424,30 +4469,221 @@ } } }, - "/firework/v4/credentials/bulk_action": { - "post": { + "/firework/v4/credentials/bulk_action": { + "post": { + "tags": [ + "private", + "team=experience" + ], + "summary": "Create Credential Bulk Action", + "operationId": "create_credential_bulk_action_credentials_bulk_action_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CredentialBulkActionRequestBody" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/credentials/global/_search": { + "post": { + "tags": [ + "public" + ], + "summary": "Credentials Global Search", + "operationId": "credentials_global_search_credentials_global__search_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CredentialsQueryPayload" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PaginatedResults_Credential_str_" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/credentials/actions": { + "post": { + "tags": [ + "public", + "team=experience" + ], + "summary": "Credential Actions", + "operationId": "credential_actions_credentials_actions_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CredentialActionRequestBody" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/entities/{asset_uuid}/alert_level": { + "get": { "tags": [ - "private", - "team=experience" + "private" ], - "summary": "Create Credential Bulk Action", - "operationId": "create_credential_bulk_action_credentials_bulk_action_post", - "requestBody": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/CredentialBulkActionRequestBody" + "summary": "Get Alert Level", + "operationId": "get_alert_level_entities__asset_uuid__alert_level_get", + "parameters": [ + { + "name": "asset_uuid", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Asset Uuid" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/AlertLevelResponse" + } } } }, - "required": true - }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/entities/{asset_uuid}/alert_level/timeline": { + "get": { + "tags": [ + "private" + ], + "summary": "Get Exposure Level Timeline", + "operationId": "get_exposure_level_timeline_entities__asset_uuid__alert_level_timeline_get", + "parameters": [ + { + "name": "asset_uuid", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Asset Uuid" + } + }, + { + "name": "time", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Time" + } + }, + { + "name": "time_zone", + "in": "query", + "required": false, + "schema": { + "type": "string", + "default": "Etc/UTC", + "title": "Time Zone" + } + } + ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { - "schema": {} + "schema": { + "$ref": "#/components/schemas/AlertLevelTimelineResponse" + } } } }, @@ -3464,18 +4700,18 @@ } } }, - "/firework/v4/credentials/global/_search": { + "/firework/v4/chat-channels/uuid": { "post": { "tags": [ - "public" + "private" ], - "summary": "Credentials Global Search", - "operationId": "credentials_global_search_credentials_global__search_post", + "summary": "Get Asset Uuid", + "operationId": "get_asset_uuid_chat_channels_uuid_post", "requestBody": { "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/CredentialsQueryPayload" + "$ref": "#/components/schemas/ChatChannelAssetUuidPayload" } } }, @@ -3487,7 +4723,8 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/PaginatedResults_Credential_str_" + "type": "string", + "title": "Response Get Asset Uuid Chat Channels Uuid Post" } } } @@ -3505,13 +4742,13 @@ } } }, - "/firework/v4/entities/{asset_uuid}/alert_level": { + "/firework/v4/chat-channels/{asset_uuid}/metadata": { "get": { "tags": [ "private" ], - "summary": "Get Alert Level", - "operationId": "get_alert_level_entities__asset_uuid__alert_level_get", + "summary": "Get Chat Channel Metadata", + "operationId": "get_chat_channel_metadata_chat_channels__asset_uuid__metadata_get", "parameters": [ { "name": "asset_uuid", @@ -3529,7 +4766,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/AlertLevelResponse" + "$ref": "#/components/schemas/ChatChannelMetadata" } } } @@ -3547,13 +4784,13 @@ } } }, - "/firework/v4/entities/{asset_uuid}/alert_level/timeline": { + "/firework/v4/chat-channels/{asset_uuid}/breakdown": { "get": { "tags": [ "private" ], - "summary": "Get Exposure Level Timeline", - "operationId": "get_exposure_level_timeline_entities__asset_uuid__alert_level_timeline_get", + "summary": "Get Chat Channel Breakdown", + "operationId": "get_chat_channel_breakdown_chat_channels__asset_uuid__breakdown_get", "parameters": [ { "name": "asset_uuid", @@ -3565,7 +4802,7 @@ } }, { - "name": "time", + "name": "times", "in": "query", "required": false, "schema": { @@ -3577,7 +4814,7 @@ "type": "null" } ], - "title": "Time" + "title": "Times" } }, { @@ -3585,10 +4822,32 @@ "in": "query", "required": false, "schema": { - "type": "string", - "default": "Etc/UTC", + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], "title": "Time Zone" } + }, + { + "name": "aggregate_by", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "$ref": "#/components/schemas/StatsAggregates" + }, + { + "type": "null" + } + ], + "title": "Aggregate By" + } } ], "responses": { @@ -3597,7 +4856,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/AlertLevelTimelineResponse" + "$ref": "#/components/schemas/ChatChannelTimeline" } } } @@ -5580,7 +6839,7 @@ { "type": "array", "items": { - "$ref": "#/components/schemas/IdentifierAuthorizationStatusFilter" + "$ref": "#/components/schemas/IdentifierAuthorizationStatus" } }, { @@ -5625,14 +6884,14 @@ } } }, - "/firework/v4/identifiers/": { + "/firework/v4/identifiers/ui": { "post": { "tags": [ - "public", + "private", "team=experience" ], "summary": "Create Identifier", - "operationId": "create_identifier_identifiers__post", + "operationId": "create_identifier_identifiers_ui_post", "requestBody": { "required": true, "content": { @@ -5668,12 +6927,12 @@ }, "get": { "tags": [ - "public", + "private", "team=experience", "feature=identifiers" ], "summary": "Get Identifiers", - "operationId": "get_identifiers_identifiers__get", + "operationId": "get_identifiers_identifiers_ui_get", "parameters": [ { "name": "from", @@ -5858,42 +7117,274 @@ } }, { - "name": "authorization_statuses", + "name": "authorization_statuses", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "array", + "items": { + "$ref": "#/components/schemas/IdentifierAuthorizationStatus" + } + }, + { + "type": "null" + } + ], + "title": "Authorization Statuses" + } + }, + { + "name": "exact_matches_only", + "in": "query", + "required": false, + "schema": { + "type": "boolean", + "default": false, + "title": "Exact Matches Only" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PaginatedResults_Identifier_str_" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/identifiers/": { + "post": { + "tags": [ + "public", + "team=experience" + ], + "summary": "Create Identifier", + "operationId": "create_identifier_identifiers__post", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/IdentifierRequestBody" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/IdentifierResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + }, + "get": { + "tags": [ + "public", + "team=experience", + "feature=identifiers" + ], + "summary": "List Identifiers", + "operationId": "list_identifiers_identifiers__get", + "parameters": [ + { + "name": "from", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "From" + } + }, + { + "name": "size", + "in": "query", + "required": false, + "schema": { + "type": "integer", + "maximum": 100, + "exclusiveMinimum": 0, + "default": 20, + "title": "Size" + } + }, + { + "name": "order_by", + "in": "query", + "required": false, + "schema": { + "$ref": "#/components/schemas/IdentifierOrderBy", + "default": "id" + } + }, + { + "name": "is_disabled", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "null" + } + ], + "title": "Is Disabled" + } + }, + { + "name": "group_id", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Group Id" + } + }, + { + "name": "types", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "array", + "items": { + "$ref": "#/components/schemas/IdentifierType" + } + }, + { + "type": "null" + } + ], + "title": "Types" + } + }, + { + "name": "authorization_status", "in": "query", "required": false, "schema": { "anyOf": [ { - "type": "array", - "items": { - "$ref": "#/components/schemas/IdentifierAuthorizationStatusFilter" - } + "$ref": "#/components/schemas/IdentifierAuthorizationStatus" }, { "type": "null" } ], - "title": "Authorization Statuses" + "title": "Authorization Status" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PaginatedResults_PublicIdentifierResponse_str_" + } + } } }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/firework/v4/identifiers/ui/{identifier_id}": { + "put": { + "tags": [ + "private", + "team=experience" + ], + "summary": "Update Identifier By Id", + "operationId": "update_identifier_by_id_identifiers_ui__identifier_id__put", + "parameters": [ { - "name": "exact_matches_only", - "in": "query", - "required": false, + "name": "identifier_id", + "in": "path", + "required": true, "schema": { - "type": "boolean", - "default": false, - "title": "Exact Matches Only" + "type": "integer", + "title": "Identifier Id" } } ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/IdentifierRequestBody" + } + } + } + }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/PaginatedResults_Identifier_str_" + "$ref": "#/components/schemas/IdentifierResponse" } } } @@ -5914,7 +7405,7 @@ "/firework/v4/identifiers/{identifier_id}": { "put": { "tags": [ - "private", + "public", "team=experience" ], "summary": "Update Identifier By Id", @@ -6003,6 +7494,45 @@ } } } + }, + "delete": { + "tags": [ + "public", + "team=experience" + ], + "summary": "Delete Identifier", + "operationId": "delete_identifier_identifiers__identifier_id__delete", + "parameters": [ + { + "name": "identifier_id", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "Identifier Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } } }, "/firework/v4/identifiers/identity_by_asset_data": { @@ -6737,6 +8267,9 @@ }, { "$ref": "#/components/schemas/CreateAstpCookiesBody" + }, + { + "$ref": "#/components/schemas/CreateAstpDomainBody" } ], "title": "Body" @@ -7253,7 +8786,7 @@ "operationId": "list_identities_identities__get", "parameters": [ { - "name": "next", + "name": "q", "in": "query", "required": false, "schema": { @@ -7265,49 +8798,108 @@ "type": "null" } ], - "title": "Next" + "title": "Q" } - } - ], - "responses": { - "200": { - "description": "Successful Response", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/PaginatedResults_IdentityBrowserItemResponse_str_" + }, + { + "name": "vip_only", + "in": "query", + "required": false, + "schema": { + "type": "boolean", + "default": false, + "title": "Vip Only" + } + }, + { + "name": "entra_id_is_active", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "null" } - } + ], + "title": "Entra Id Is Active" } }, - "422": { - "description": "Validation Error", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/HTTPValidationError" + { + "name": "severity", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "array", + "items": { + "type": "integer" + } + }, + { + "type": "null" } - } + ], + "title": "Severity" + } + }, + { + "name": "next", + "in": "query", + "required": false, + "schema": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Next" + } + }, + { + "name": "sort", + "in": "query", + "required": false, + "schema": { + "$ref": "#/components/schemas/pyro__entities__identities__identity_browser_sort_type__SortType", + "default": "severity" + } + }, + { + "name": "order", + "in": "query", + "required": false, + "schema": { + "$ref": "#/components/schemas/OrderType", + "default": "desc" + } + }, + { + "name": "size", + "in": "query", + "required": false, + "schema": { + "type": "integer", + "maximum": 100, + "exclusiveMinimum": 0, + "default": 10, + "title": "Size" } } - } - } - }, - "/firework/v4/identities/_count": { - "get": { - "tags": [ - "private" ], - "summary": "Identities Count", - "operationId": "identities_count_identities__count_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { - "type": "integer", - "title": "Response Identities Count Identities Count Get" + "$ref": "#/components/schemas/PaginatedResults_IdentityBrowserItemResponse_str_" } } } @@ -11353,6 +12945,47 @@ } } } + }, + "delete": { + "tags": [ + "private", + "team=experience" + ], + "summary": "Delete Tenant", + "operationId": "delete_tenant_tenants__tenant_id__delete", + "parameters": [ + { + "name": "tenant_id", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "Tenant Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DeleteTenantResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } } }, "/firework/v4/threat_flow/reports/": { @@ -12337,6 +13970,47 @@ } } }, + "/firework/v4/audit_logs/_search": { + "post": { + "tags": [ + "private" + ], + "summary": "Search Audit Events", + "operationId": "search_audit_events_audit_logs__search_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/AuditEventRequestBody" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/PaginatedResults_AuditEventItemResponse_str_" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, "/firework/v4/usage/global_search/by_feature": { "get": { "tags": [ @@ -12690,7 +14364,6 @@ "enum": [ "account", "actor", - "actor_entity", "actor_summary", "ad", "attachment", @@ -12706,7 +14379,9 @@ "docker_repository", "document", "domain", + "domain_certificate", "domain_favicon", + "domain_dns_records", "domain_ip_address", "domain_screenshot", "domain_title", @@ -12722,7 +14397,6 @@ "forum_category", "forum_post", "forum_profile", - "forum_thread_entity", "forum_thread_summary", "forum_topic", "host", @@ -12743,7 +14417,13 @@ "sdo_campaign", "sdo_indicator", "sdo_infrastructure", + "sdo_location", "sdo_malware", + "sdo_relationship", + "sdo_external_report", + "sdo_threat_actor", + "sdo_threat_actor_group", + "sdo_tool", "sdo_vulnerability", "seller", "service", @@ -12751,7 +14431,6 @@ "source_code_secret", "stealer_log", "attachment/telegram", - "threat_actor_group", "threat_flow_summary", "valid_credential", "whois" @@ -12885,7 +14564,8 @@ "model_name", "es_id" ], - "title": "ActivityUid" + "title": "ActivityUid", + "description": "Pyro cluster document identity\n\nes_id in the Pyro cluster is / and used directly as doc _id" }, "ActorAPIResponse": { "properties": { @@ -14677,6 +16357,9 @@ }, { "$ref": "#/components/schemas/IdentityData" + }, + { + "$ref": "#/components/schemas/RansomLeakData" } ], "title": "Data", @@ -14694,6 +16377,7 @@ "ip": "#/components/schemas/IPData", "keyword": "#/components/schemas/KeywordData", "name": "#/components/schemas/NameData", + "ransomleak": "#/components/schemas/RansomLeakData", "search_query": "#/components/schemas/SearchQueryData", "secret": "#/components/schemas/SecretData", "username": "#/components/schemas/UsernameData" @@ -14760,6 +16444,8 @@ "favicon", "file", "filename", + "canonical_name", + "country", "github_repository", "ip", "ipv6_addr", @@ -14768,6 +16454,7 @@ "mitre_technique", "mutex", "name", + "ransomleak", "screenshot", "search_query", "secret", @@ -14779,12 +16466,19 @@ "x509_certificate", "actor", "attack_pattern", + "chat_channel", "campaign", + "external_report", "forum_thread", "identity", "indicator", "infrastructure", + "location", "malware", + "organization", + "threat_actor", + "threat_actor_group", + "tool", "vulnerability" ], "title": "AssetType" @@ -14810,11 +16504,13 @@ "type": "string" }, "type": "array", - "title": "Cookie Names" + "title": "Cookie Names", + "description": "The cookie names to monitor" }, "match_subdomains": { "type": "boolean", "title": "Match Subdomains", + "description": "Whether this policy will be applied to monitor subdomains of the assigned domain identifiers", "default": false } }, @@ -14824,6 +16520,17 @@ ], "title": "AstpCookiesValue" }, + "AstpDomainValue": { + "properties": { + "match_mode": { + "$ref": "#/components/schemas/DomainMatchMode", + "description": "The domain match mode for this policy", + "default": "email_domain_only" + } + }, + "type": "object", + "title": "AstpDomainValue" + }, "AsyncRequestStatus": { "type": "string", "enum": [ @@ -14838,6 +16545,8 @@ "type": "string", "enum": [ "actor_summary", + "chat_channel_summary", + "delete_tenant", "intel", "event_translation" ], @@ -14967,6 +16676,429 @@ ], "title": "AttackPatternEntityAPIResponse" }, + "AuditEventAction": { + "type": "string", + "enum": [ + "created", + "updated", + "deleted", + "viewed", + "exported", + "ignored", + "unignored", + "remediated", + "unremediated", + "enabled", + "disabled", + "accepted", + "rejected", + "searched", + "generated", + "synced", + "submitted" + ], + "title": "AuditEventAction" + }, + "AuditEventActorData": { + "properties": { + "user_id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "User Id" + }, + "user_name": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "User Name" + }, + "user_email": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "User Email" + }, + "organization_id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Organization Id" + }, + "tenant_id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Tenant Id" + }, + "ip": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Ip" + }, + "user_agent": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "User Agent" + }, + "flare_referer": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Flare Referer" + }, + "cloudfront_headers": { + "anyOf": [ + { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + { + "type": "null" + } + ], + "title": "Cloudfront Headers" + } + }, + "type": "object", + "required": [ + "user_id", + "user_name", + "user_email", + "organization_id", + "tenant_id", + "ip", + "user_agent", + "flare_referer", + "cloudfront_headers" + ], + "title": "AuditEventActorData" + }, + "AuditEventAffectedEntitiesResponse": { + "properties": { + "affected_organization_id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Affected Organization Id" + }, + "affected_tenant_id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Affected Tenant Id" + }, + "affected_tenant_name": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Affected Tenant Name" + }, + "affected_user_id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Affected User Id" + } + }, + "type": "object", + "required": [ + "affected_organization_id", + "affected_tenant_id", + "affected_tenant_name", + "affected_user_id" + ], + "title": "AuditEventAffectedEntitiesResponse" + }, + "AuditEventAffectedResourceType": { + "type": "string", + "enum": [ + "event", + "alert", + "alert_channel", + "asset_relation", + "authorize_asset_request", + "blacklisted_term", + "credential", + "footprint", + "identifier", + "identifier_recommendation", + "integration", + "user", + "organization", + "page_view", + "priority_action", + "sandbox", + "search", + "sensitive_data", + "tenant", + "threat_flow", + "cmi_allowed_restricted_term", + "cmi_app_banner", + "cmi_authorize_asset_request", + "cmi_feature_flag", + "cmi_hubspot", + "cmi_impersonated_user", + "cmi_organization", + "cmi_tenant", + "cmi_user" + ], + "title": "AuditEventAffectedResourceType" + }, + "AuditEventFiltersBody": { + "properties": { + "tenant_ids": { + "anyOf": [ + { + "items": { + "type": "integer" + }, + "type": "array" + }, + { + "type": "null" + } + ], + "title": "Tenant Ids" + }, + "user_ids": { + "items": { + "type": "integer" + }, + "type": "array", + "title": "User Ids" + }, + "include_system_audit_events": { + "type": "boolean", + "title": "Include System Audit Events", + "default": false + }, + "type": { + "anyOf": [ + { + "items": { + "$ref": "#/components/schemas/AuditEventAffectedResourceType" + }, + "type": "array" + }, + { + "type": "null" + } + ], + "title": "Type" + }, + "action": { + "anyOf": [ + { + "items": { + "$ref": "#/components/schemas/AuditEventAction" + }, + "type": "array" + }, + { + "type": "null" + } + ], + "title": "Action" + }, + "gte": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Gte" + }, + "lte": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Lte" + } + }, + "type": "object", + "title": "AuditEventFiltersBody" + }, + "AuditEventItemResponse": { + "properties": { + "id": { + "type": "integer", + "title": "Id" + }, + "created_at": { + "type": "string", + "format": "date-time", + "title": "Created At" + }, + "data": { + "additionalProperties": true, + "type": "object", + "title": "Data" + }, + "original_data": { + "anyOf": [ + { + "additionalProperties": true, + "type": "object" + }, + { + "type": "null" + } + ], + "title": "Original Data" + }, + "affected_entities": { + "$ref": "#/components/schemas/AuditEventAffectedEntitiesResponse" + }, + "actor_data": { + "anyOf": [ + { + "$ref": "#/components/schemas/AuditEventActorData" + }, + { + "type": "null" + } + ] + }, + "type": { + "$ref": "#/components/schemas/AuditEventAffectedResourceType" + }, + "action": { + "anyOf": [ + { + "$ref": "#/components/schemas/AuditEventAction" + }, + { + "type": "null" + } + ] + } + }, + "type": "object", + "required": [ + "id", + "created_at", + "data", + "original_data", + "affected_entities", + "actor_data", + "type", + "action" + ], + "title": "AuditEventItemResponse" + }, + "AuditEventPagingBody": { + "properties": { + "from_": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "From" + }, + "order": { + "$ref": "#/components/schemas/OrderType", + "default": "desc" + }, + "size": { + "type": "integer", + "title": "Size", + "default": 50 + } + }, + "type": "object", + "title": "AuditEventPagingBody" + }, + "AuditEventRequestBody": { + "properties": { + "pagination": { + "$ref": "#/components/schemas/AuditEventPagingBody" + }, + "filters": { + "$ref": "#/components/schemas/AuditEventFiltersBody" + } + }, + "type": "object", + "title": "AuditEventRequestBody" + }, "AuthDomainQuery": { "properties": { "type": { @@ -15332,6 +17464,45 @@ ], "title": "AzureTenantQuery" }, + "BannerResponse": { + "properties": { + "message": { + "type": "string", + "title": "Message" + }, + "variant": { + "$ref": "#/components/schemas/BannerVariant" + }, + "scope": { + "$ref": "#/components/schemas/BannerScope" + } + }, + "type": "object", + "required": [ + "message", + "variant", + "scope" + ], + "title": "BannerResponse" + }, + "BannerScope": { + "type": "string", + "enum": [ + "global", + "organization", + "tenant" + ], + "title": "BannerScope" + }, + "BannerVariant": { + "type": "string", + "enum": [ + "info", + "warning", + "critical" + ], + "title": "BannerVariant" + }, "BaseEdge": { "properties": { "source": { @@ -15484,6 +17655,20 @@ ], "title": "Blog Post" }, + "Body_parse_csv_admin_tenants__tenant_id__flare_community_parse_csv_post": { + "properties": { + "csv_file": { + "type": "string", + "contentMediaType": "application/octet-stream", + "title": "Csv File" + } + }, + "type": "object", + "required": [ + "csv_file" + ], + "title": "Body_parse_csv_admin_tenants__tenant_id__flare_community_parse_csv_post" + }, "Body_upload_organization_logo_organizations__organization_id__logo_post": { "properties": { "logo": { @@ -15705,7 +17890,7 @@ } ], "title": "Created After", - "default": "2026-04-07T19:47:22.921386Z" + "default": "2026-05-20T18:49:30.465642Z" }, "from": { "anyOf": [ @@ -15781,6 +17966,27 @@ ], "title": "CCBinData" }, + "CSVParseResponse": { + "properties": { + "users": { + "items": { + "$ref": "#/components/schemas/ProvisionUserItemRequest" + }, + "type": "array", + "title": "Users" + }, + "count": { + "type": "integer", + "title": "Count" + } + }, + "type": "object", + "required": [ + "users", + "count" + ], + "title": "CSVParseResponse" + }, "CTIEntitySourceAPIResponse": { "properties": { "id": { @@ -15965,6 +18171,278 @@ ], "title": "CategoryStatsHistogram" }, + "ChatChannelAssetUuidPayload": { + "properties": { + "thread_id": { + "type": "string", + "title": "Thread Id" + }, + "source": { + "type": "string", + "title": "Source" + } + }, + "type": "object", + "required": [ + "thread_id", + "source" + ], + "title": "ChatChannelAssetUuidPayload" + }, + "ChatChannelEntityAPIResponse": { + "properties": { + "uuid": { + "type": "string", + "title": "Uuid" + }, + "type": { + "$ref": "#/components/schemas/EntityType" + }, + "name": { + "type": "string", + "title": "Name" + }, + "created_by": { + "type": "string", + "title": "Created By" + }, + "sources": { + "items": { + "$ref": "#/components/schemas/CTIEntitySourceAPIResponse" + }, + "type": "array", + "title": "Sources" + }, + "created_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Created At" + }, + "updated_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Updated At" + }, + "first_seen_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "First Seen At" + }, + "last_seen_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Last Seen At" + }, + "confidence": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Confidence" + }, + "description": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Description" + } + }, + "type": "object", + "required": [ + "uuid", + "type", + "name", + "created_by", + "sources", + "created_at", + "updated_at", + "description" + ], + "title": "ChatChannelEntityAPIResponse" + }, + "ChatChannelMetadata": { + "properties": { + "first_seen": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "First Seen" + }, + "last_seen": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Last Seen" + }, + "total_events": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Events" + }, + "name": { + "type": "string", + "title": "Name" + }, + "source": { + "$ref": "#/components/schemas/EnrichedSource" + }, + "description": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Description" + }, + "handle": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Handle" + }, + "chat_type": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Chat Type" + }, + "member_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Member Count" + } + }, + "type": "object", + "required": [ + "name", + "source" + ], + "title": "ChatChannelMetadata" + }, + "ChatChannelTimeline": { + "properties": { + "aggregate_by": { + "anyOf": [ + { + "$ref": "#/components/schemas/StatsAggregates" + }, + { + "type": "null" + } + ] + }, + "timeline": { + "items": { + "$ref": "#/components/schemas/ChatChannelTimelineEntry" + }, + "type": "array", + "title": "Timeline" + }, + "total_count": { + "type": "integer", + "title": "Total Count" + } + }, + "type": "object", + "required": [ + "timeline", + "total_count" + ], + "title": "ChatChannelTimeline" + }, + "ChatChannelTimelineEntry": { + "properties": { + "date": { + "type": "string", + "format": "date-time", + "title": "Date" + }, + "total_count": { + "type": "integer", + "title": "Total Count" + } + }, + "type": "object", + "required": [ + "date", + "total_count" + ], + "title": "ChatChannelTimelineEntry" + }, "ChatMessageEvent": { "properties": { "event_type": { @@ -16588,7 +19066,9 @@ "properties": { "name": { "type": "string", - "title": "Name" + "minLength": 1, + "title": "Name", + "description": "The name of the matching policy" }, "type": { "type": "string", @@ -16608,6 +19088,32 @@ ], "title": "CreateAstpCookiesBody" }, + "CreateAstpDomainBody": { + "properties": { + "name": { + "type": "string", + "minLength": 1, + "title": "Name", + "description": "The name of the matching policy" + }, + "type": { + "type": "string", + "const": "ASTP_DOMAIN", + "title": "Type" + }, + "value": { + "$ref": "#/components/schemas/AstpDomainValue", + "description": "The value of the matching policy in the form of a domain match mode" + } + }, + "type": "object", + "required": [ + "name", + "type", + "value" + ], + "title": "CreateAstpDomainBody" + }, "CreateAuthorizationRequest": { "properties": { "asset_uuid": { @@ -16705,6 +19211,7 @@ "properties": { "name": { "type": "string", + "minLength": 1, "title": "Name", "description": "The name of the matching policy" }, @@ -16726,10 +19233,64 @@ ], "title": "CreateExcludedKeywordsBody" }, + "CreateFeatureFlagPayload": { + "properties": { + "name": { + "type": "string", + "minLength": 1, + "title": "Name" + }, + "active": { + "type": "boolean", + "title": "Active" + }, + "description": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Description" + } + }, + "type": "object", + "required": [ + "name", + "active", + "description" + ], + "title": "CreateFeatureFlagPayload" + }, + "CreateFeatureFlagUserListPayload": { + "properties": { + "name": { + "type": "string", + "minLength": 