post
/public_api/v1/get_risk_score
Retrieve the risk score of a specific user or endpoint in your environment, along with the reason for the score.
Required license: Identity Threat Module
CURL
curl -X POST \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
"https://api-yourfqdn/public_api/v1/get_risk_score" \
-d '{
"request_data" : {
"id" : "id"
}
}'
Request
Body
optional
Example:
{"request_data":{"id":""}}
request_data
optional
A dictionary containing the API request fields.
id
required
String
Unique ID of a specific user or endpoint.
- User ID should be in the following format:
netBIOS/samAccount
- Endpoint ID is the Cortex Agent ID. You can only request one ID at a time.
Responses