Get External Application details by ID

Cortex XSIAM Platform APIs
get /platform/integration/v1/external-application/{application_type}/id/{application_id}

Retrieves an external application and returns its attributes. The meaning behind all attributes in this response could be found in the ExternalApplication schema.

Path parameters
application_id String required

The unique identifier of the application.
Example: e94fbc98-3053-6506-876b-f809f344f118
application_type String required

The application type of the specified application
Example: webhook
CLIENT REQUEST
curl -X 'GET'
-H 'Accept: application/json'
'https://api-cortex.paloaltonetworks.com/platform/integration/v1/external-application/{application_type}/id/{application_id}'
import http.client conn = http.client.HTTPSConnection("api-") conn.request("GET", "%7Bfqdn%7D/platform/integration/v1/external-application/webhook/id/e94fbc98-3053-6506-876b-f809f344f118") res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
require 'uri' require 'net/http' require 'openssl' url = URI("https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/webhook/id/e94fbc98-3053-6506-876b-f809f344f118") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_NONE request = Net::HTTP::Get.new(url) response = http.request(request) puts response.read_body
const data = null; const xhr = new XMLHttpRequest(); xhr.withCredentials = true; xhr.addEventListener("readystatechange", function () { if (this.readyState === this.DONE) { console.log(this.responseText); } }); xhr.open("GET", "https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/webhook/id/e94fbc98-3053-6506-876b-f809f344f118"); xhr.send(data);
HttpResponse<String> response = Unirest.get("https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/webhook/id/e94fbc98-3053-6506-876b-f809f344f118") .asString();
import Foundation let request = NSMutableURLRequest(url: NSURL(string: "https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/webhook/id/e94fbc98-3053-6506-876b-f809f344f118")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "GET" let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume()
<?php $curl = curl_init(); curl_setopt_array($curl, [ CURLOPT_URL => "https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/webhook/id/e94fbc98-3053-6506-876b-f809f344f118", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => "", CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "GET", ]); $response = curl_exec($curl); $err = curl_error($curl); curl_close($curl); if ($err) { echo "cURL Error #:" . $err; } else { echo $response; }
CURL *hnd = curl_easy_init(); curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "GET"); curl_easy_setopt(hnd, CURLOPT_URL, "https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/webhook/id/e94fbc98-3053-6506-876b-f809f344f118"); CURLcode ret = curl_easy_perform(hnd);
var client = new RestClient("https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/webhook/id/e94fbc98-3053-6506-876b-f809f344f118"); var request = new RestRequest(Method.GET); IRestResponse response = client.Execute(request);
Responses

Application details retrieved successfully.

Body
application/json

Enumerates the various attributes of an external application response object

dataobject
application_idintegerint64

Unique identifier

namestring

Name of the application.

descriptionstring

Description of the application.

statusstring (Enum)

Current status of the application.

Default:"connected"
Allowed values:"connected""warning""disabled""error""in_progress""pending_authorization""authorization_failure""incomplete""pending"
created_atintegerint64

Timestamp when the application was created.

last_modified_bystring

Identifier of the user who created the app.

last_errorstring

Description summarizing that last known error for the given external application.

last_error_atintegerint64

Timestamp of the last error.

modified_atintegerint64

Timestamp of the last modification.

application_typestring (Enum)

The type of application instance.

Allowed values:"syslog""webhook""splunk""aws_sqs""aws_s3"
connection_configobject

Connection configuration based on application_type.

urlstringrequiredurl

webhook URL.

http_methodstring (Enum)
Default:"POST"
Allowed values:"POST""PUT"
headersobject

Custom HTTP headers to include.

hec_endpointstringrequiredurl

Splunk HTTP Event Collector (HEC) endpoint.

auth_tokenstringrequired

HEC authentication token.

queue_urlstringrequiredurl

The SQS queue destination URL.

access_keystring
secret_keystring
role_arnstring
connection_typestring (Enum)
Default:"ROLE_ARN"
Allowed values:"ROLE_ARN""ACCESS_KEY"
s3_uristringrequiredurl

Amazon S3 bucket URI

regionstringrequired

AWS region where the S3 bucket resides

role_arnstringrequired

Role ARN associated with the IAM role for S3 access

roll_up_intervalinteger (Enum)int32

Roll-up interval for metrics or data aggregation (in minutes)

Default:60
Allowed values:153060180
portintegerrequired
protocolstring (Enum)required
Allowed values:"UDP""TCP""TLS"
facilitystringrequired

Choose one of the syslog standard values. The value maps to how your syslog server uses the facility field to manage messages. For details on the facility field, see RFC 5424.

addressstringrequired

IP address or fully qualified domain name (FQDN) of the syslog server.

security_infoobject
certificate_namestring

When using TLS for communication between Cortex and the syslog server, Cortex validates that the syslog receiver has a certificate. Specify the certificate name here.

ignore_cert_errorsboolean

Whether to ignore certificate errors. For security reasons, this is not recommended. If you set this to true, logs will be forwarded even if the certificate contains errors.

certificate_contentstringbinary

Binary string of the certificate.

RESPONSE
{ "data": { "application_id": "e94fbc98-3053-6506-876b-f809f344f118", "name": "Test External Application 01", "description": "test description for the given external application", "status": "connected", "created_at": 1753918286, "last_modified_by": "john.doe@example.com", "modified_at": 1753918286, "application_type": "webhook", "connection_config": { "url": "https://webhook.site/305650415-aad3-45ac-9d92-2455105edb96", "http_method": "POST" }, "last_error": null, "last_error_at": null } }

Body
application/json
dataobject
err_msgstring

Error message describing the issue

metadataobject
err_extrastring

Additional error details

err_codeinteger

HTTP error code

RESPONSE
{ "data": { "err_msg": "The request contains invalid or missing parameters.", "metadata": { "err_extra": "External application with id 1bef0d93-e82e-40e5-852b-2ab0a98791b2 not found", "err_code": 400 } } }

Body
application/json
replyobject
err_msgstring
err_extrastring
err_codeinteger
RESPONSE
{ "reply": { "err_code": 401, "err_msg": "Public API request unauthorized", "err_extra": null } }

Body
application/json
replyobject
err_msgstring
err_extrastring
err_codeinteger
RESPONSE
{ "reply": { "err_code": 403, "err_msg": "Forbidden. Access was denied to this resource.", "err_extra": "Insufficient permissions for api key" } }