1, + "title": "Name" + }, + "members": { + "items": { + "$ref": "#/components/schemas/StrategyMember" + }, + "type": "array", + "title": "Members" + } + }, + "type": "object", + "required": [ + "name", + "members" + ], + "title": "CreateFeatureFlagUserListPayload" + }, "CreateIncludedKeywordsBody": { "properties": { "name": { "type": "string", + "minLength": 1, "title": "Name", "description": "The name of the matching policy" }, @@ -16802,6 +19363,7 @@ "properties": { "name": { "type": "string", + "minLength": 1, "title": "Name", "description": "The name of the matching policy" }, @@ -16823,6 +19385,57 @@ ], "title": "CreateLuceneQueryBody" }, + "CreateStrategyPayload": { + "properties": { + "strategy_type": { + "$ref": "#/components/schemas/GitlabFeatureFlagStrategyName" + }, + "scopes": { + "anyOf": [ + { + "items": { + "$ref": "#/components/schemas/UpdateGitlabFeatureFlagScopePayload" + }, + "type": "array" + }, + { + "type": "null" + } + ], + "title": "Scopes" + }, + "members": { + "anyOf": [ + { + "items": { + "$ref": "#/components/schemas/StrategyMember" + }, + "type": "array" + }, + { + "type": "null" + } + ], + "title": "Members" + }, + "user_list_id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "User List Id" + } + }, + "type": "object", + "required": [ + "strategy_type" + ], + "title": "CreateStrategyPayload" + }, "CreateTenantIntegrationPayload": { "properties": { "name": { @@ -16841,7 +19454,7 @@ "default": true }, "params": { - "anyOf": [ + "oneOf": [ { "$ref": "#/components/schemas/EntraIDInputParams" }, @@ -16852,7 +19465,15 @@ "$ref": "#/components/schemas/OktaInputParams" } ], - "title": "Params" + "title": "Params", + "discriminator": { + "propertyName": "params_type", + "mapping": { + "entra_id": "#/components/schemas/EntraIDInputParams", + "flare_community": "#/components/schemas/ForetraceInputParams", + "okta": "#/components/schemas/OktaInputParams" + } + } }, "status": { "anyOf": [ @@ -17018,6 +19639,52 @@ ], "title": "Credential" }, + "CredentialActionBody": { + "properties": { + "type": { + "$ref": "#/components/schemas/LeakedCredentialsBulkActionType" + } + }, + "type": "object", + "required": [ + "type" + ], + "title": "CredentialActionBody" + }, + "CredentialActionRequestBody": { + "properties": { + "targets": { + "items": { + "$ref": "#/components/schemas/CredentialActionTarget" + }, + "type": "array", + "maxItems": 100, + "title": "Targets" + }, + "action": { + "$ref": "#/components/schemas/CredentialActionBody" + } + }, + "type": "object", + "required": [ + "targets", + "action" + ], + "title": "CredentialActionRequestBody" + }, + "CredentialActionTarget": { + "properties": { + "credential_hash": { + "type": "string", + "title": "Credential Hash" + } + }, + "type": "object", + "required": [ + "credential_hash" + ], + "title": "CredentialActionTarget" + }, "CredentialBulkActionFilters": { "properties": { "query_type": { @@ -17667,6 +20334,24 @@ ], "title": "DayOfWeekData" }, + "DeleteTenantResponse": { + "properties": { + "request_id": { + "type": "string", + "format": "uuid", + "title": "Request Id" + }, + "status": { + "$ref": "#/components/schemas/AsyncRequestStatus" + } + }, + "type": "object", + "required": [ + "request_id", + "status" + ], + "title": "DeleteTenantResponse" + }, "DisableAccountPayload": { "properties": { "credential_hash": { @@ -17680,6 +20365,57 @@ ], "title": "DisableAccountPayload" }, + "DnsRecordsInfo": { + "properties": { + "a_records": { + "items": { + "type": "string" + }, + "type": "array", + "title": "A Records" + }, + "aaaa_records": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Aaaa Records" + }, + "mx_records": { + "items": { + "$ref": "#/components/schemas/MxRecord" + }, + "type": "array", + "title": "Mx Records" + }, + "ns_records": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Ns Records" + }, + "txt_records": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Txt Records" + }, + "has_dmarc": { + "type": "boolean", + "title": "Has Dmarc", + "default": false + }, + "has_spf": { + "type": "boolean", + "title": "Has Spf", + "default": false + } + }, + "type": "object", + "title": "DnsRecordsInfo" + }, "DomainAssetEnrichment": { "properties": { "type": { @@ -17792,6 +20528,15 @@ ], "title": "DomainEventHistoryResponse" }, + "DomainMatchMode": { + "type": "string", + "enum": [ + "email_domain_only", + "auth_domain_and_email_domain", + "auth_domain_only" + ], + "title": "DomainMatchMode" + }, "DomainProfileEvent": { "properties": { "uid": { @@ -17841,6 +20586,12 @@ }, "type": "array" }, + { + "$ref": "#/components/schemas/DnsRecordsInfo" + }, + { + "$ref": "#/components/schemas/WhoisRdapInfo" + }, { "type": "null" } @@ -18025,6 +20776,40 @@ ], "title": "EmailQuery" }, + "EnableFlareCommunityRequest": { + "properties": { + "auto_provision_users": { + "type": "boolean", + "title": "Auto Provision Users", + "default": false + }, + "manual_users": { + "items": { + "$ref": "#/components/schemas/ProvisionUserItemRequest" + }, + "type": "array", + "title": "Manual Users" + } + }, + "type": "object", + "title": "EnableFlareCommunityRequest" + }, + "EnableFlareCommunityResponse": { + "properties": { + "provisioned_users_created": { + "type": "integer", + "title": "Provisioned Users Created", + "default": 0 + }, + "provisioned_users_already_existed": { + "type": "integer", + "title": "Provisioned Users Already Existed", + "default": 0 + } + }, + "type": "object", + "title": "EnableFlareCommunityResponse" + }, "EncryptionCertificateResponse": { "properties": { "encryption_certificate": { @@ -18326,14 +21111,32 @@ { "$ref": "#/components/schemas/ActorAPIResponse" }, + { + "$ref": "#/components/schemas/AttackPatternEntityAPIResponse" + }, + { + "$ref": "#/components/schemas/CampaignEntityAPIResponse" + }, + { + "$ref": "#/components/schemas/ChatChannelEntityAPIResponse" + }, { "$ref": "#/components/schemas/ForumThreadAPIResponse" }, { - "$ref": "#/components/schemas/AttackPatternEntityAPIResponse" + "$ref": "#/components/schemas/IndicatorEntityAPIResponse" }, { - "$ref": "#/components/schemas/CampaignEntityAPIResponse" + "$ref": "#/components/schemas/InfrastructureEntityAPIResponse" + }, + { + "$ref": "#/components/schemas/MalwareEntityAPIResponse" + }, + { + "$ref": "#/components/schemas/ThreatActorGroupEntityAPIResponse" + }, + { + "$ref": "#/components/schemas/VulnerabilityEntityAPIResponse" } ] }, @@ -18343,11 +21146,19 @@ "attack_pattern", "actor", "campaign", + "chat_channel", + "external_report", "forum_thread", "identity", "indicator", "infrastructure", + "domain", + "location", "malware", + "organization", + "threat_actor", + "threat_actor_group", + "tool", "vulnerability" ], "title": "EntityType" @@ -18383,19 +21194,6 @@ "type": "object", "title": "EntraIDFailedValidationDetails" }, - "EntraIDFeature": { - "type": "string", - "enum": [ - "manually_disable_accounts", - "manually_mark_as_compromised", - "manually_revoke_sessions", - "automatically_validate_credentials", - "automatically_disable_accounts", - "automatically_mark_as_compromised", - "automatically_revoke_sessions" - ], - "title": "EntraIDFeature" - }, "EntraIDInputParams": { "properties": { "params_type": { @@ -18484,7 +21282,7 @@ }, "features": { "items": { - "$ref": "#/components/schemas/EntraIDFeature" + "$ref": "#/components/schemas/IdPFeature" }, "type": "array", "uniqueItems": true, @@ -18618,7 +21416,7 @@ }, "features": { "items": { - "$ref": "#/components/schemas/EntraIDFeature" + "$ref": "#/components/schemas/IdPFeature" }, "type": "array", "uniqueItems": true, @@ -18837,6 +21635,60 @@ ], "title": "ExpandableField" }, + "ExperimentalEventMetadata": { + "properties": { + "source": { + "type": "string", + "minLength": 1, + "title": "Source" + }, + "id": { + "type": "string", + "minLength": 1, + "title": "Id" + }, + "url": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Url" + }, + "extra": { + "anyOf": [ + { + "additionalProperties": true, + "type": "object" + }, + { + "type": "null" + } + ], + "title": "Extra" + }, + "estimated_created_at": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Estimated Created At" + } + }, + "type": "object", + "required": [ + "source", + "id" + ], + "title": "ExperimentalEventMetadata" + }, "FaviconHashType": { "type": "string", "enum": [ @@ -18953,6 +21805,146 @@ "type": "object", "title": "FeatureFlagMetrics" }, + "FeatureFlagResponse": { + "properties": { + "feature_flag": { + "$ref": "#/components/schemas/FeatureFlagDefinition" + } + }, + "type": "object", + "required": [ + "feature_flag" + ], + "title": "FeatureFlagResponse" + }, + "FeatureFlagStatus": { + "properties": { + "name": { + "type": "string", + "title": "Name" + }, + "description": { + "type": "string", + "title": "Description" + }, + "enabled": { + "type": "boolean", + "title": "Enabled" + }, + "enabled_by": { + "anyOf": [ + { + "$ref": "#/components/schemas/FeatureFlagStatusEnabledByTenant" + }, + { + "$ref": "#/components/schemas/FeatureFlagStatusEnabledByOrganization" + }, + { + "$ref": "#/components/schemas/FeatureFlagStatusEnabledByGlobal" + }, + { + "$ref": "#/components/schemas/FeatureFlagStatusEnabledByUser" + }, + { + "type": "null" + } + ], + "title": "Enabled By" + } + }, + "type": "object", + "required": [ + "name", + "description", + "enabled", + "enabled_by" + ], + "title": "FeatureFlagStatus" + }, + "FeatureFlagStatusEnabledByGlobal": { + "properties": { + "source": { + "type": "string", + "const": "global", + "title": "Source", + "default": "global" + } + }, + "type": "object", + "title": "FeatureFlagStatusEnabledByGlobal" + }, + "FeatureFlagStatusEnabledByOrganization": { + "properties": { + "source": { + "type": "string", + "const": "organization", + "title": "Source", + "default": "organization" + }, + "organization_id": { + "type": "integer", + "title": "Organization Id" + }, + "is_user_list": { + "type": "boolean", + "title": "Is User List" + } + }, + "type": "object", + "required": [ + "organization_id", + "is_user_list" + ], + "title": "FeatureFlagStatusEnabledByOrganization" + }, + "FeatureFlagStatusEnabledByTenant": { + "properties": { + "source": { + "type": "string", + "const": "tenant", + "title": "Source", + "default": "tenant" + }, + "tenant_id": { + "type": "integer", + "title": "Tenant Id" + }, + "is_user_list": { + "type": "boolean", + "title": "Is User List" + } + }, + "type": "object", + "required": [ + "tenant_id", + "is_user_list" + ], + "title": "FeatureFlagStatusEnabledByTenant" + }, + "FeatureFlagStatusEnabledByUser": { + "properties": { + "source": { + "type": "string", + "const": "user", + "title": "Source", + "default": "user" + }, + "user_id": { + "type": "integer", + "title": "User Id" + }, + "is_user_list": { + "type": "boolean", + "title": "Is User List" + } + }, + "type": "object", + "required": [ + "user_id", + "is_user_list" + ], + "title": "FeatureFlagStatusEnabledByUser" + }, "FeatureFlagStrategy": { "properties": { "id": { @@ -18971,21 +21963,20 @@ }, "scopes": { "items": { - "$ref": "#/components/schemas/GitlabEnvironmentScope" + "$ref": "#/components/schemas/GitlabFeatureFlagScope" }, "type": "array", "title": "Scopes" }, - "gitlab_user_list_name": { + "user_list": { "anyOf": [ { - "type": "string" + "$ref": "#/components/schemas/FeatureFlagUserList" }, { "type": "null" } - ], - "title": "Gitlab User List Name" + ] } }, "type": "object", @@ -18997,11 +21988,59 @@ ], "title": "FeatureFlagStrategy" }, + "FeatureFlagUserList": { + "properties": { + "id": { + "type": "integer", + "title": "Id" + }, + "iid": { + "type": "integer", + "title": "Iid" + }, + "name": { + "type": "string", + "title": "Name" + }, + "members": { + "items": { + "$ref": "#/components/schemas/StrategyMember" + }, + "type": "array", + "title": "Members" + }, + "metrics": { + "$ref": "#/components/schemas/FeatureFlagMetrics" + } + }, + "type": "object", + "required": [ + "id", + "iid", + "name", + "members", + "metrics" + ], + "title": "FeatureFlagUserList" + }, + "FeatureFlagUserListResponse": { + "properties": { + "user_list": { + "$ref": "#/components/schemas/FeatureFlagUserList" + } + }, + "type": "object", + "required": [ + "user_list" + ], + "title": "FeatureFlagUserListResponse" + }, "Features": { "type": "string", "enum": [ "standard", - "takedown" + "takedown", + "browser_extension" ], "title": "Features" }, @@ -20597,6 +23636,23 @@ ], "title": "GitlabEnvironmentScope" }, + "GitlabFeatureFlagScope": { + "properties": { + "id": { + "type": "integer", + "title": "Id" + }, + "environment_scope": { + "$ref": "#/components/schemas/GitlabEnvironmentScope" + } + }, + "type": "object", + "required": [ + "id", + "environment_scope" + ], + "title": "GitlabFeatureFlagScope" + }, "GitlabFeatureFlagStrategyName": { "type": "string", "enum": [ @@ -21399,6 +24455,20 @@ ], "title": "IdPApplicationNode" }, + "IdPFeature": { + "type": "string", + "enum": [ + "full_idp_sync", + "manually_disable_accounts", + "manually_mark_as_compromised", + "manually_revoke_sessions", + "automatically_validate_credentials", + "automatically_disable_accounts", + "automatically_mark_as_compromised", + "automatically_revoke_sessions" + ], + "title": "IdPFeature" + }, "IdPUserAccountType": { "type": "string", "enum": [ @@ -21477,6 +24547,9 @@ }, { "$ref": "#/components/schemas/IdentityData" + }, + { + "$ref": "#/components/schemas/RansomLeakData" } ], "title": "Data", @@ -21494,6 +24567,7 @@ "ip": "#/components/schemas/IPData", "keyword": "#/components/schemas/KeywordData", "name": "#/components/schemas/NameData", + "ransomleak": "#/components/schemas/RansomLeakData", "search_query": "#/components/schemas/SearchQueryData", "secret": "#/components/schemas/SecretData", "username": "#/components/schemas/UsernameData" @@ -21573,14 +24647,14 @@ ], "title": "IdentifierAuthorizationRequestStatus" }, - "IdentifierAuthorizationStatusFilter": { + "IdentifierAuthorizationStatus": { "type": "string", "enum": [ "pending", "rejected", "authorized" ], - "title": "IdentifierAuthorizationStatusFilter" + "title": "IdentifierAuthorizationStatus" }, "IdentifierCollectionGroupId": { "properties": { @@ -21636,6 +24710,68 @@ ], "title": "IdentifierEnableState" }, + "IdentifierEnrichments": { + "properties": { + "domain_reachable_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Domain Reachable At" + }, + "domain_resolves_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Domain Resolves At" + }, + "usage_count": { + "type": "integer", + "title": "Usage Count" + }, + "event_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Event Count" + }, + "authorization_status": { + "anyOf": [ + { + "$ref": "#/components/schemas/IdentifierAuthorizationStatus" + }, + { + "type": "null" + } + ] + } + }, + "type": "object", + "required": [ + "domain_reachable_at", + "domain_resolves_at", + "usage_count", + "event_count", + "authorization_status" + ], + "title": "IdentifierEnrichments" + }, "IdentifierEntityType": { "type": "string", "enum": [ @@ -21862,7 +24998,7 @@ "clean_past_events": { "type": "boolean", "title": "Clean Past Events", - "description": "Whether this policy will be applied to historical events", + "description": "Determines whether or not this policy should be applied to events that have already matched this identifier.", "default": false } }, @@ -22343,7 +25479,7 @@ "SYSTEM_RELATION", "SELF_ONBOARDING", "ATTRIBUTE", - "LOOKALIKE_DOMAIN", + "AUTO_MONITOR", "IDP_SYNC" ], "title": "IdentifierSource" @@ -22357,7 +25493,7 @@ "SYSTEM", "USER_AND_ATTRIBUTE", "USER_AND_SYSTEM", - "LOOKALIKE_DOMAIN" + "AUTO_MONITOR" ], "title": "IdentifierSourceGroup" }, @@ -22443,7 +25579,8 @@ "ip", "secret", "azure_tenant", - "identity" + "identity", + "ransomleak" ], "title": "IdentifierType" }, @@ -23073,6 +26210,53 @@ ], "title": "IdentityProfileBanner" }, + "ImportEventResult": { + "properties": { + "success": { + "type": "boolean", + "title": "Success" + } + }, + "type": "object", + "required": [ + "success" + ], + "title": "ImportEventResult" + }, + "ImportExperimentalEventModel": { + "properties": { + "metadata": { + "$ref": "#/components/schemas/ExperimentalEventMetadata" + }, + "data": { + "additionalProperties": true, + "type": "object", + "title": "Data" + }, + "content": { + "type": "string", + "title": "Content" + }, + "tenant_id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Tenant Id" + } + }, + "type": "object", + "required": [ + "metadata", + "data", + "content" + ], + "title": "ImportExperimentalEventModel" + }, "IncludeOptions": { "type": "string", "enum": [ @@ -23081,6 +26265,181 @@ ], "title": "IncludeOptions" }, + "IndicatorEntityAPIResponse": { + "properties": { + "uuid": { + "type": "string", + "title": "Uuid" + }, + "type": { + "$ref": "#/components/schemas/EntityType" + }, + "name": { + "type": "string", + "title": "Name" + }, + "created_by": { + "type": "string", + "title": "Created By" + }, + "sources": { + "items": { + "$ref": "#/components/schemas/CTIEntitySourceAPIResponse" + }, + "type": "array", + "title": "Sources" + }, + "created_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Created At" + }, + "updated_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Updated At" + }, + "first_seen_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "First Seen At" + }, + "last_seen_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Last Seen At" + }, + "confidence": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Confidence" + }, + "pattern": { + "type": "string", + "title": "Pattern" + }, + "pattern_version": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Pattern Version" + }, + "indicator_types": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Indicator Types" + }, + "description": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Description" + }, + "valid_from": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Valid From" + }, + "valid_until": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Valid Until" + }, + "kill_chain_phases": { + "items": { + "$ref": "#/components/schemas/KillChainAPIResponse" + }, + "type": "array", + "title": "Kill Chain Phases" + }, + "marking_definitions": { + "items": { + "$ref": "#/components/schemas/MarkingDefinition" + }, + "type": "array", + "title": "Marking Definitions" + } + }, + "type": "object", + "required": [ + "uuid", + "type", + "name", + "created_by", + "sources", + "created_at", + "updated_at", + "pattern", + "pattern_version", + "indicator_types", + "description", + "valid_from", + "valid_until", + "kill_chain_phases", + "marking_definitions" + ], + "title": "IndicatorEntityAPIResponse" + }, "IndicatorType": { "type": "string", "enum": [ @@ -23088,6 +26447,138 @@ ], "title": "IndicatorType" }, + "InfrastructureEntityAPIResponse": { + "properties": { + "uuid": { + "type": "string", + "title": "Uuid" + }, + "type": { + "$ref": "#/components/schemas/EntityType" + }, + "name": { + "type": "string", + "title": "Name" + }, + "created_by": { + "type": "string", + "title": "Created