Get All Websites

Cortex Xpanse REST API

post /public_api/v1/assets/get_external_websites

Get a complete or filtered list of your public-facing websites.

Required License: Cortex Xpanse Expander

CURL
curl -X POST \ -H "Accept: application/json" \ -H "Content-Type: application/json" -H "authorization: authorization_example" -H "x-xdr-auth-id: xXdrAuthId_example" \ "https://api-yourfqdn/public_api/v1/assets/get_external_websites" \ -d '{ "request_data" : { "search_from" : 0, "next_page_token" : "next_page_token", "filters" : [ { "field" : "host", "value" : [ "value", "value" ], "operator" : "contains/not_contains" }, { "field" : "host", "value" : [ "value", "value" ], "operator" : "contains/not_contains" } ], "sort" : { "field" : "http_type", "keyword" : "ASC" }, "search_to" : 6, "use_page_token" : true } }'
Request headers
authorization
required
String
api_key
Example: authorization_example
x-xdr-auth-id
required
String
api_key_id
Example: xXdrAuthId_example
Request
Body
optional
Example: {"request_data":{"filters":[{"field":"host","operator":"contains/not_contains","value":"string"}],"search_from":0,"search_to":0,"sort":{"field":"http_type","keyword":"ASC"},"use_page_token":true,"next_page_token":"string"}}
request_data
required

A dictionary containing the API request fields.

An empty dictionary returns all results.

filters
optional
Array
Array of filter fields. Each JSON object must contain a field, operator, and value.
field
required
String (Enum)

String that identifies the external service field the filter is matching. Filters are based on the following case-sensitive keywords:

  • host
  • is_active
  • technology_ids
  • provider_names
  • site_categories
  • active_service_ids
  • ips
  • tags
  • http_type
  • third_party_script_domains
  • authentication
Allowed values:
host
is_active
technology_ids
provider_names
site_categories
active_service-ids
ips
tags
http_type
third_party_script_domains
authentication
operator
required
String (Enum)

String that identifies the comparison operator you want to use for this filter. Valid operator keywords and corresponding filter fields are:

  • contains/not_contains- used with http_type, provider_names, site_categories
  • eq/ne - used with host, authentication
  • in - used with is_active, http_type, tags, active_service_ids, ips, third_party_script_domains, technology_ids
Allowed values:
contains/not_contains
eq/neq
in
value
required
Array of strings

Value that the filter must match. The contents of this field will differ depending on the website field that you specified for this filter:

  • host - string
  • is_active - values are yes or no
  • technology_ids - list of strings
  • provider_names - string
  • site_categories - string
  • active_service_ids - list of strings
  • ips - list of strings
  • tags - list of strings
  • http_type - values are http_only, http_that_redirects_to_https, https_only
  • third_party_script_domains - list of strings
  • authentication - string
search_from
optional
Integer

An integer representing the start offset index of results

Default value - 0

search_to
optional
Integer

An integer representing the start offset index of results. Use this field to specify the number of results on a page when using page token pagination.

Default value - 500

sort
optional
Identifies the sort order for the result set. Values are case sensitive. The default sort is defined as is_active and ASC.
field
optional
String (Enum)

Valid values are:

  • http_type
  • first_observed
  • last_observed
Allowed values:
http_type
first_observed
last_observed
keyword
optional
String (Enum)

Valid values are:

  • ASC - ascending order
  • DESC - descending order ASC is the default.
Allowed values:
ASC
DESC
use_page_token
optional
Boolean
Use "use_page_token":true in the initial request to paginate the response data. Sort is not supported when using the use_page_token/next_page_token fields.
next_page_token
optional
String
If "use_page_token":true was included in the initial request, the response for that request will include a page token. Use "next_page_token":"string" to pass that page token into the next request to paginate the next set of data.
Responses

OK

Body
reply
optional
total_count
optional
Integer
result_count
optional
Integer
websites
optional
Array
website_id
optional
String
host
optional
String
protocol
optional
String
is_active
optional
String
site_categories
optional
Array of objects
technology_ids
optional
Array of strings
first_observed
optional
Integer
last_observed
optional
Integer
provider_names
optional
Array of strings
ips
optional
Array of strings
port
optional
Integer
active_service_ids
optional
Array of strings
http_type
optional
String
third_party_script_domains
optional
Array of objects
security_assessments
optional
Array
name
optional
String
priority
optional
Integer
score
optional
Integer
securityAssessmentDetails
optional
pages
optional
Array
url
optional
String
message
optional
String
elements
optional
Array of objects
description
optional
String
authentication
optional
Array of strings
rootPageHttpStatusCode
optional
String
isNonConfiguredHost
optional
Boolean
externally_inferred_vulnerability_score
optional
Number
externally_inferred_cves
optional
Array of strings
tags
optional
Array of strings

Bad Request. Got an invalid JSON.

Body
The query result upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.

Body
The query result upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. User does not have the required license type to run this API.

Body
The query result upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.

Body
The query result upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Internal server error. A unified status for API communication type errors.

Body
The query result upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.