PingIntelligence

ABS REST API format

API Behavioral Security (ABS) provides external REST APIs.

External REST APIs are used to access JavaScript Object Notation (JSON) reports providing deep insight into the following:

  • Attack Forensics and Compliance Reporting – attacks and anomalous behavior on APIs.

  • API Metrics – API client and traffic details.

  • Administrative – ABS system information.

  • API Security Enforcer – decoy API, blocked connections, flow control, and backend error reporting.

A REST client can securely query each ABS API and receive data back in JSON format. REST client program options include using:

  • Postman App for Google Chrome browser.

  • Java, Python, C Sharp, or similar languages.

  • Java client program (for example, Jersey).

  • C sharp client program (for example, RestSharp).

The diagram shows the process for a REST API client to connect to an ABS API.

Diagram process for REST API client to connect to an ABS API as described in the text.

ABS API query format

ABS API offers a common format with a consistent syntax for request parameters. Detailed information and format of all ABS REST APIs are included in ABS external REST APIs.

Query parameters for most APIs are shown in the table below:

Field Description

api_name

The API name to query for results.

earlier_date

The time to check for results going back in time. For example, to check results from April, 10, 6:00 p.m. to April, 14, 3:00 p.m., the earlier_date would be April, 10, 6:00 p.m.

later_date

The time to check the results back in time. For example, to check results from April 10 , 6:00 p.m. to April, 14, 3:00 p.m., the later_date would be April, 14, 6:00 p.m.

The following access_key and secret_key are the keys that were defined in the abs_init.js file.

The ":" (colon) is a restricted character and cannot be used in access and secret key.

  • x-abs-ak and x-abs-ak-ru: access_key

  • x-abs-sk and x-abs-sk-ru: secret_key

The start and end time are based on the log file data, that is, the local time where data was captured and not of the location where results are analyzed.