By" + }, + "sources": { + "items": { + "$ref": "#/components/schemas/CTIEntitySourceAPIResponse" + }, + "type": "array", + "title": "Sources" + }, + "created_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Created At" + }, + "updated_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Updated At" + }, + "first_seen_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "First Seen At" + }, + "last_seen_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Last Seen At" + }, + "confidence": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Confidence" + }, + "description": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Description" + }, + "infrastructure_types": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Infrastructure Types" + }, + "kill_chain_phases": { + "items": { + "$ref": "#/components/schemas/KillChainAPIResponse" + }, + "type": "array", + "title": "Kill Chain Phases" + }, + "marking_definitions": { + "items": { + "$ref": "#/components/schemas/MarkingDefinition" + }, + "type": "array", + "title": "Marking Definitions" + } + }, + "type": "object", + "required": [ + "uuid", + "type", + "name", + "created_by", + "sources", + "created_at", + "updated_at", + "description", + "infrastructure_types", + "kill_chain_phases", + "marking_definitions" + ], + "title": "InfrastructureEntityAPIResponse" + }, "IntelType": { "type": "string", "enum": [ @@ -23415,6 +26906,16 @@ ], "title": "LeakNode" }, + "LeakedCredentialsBulkActionType": { + "type": "string", + "enum": [ + "remediate", + "unremediate", + "ignore", + "unignore" + ], + "title": "LeakedCredentialsBulkActionType" + }, "LeaksOrderBy": { "type": "string", "enum": [ @@ -23425,6 +26926,73 @@ ], "title": "LeaksOrderBy" }, + "ListBannersResponse": { + "properties": { + "global_": { + "anyOf": [ + { + "$ref": "#/components/schemas/BannerResponse" + }, + { + "type": "null" + } + ] + }, + "organizations": { + "items": { + "$ref": "#/components/schemas/OrganizationBanner" + }, + "type": "array", + "title": "Organizations" + }, + "tenants": { + "items": { + "$ref": "#/components/schemas/TenantBanner" + }, + "type": "array", + "title": "Tenants" + } + }, + "type": "object", + "required": [ + "global_", + "organizations", + "tenants" + ], + "title": "ListBannersResponse" + }, + "ListFeatureFlagUserListsResponse": { + "properties": { + "user_lists": { + "items": { + "$ref": "#/components/schemas/FeatureFlagUserList" + }, + "type": "array", + "title": "User Lists" + }, + "total": { + "type": "integer", + "title": "Total" + }, + "next_page": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Next Page" + } + }, + "type": "object", + "required": [ + "user_lists", + "total" + ], + "title": "ListFeatureFlagUserListsResponse" + }, "ListFeatureFlagsResponse": { "properties": { "feature_flags": { @@ -23457,6 +27025,38 @@ ], "title": "ListFeatureFlagsResponse" }, + "ListFeatureFlagsStatusResponse": { + "properties": { + "feature_flags": { + "items": { + "$ref": "#/components/schemas/FeatureFlagStatus" + }, + "type": "array", + "title": "Feature Flags" + }, + "total": { + "type": "integer", + "title": "Total" + }, + "next_page": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Next Page" + } + }, + "type": "object", + "required": [ + "feature_flags", + "total" + ], + "title": "ListFeatureFlagsStatusResponse" + }, "ListingEvent": { "properties": { "event_type": { @@ -23782,6 +27382,138 @@ ], "title": "LuceneValue" }, + "MalwareEntityAPIResponse": { + "properties": { + "uuid": { + "type": "string", + "title": "Uuid" + }, + "type": { + "$ref": "#/components/schemas/EntityType" + }, + "name": { + "type": "string", + "title": "Name" + }, + "created_by": { + "type": "string", + "title": "Created By" + }, + "sources": { + "items": { + "$ref": "#/components/schemas/CTIEntitySourceAPIResponse" + }, + "type": "array", + "title": "Sources" + }, + "created_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Created At" + }, + "updated_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Updated At" + }, + "first_seen_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "First Seen At" + }, + "last_seen_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Last Seen At" + }, + "confidence": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Confidence" + }, + "description": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Description" + }, + "malware_types": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Malware Types" + }, + "kill_chain_phases": { + "items": { + "$ref": "#/components/schemas/KillChainAPIResponse" + }, + "type": "array", + "title": "Kill Chain Phases" + }, + "marking_definitions": { + "items": { + "$ref": "#/components/schemas/MarkingDefinition" + }, + "type": "array", + "title": "Marking Definitions" + } + }, + "type": "object", + "required": [ + "uuid", + "type", + "name", + "created_by", + "sources", + "created_at", + "updated_at", + "description", + "malware_types", + "kill_chain_phases", + "marking_definitions" + ], + "title": "MalwareEntityAPIResponse" + }, "MalwareInformation": { "properties": { "malware_family": { @@ -23928,18 +27660,7 @@ "description": "The type of the matching policy" }, "value": { - "anyOf": [ - { - "$ref": "#/components/schemas/KeywordsValue" - }, - { - "$ref": "#/components/schemas/LuceneValue" - }, - { - "$ref": "#/components/schemas/AstpCookiesValue" - } - ], - "title": "Value", + "$ref": "#/components/schemas/PolicyValue", "description": "The value of the matching policy depending on its type" }, "created_at": { @@ -23972,10 +27693,23 @@ "INCLUDED_KEYWORDS", "EXCLUDED_KEYWORDS", "LUCENE_QUERY", - "ASTP_COOKIES" + "ASTP_COOKIES", + "ASTP_DOMAIN" ], "title": "MatchingPolicyType" }, + "MemberMutationPayload": { + "properties": { + "member": { + "$ref": "#/components/schemas/StrategyMember" + } + }, + "type": "object", + "required": [ + "member" + ], + "title": "MemberMutationPayload" + }, "MergeIdentitiesBody": { "properties": { "from_identifier_id": { @@ -23994,6 +27728,24 @@ ], "title": "MergeIdentitiesBody" }, + "MxRecord": { + "properties": { + "priority": { + "type": "integer", + "title": "Priority" + }, + "exchange": { + "type": "string", + "title": "Exchange" + } + }, + "type": "object", + "required": [ + "priority", + "exchange" + ], + "title": "MxRecord" + }, "NameData": { "properties": { "type": { @@ -24104,6 +27856,26 @@ "type": "string", "title": "Okta Domain" }, + "okta_service_app_client_id": { + "anyOf": [ + { + "type": "string", + "minLength": 1 + }, + { + "type": "null" + } + ], + "title": "Okta Service App Client Id" + }, + "features": { + "items": { + "$ref": "#/components/schemas/IdPFeature" + }, + "type": "array", + "uniqueItems": true, + "title": "Features" + }, "lockout_policy": { "anyOf": [ { @@ -24124,7 +27896,8 @@ "OktaInvalidParameterField": { "type": "string", "enum": [ - "okta_domain" + "okta_domain", + "okta_service_app_client_id" ], "title": "OktaInvalidParameterField" }, @@ -24140,6 +27913,25 @@ "type": "string", "title": "Okta Domain" }, + "okta_service_app_client_id": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Okta Service App Client Id" + }, + "features": { + "items": { + "$ref": "#/components/schemas/IdPFeature" + }, + "type": "array", + "uniqueItems": true, + "title": "Features" + }, "lockout_policy": { "anyOf": [ { @@ -24165,6 +27957,33 @@ ], "title": "OrderType" }, + "OrganizationBanner": { + "properties": { + "organization_id": { + "type": "integer", + "title": "Organization Id" + }, + "organization_name": { + "type": "string", + "title": "Organization Name" + }, + "message": { + "type": "string", + "title": "Message" + }, + "variant": { + "$ref": "#/components/schemas/BannerVariant" + } + }, + "type": "object", + "required": [ + "organization_id", + "organization_name", + "message", + "variant" + ], + "title": "OrganizationBanner" + }, "OrganizationEventStatsResponse": { "properties": { "organization_id": { @@ -24324,6 +28143,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24352,6 +28182,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24361,6 +28202,45 @@ ], "title": "PaginatedResults[Alert, str]" }, + "PaginatedResults_AuditEventItemResponse_str_": { + "properties": { + "items": { + "items": { + "$ref": "#/components/schemas/AuditEventItemResponse" + }, + "type": "array", + "title": "Items" + }, + "next": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" + } + }, + "type": "object", + "required": [ + "items", + "next" + ], + "title": "PaginatedResults[AuditEventItemResponse, str]" + }, "PaginatedResults_CredentialValidationReponse_str_": { "properties": { "items": { @@ -24380,6 +28260,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24408,6 +28299,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24436,6 +28338,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24464,6 +28377,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24492,6 +28416,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24520,6 +28455,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24548,6 +28494,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24576,6 +28533,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24604,6 +28572,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24633,6 +28612,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24661,6 +28651,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24689,6 +28690,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24717,6 +28729,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24726,6 +28749,45 @@ ], "title": "PaginatedResults[PolicyAssignedIdentifierPayload, str]" }, + "PaginatedResults_PublicIdentifierResponse_str_": { + "properties": { + "items": { + "items": { + "$ref": "#/components/schemas/PublicIdentifierResponse" + }, + "type": "array", + "title": "Items" + }, + "next": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" + } + }, + "type": "object", + "required": [ + "items", + "next" + ], + "title": "PaginatedResults[PublicIdentifierResponse, str]" + }, "PaginatedResults_PydanticThreatFlowReport_str_": { "properties": { "items": { @@ -24745,6 +28807,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24773,6 +28846,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24801,6 +28885,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24829,6 +28924,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24857,6 +28963,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24885,6 +29002,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24913,6 +29041,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24941,6 +29080,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24969,6 +29119,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -24997,6 +29158,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -25025,6 +29197,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -25053,6 +29236,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -25081,6 +29275,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -25109,6 +29314,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -25144,6 +29360,17 @@ } ], "title": "Next" + }, + "total_count": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Total Count" } }, "type": "object", @@ -25566,6 +29793,22 @@ ], "title": "PolicyAssignmentsBody" }, + "PolicyValue": { + "anyOf": [ + { + "$ref": "#/components/schemas/KeywordsValue" + }, + { + "$ref": "#/components/schemas/LuceneValue" + }, + { + "$ref": "#/components/schemas/AstpCookiesValue" + }, + { + "$ref": "#/components/schemas/AstpDomainValue" + } + ] + }, "PresetRestrictedTerm": { "properties": { "type": { @@ -25652,6 +29895,194 @@ ], "title": "PreviewAlerts" }, + "ProvisionUserItemRequest": { + "properties": { + "email": { + "type": "string", + "title": "Email" + }, + "idp_user_uuid": { + "anyOf": [ + { + "type": "string", + "format": "uuid" + }, + { + "type": "null" + } + ], + "title": "Idp User Uuid" + }, + "full_name": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Full Name" + } + }, + "type": "object", + "required": [ + "email" + ], + "title": "ProvisionUserItemRequest" + }, + "PublicIdentifierResponse": { + "properties": { + "id": { + "type": "integer", + "title": "Id" + }, + "name": { + "type": "string", + "title": "Name" + }, + "tenant_id": { + "type": "integer", + "title": "Tenant Id" + }, + "data": { + "oneOf": [ + { + "$ref": "#/components/schemas/CCBinData" + }, + { + "$ref": "#/components/schemas/IPData" + }, + { + "$ref": "#/components/schemas/BrandData" + }, + { + "$ref": "#/components/schemas/KeywordData" + }, + { + "$ref": "#/components/schemas/AzureTenantData" + }, + { + "$ref": "#/components/schemas/DomainData" + }, + { + "$ref": "#/components/schemas/NameData" + }, + { + "$ref": "#/components/schemas/SearchQueryData" + }, + { + "$ref": "#/components/schemas/GithubRepositoryData" + }, + { + "$ref": "#/components/schemas/UsernameData" + }, + { + "$ref": "#/components/schemas/EmailData" + }, + { + "$ref": "#/components/schemas/SecretData" + }, + { + "$ref": "#/components/schemas/CredentialsData" + }, + { + "$ref": "#/components/schemas/IdentityData" + }, + { + "$ref": "#/components/schemas/RansomLeakData" + } + ], + "title": "Data", + "discriminator": { + "propertyName": "type", + "mapping": { + "azure_tenant": "#/components/schemas/AzureTenantData", + "bin": "#/components/schemas/CCBinData", + "brand": "#/components/schemas/BrandData", + "credentials": "#/components/schemas/CredentialsData", + "domain": "#/components/schemas/DomainData", + "email": "#/components/schemas/EmailData", + "github_repository": "#/components/schemas/GithubRepositoryData", + "identity": "#/components/schemas/IdentityData", + "ip": "#/components/schemas/IPData", + "keyword": "#/components/schemas/KeywordData", + "name": "#/components/schemas/NameData", + "ransomleak": "#/components/schemas/RansomLeakData", + "search_query": "#/components/schemas/SearchQueryData", + "secret": "#/components/schemas/SecretData", + "username": "#/components/schemas/UsernameData" + } + } + }, + "categories": { + "items": { + "$ref": "#/components/schemas/SearchType" + }, + "type": "array", + "title": "Categories" + }, + "emerging_categories": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Emerging Categories" + }, + "severities": { + "items": { + "$ref": "#/components/schemas/Severity" + }, + "type": "array", + "title": "Severities" + }, + "group_id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Group Id" + }, + "enrichments": { + "anyOf": [ + { + "$ref": "#/components/schemas/IdentifierEnrichments" + }, + { + "type": "null" + } + ] + }, + "is_disabled": { + "type": "boolean", + "title": "Is Disabled" + }, + "updated_at": { + "type": "string", + "format": "date-time", + "title": "Updated At" + } + }, + "type": "object", + "required": [ + "id", + "name", + "tenant_id", + "data", + "categories", + "emerging_categories", + "severities", + "group_id", + "enrichments", + "is_disabled", + "updated_at" + ], + "title": "PublicIdentifierResponse" + }, "PublishReportPayload": { "properties": { "title": { @@ -25826,6 +30257,32 @@ ], "title": "QueryStringQuery" }, + "RansomLeakData": { + "properties": { + "type": { + "type": "string", + "const": "ransomleak", + "title": "Type", + "default": "ransomleak" + }, + "source": { + "type": "string", + "minLength": 1, + "title": "Source" + }, + "id": { + "type": "string", + "minLength": 1, + "title": "Id" + } + }, + "type": "object", + "required": [ + "source", + "id" + ], + "title": "RansomLeakData" + }, "RansomLeakEvent": { "properties": { "event_type": { @@ -27852,6 +32309,7 @@ "in_progress", "queued", "success", + "temporary_error", "error" ], "title": "SandboxSubmissionStatus" @@ -27863,6 +32321,7 @@ "malicious", "suspicious", "pending", + "temporary_error", "error", "not_applicable" ], @@ -27915,9 +32374,6 @@ "Scope": { "type": "string", "enum": [ - "authenticated", - "authenticated-sso", - "authenticated-mfa", "firework", "leaksdb", "astp-credentials", @@ -27927,7 +32383,6 @@ "do-not-track", "admin", "ratelimited", - "apikey", "bypass-mfa", "search-unrestricted", "private-endpoints", @@ -28217,6 +32672,9 @@ "blog_content", "profile", "leaked_credential", + "valid_credential", + "invalid_credential", + "mitigated_credential", "illicit_networks", "open_web", "domains", @@ -28506,6 +32964,45 @@ ], "title": "SecretQuery" }, + "SetBannerPayload": { + "properties": { + "organization_id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Organization Id" + }, + "tenant_id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Tenant Id" + }, + "message": { + "type": "string", + "title": "Message" + }, + "variant": { + "$ref": "#/components/schemas/BannerVariant" + } + }, + "type": "object", + "required": [ + "message", + "variant" + ], + "title": "SetBannerPayload" + }, "Severity": { "type": "string", "enum": [ @@ -29491,6 +33988,33 @@ ], "title": "TagPayload" }, + "TenantBanner": { + "properties": { + "tenant_id": { + "type": "integer", + "title": "Tenant Id" + }, + "tenant_name": { + "type": "string", + "title": "Tenant Name" + }, + "message": { + "type": "string", + "title": "Message" + }, + "variant": { + "$ref": "#/components/schemas/BannerVariant" + } + }, + "type": "object", + "required": [ + "tenant_id", + "tenant_name", + "message", + "variant" + ], + "title": "TenantBanner" + }, "TenantFlareCommunityIsEnabledResponse": { "properties": { "flare_community_enabled": { @@ -29696,6 +34220,18 @@ } ], "title": "Failed Validation Details" + }, + "last_synchronized_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Last Synchronized At" } }, "type": "object", @@ -30097,7 +34633,7 @@ "TestTenantIntegrationPayload": { "properties": { "params": { - "anyOf": [ + "oneOf": [ { "$ref": "#/components/schemas/EntraIDInputParams" }, @@ -30108,7 +34644,15 @@ "$ref": "#/components/schemas/OktaInputParams" } ], - "title": "Params" + "title": "Params", + "discriminator": { + "propertyName": "params_type", + "mapping": { + "entra_id": "#/components/schemas/EntraIDInputParams", + "flare_community": "#/components/schemas/ForetraceInputParams", + "okta": "#/components/schemas/OktaInputParams" + } + } } }, "type": "object", @@ -30125,6 +34669,166 @@ ], "title": "ThreadType" }, + "ThreatActorGroupEntityAPIResponse": { + "properties": { + "uuid": { + "type": "string", + "title": "Uuid" + }, + "type": { + "$ref": "#/components/schemas/EntityType" + }, + "name": { + "type": "string", + "title": "Name" + }, + "created_by": { + "type": "string", + "title": "Created By" + }, + "sources": { + "items": { + "$ref": "#/components/schemas/CTIEntitySourceAPIResponse" + }, + "type": "array", + "title": "Sources" + }, + "created_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Created At" + }, + "updated_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Updated At" + }, + "first_seen_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "First Seen At" + }, + "last_seen_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Last Seen At" + }, + "confidence": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Confidence" + }, + "description": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Description" + }, + "aliases": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Aliases" + }, + "goals": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Goals" + }, + "resource_level": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Resource Level" + }, + "primary_motivation": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Primary Motivation" + }, + "secondary_motivations": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Secondary Motivations" + }, + "marking_definitions": { + "items": { + "$ref": "#/components/schemas/MarkingDefinition" + }, + "type": "array", + "title": "Marking Definitions" + } + }, + "type": "object", + "required": [ + "uuid", + "type", + "name", + "created_by", + "sources", + "created_at", + "updated_at", + "description", + "aliases", + "goals", + "resource_level", + "primary_motivation", + "secondary_motivations", + "marking_definitions" + ], + "title": "ThreatActorGroupEntityAPIResponse" + }, "ThreatFlowReportDownloadFormat": { "type": "string", "enum": [ @@ -30649,26 +35353,140 @@ ], "title": "UpdateAuthorizationRequest" }, - "UpdateMatchingPolicyBody": { + "UpdateFeatureFlagPayload": { "properties": { "name": { - "type": "string", - "title": "Name", - "description": "The new name of the matching policy" + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Name" }, - "value": { + "active": { "anyOf": [ { - "$ref": "#/components/schemas/KeywordsValue" + "type": "boolean" }, { - "$ref": "#/components/schemas/LuceneValue" + "type": "null" + } + ], + "title": "Active" + }, + "description": { + "anyOf": [ + { + "type": "string" }, { - "$ref": "#/components/schemas/AstpCookiesValue" + "type": "null" } ], - "title": "Value", + "title": "Description" + } + }, + "type": "object", + "title": "UpdateFeatureFlagPayload" + }, + "UpdateFeatureFlagUserListPayload": { + "properties": { + "name": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Name" + }, + "members": { + "anyOf": [ + { + "items": { + "$ref": "#/components/schemas/StrategyMember" + }, + "type": "array" + }, + { + "type": "null" + } + ], + "title": "Members" + } + }, + "type": "object", + "title": "UpdateFeatureFlagUserListPayload" + }, + "UpdateFlareCommunityUserFeaturesRequest": { + "properties": { + "features": { + "items": { + "$ref": "#/components/schemas/Features" + }, + "type": "array", + "title": "Features" + } + }, + "type": "object", + "required": [ + "features" + ], + "title": "UpdateFlareCommunityUserFeaturesRequest" + }, + "UpdateGitlabFeatureFlagScopePayload": { + "properties": { + "id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Id" + }, + "environment_scope": { + "anyOf": [ + { + "$ref": "#/components/schemas/GitlabEnvironmentScope" + }, + { + "type": "null" + } + ] + }, + "_destroy": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "null" + } + ], + "title": "Destroy" + } + }, + "type": "object", + "title": "UpdateGitlabFeatureFlagScopePayload" + }, + "UpdateMatchingPolicyBody": { + "properties": { + "name": { + "type": "string", + "minLength": 1, + "title": "Name", + "description": "The new name of the matching policy" + }, + "value": { + "$ref": "#/components/schemas/PolicyValue", "description": "The new value of the matching policy depending on its type" } }, @@ -30841,6 +35659,72 @@ ], "title": "UpdateReportParameters" }, + "UpdateStrategyPayload": { + "properties": { + "strategy_type": { + "anyOf": [ + { + "$ref": "#/components/schemas/GitlabFeatureFlagStrategyName" + }, + { + "type": "null" + } + ] + }, + "scopes": { + "anyOf": [ + { + "items": { + "$ref": "#/components/schemas/UpdateGitlabFeatureFlagScopePayload" + }, + "type": "array" + }, + { + "type": "null" + } + ], + "title": "Scopes" + }, + "members": { + "anyOf": [ + { + "items": { + "$ref": "#/components/schemas/StrategyMember" + }, + "type": "array" + }, + { + "type": "null" + } + ], + "title": "Members" + }, + "user_list_id": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "User List Id" + }, + "_destroy": { + "anyOf": [ + { + "type": "boolean" + }, + { + "type": "null" + } + ], + "title": "Destroy" + } + }, + "type": "object", + "title": "UpdateStrategyPayload" + }, "UpdateTenantIntegrationPayload": { "properties": { "name": { @@ -30855,7 +35739,7 @@ "default": true }, "params": { - "anyOf": [ + "oneOf": [ { "$ref": "#/components/schemas/EntraIDInputParams" }, @@ -30866,7 +35750,15 @@ "$ref": "#/components/schemas/OktaInputParams" } ], - "title": "Params" + "title": "Params", + "discriminator": { + "propertyName": "params_type", + "mapping": { + "entra_id": "#/components/schemas/EntraIDInputParams", + "flare_community": "#/components/schemas/ForetraceInputParams", + "okta": "#/components/schemas/OktaInputParams" + } + } }, "status": { "anyOf": [ @@ -31065,7 +35957,8 @@ "iem.identity_sync", "iem.credentials_browser_bulk_validation", "advanced_security_mode", - "llm_recommendations" + "llm_recommendations", + "retain_audit_log_indefinitely" ], "title": "UserPermissions" }, @@ -31145,6 +36038,40 @@ ], "title": "ValidateByIDPActionParams" }, + "ValidateIntelTopicPayload": { + "properties": { + "topic": { + "type": "string", + "title": "Topic" + } + }, + "type": "object", + "required": [ + "topic" + ], + "title": "ValidateIntelTopicPayload" + }, + "ValidateIntelTopicResponse": { + "properties": { + "valid": { + "type": "boolean", + "title": "Valid" + }, + "violations": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Violations" + } + }, + "type": "object", + "required": [ + "valid", + "violations" + ], + "title": "ValidateIntelTopicResponse" + }, "ValidationError": { "properties": { "loc": { @@ -31185,6 +36112,122 @@ ], "title": "ValidationError" }, + "VulnerabilityEntityAPIResponse": { + "properties": { + "uuid": { + "type": "string", + "title": "Uuid" + }, + "type": { + "$ref": "#/components/schemas/EntityType" + }, + "name": { + "type": "string", + "title": "Name" + }, + "created_by": { + "type": "string", + "title": "Created By" + }, + "sources": { + "items": { + "$ref": "#/components/schemas/CTIEntitySourceAPIResponse" + }, + "type": "array", + "title": "Sources" + }, + "created_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Created At" + }, + "updated_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Updated At" + }, + "first_seen_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "First Seen At" + }, + "last_seen_at": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Last Seen At" + }, + "confidence": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ], + "title": "Confidence" + }, + "description": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Description" + }, + "marking_definitions": { + "items": { + "$ref": "#/components/schemas/MarkingDefinition" + }, + "type": "array", + "title": "Marking Definitions" + } + }, + "type": "object", + "required": [ + "uuid", + "type", + "name", + "created_by", + "sources", + "created_at", + "updated_at", + "description", + "marking_definitions" + ], + "title": "VulnerabilityEntityAPIResponse" + }, "WebhookBasicAuth": { "properties": { "username": { @@ -31203,6 +36246,77 @@ ], "title": "WebhookBasicAuth" }, + "WhoisRdapInfo": { + "properties": { + "registrar": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Registrar" + }, + "contact_email": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "null" + } + ], + "title": "Contact Email" + }, + "epp_status": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Epp Status" + }, + "registered_date": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Registered Date" + }, + "updated_date": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Updated Date" + }, + "expires_date": { + "anyOf": [ + { + "type": "string", + "format": "date-time" + }, + { + "type": "null" + } + ], + "title": "Expires Date" + } + }, + "type": "object", + "title": "WhoisRdapInfo" + }, "pyro__entities__domain__profile__sort_type__SortType": { "type": "string", "enum": [ @@ -31212,6 +36326,16 @@ ], "title": "SortType" }, + "pyro__entities__identities__identity_browser_sort_type__SortType": { + "type": "string", + "enum": [ + "severity", + "name", + "email", + "last_seen_at" + ], + "title": "SortType" + }, "pyro__entities__identities__profile__sort_type__SortType": { "type": "string", "enum": [ diff --git a/docs/api-reference/v4/endpoints/credential-actions.mdx b/docs/api-reference/v4/endpoints/credential-actions.mdx new file mode 100644 index 0000000..d6ae0ea --- /dev/null +++ b/docs/api-reference/v4/endpoints/credential-actions.mdx @@ -0,0 +1,31 @@ +--- +title: "Credential actions (ignore, remediate, etc.)" +api: "POST https://api.flare.io/firework/v4/credentials/actions" +authMethod: "bearer" +--- + +Apply an action to a list of credentials (ignore, remediate, etc.). + +## Body parameters + + + The action applied to Credentials. + + + + `ignore` + `remediate` + `unignore` + `unremediate` + + + + + + + List of targets where the action applied (max 100). + + + + + \ No newline at end of file diff --git a/docs/docs.json b/docs/docs.json index 22f0c62..182ca0a 100644 --- a/docs/docs.json +++ b/docs/docs.json @@ -85,6 +85,7 @@ "api-reference/v4/endpoints/expand-event-field", "api-reference/v2/endpoints/activities/get-fireworkv2activities--ai_assistance", "api-reference/v4/endpoints/event-actions", + "api-reference/v4/endpoints/credential-actions", "api-reference/v4/endpoints/public/update-tenant-metadata" ] },