Get All Websites

Cortex Xpanse REST API

post /public_api/v1/assets/get_external_websites/

Required License: **Cortex Xpanse Expander**

Get a complete or filtered list of your public-facing websites.

CURL
curl -X POST \ -H "Accept: application/json" \ -H "Content-Type: application/json" -H "authorization: {{api_key}}" -H "x-xdr-auth-id: {{api_key_id}}" \ "https://api-}/public_api/v1/assets/get_external_websites/" \ -d '{ "request_data" : { "search_from" : 0, "next_page_token" : "next_page_token", "filters" : [ { "field" : "ips", "value" : "ExternalWebsitesFilter_value", "operator" : "in" }, { "field" : "ips", "value" : "ExternalWebsitesFilter_value", "operator" : "in" } ], "sort" : { "field" : "host", "keyword" : "asc" }, "search_to" : 0, "use_page_token" : true } }'
Request headers
authorization
required
String
api-key
Example: {{api_key}}
x-xdr-auth-id
required
String
api-key-id
Example: {{api_key_id}}
Request
Body
required
request_data
required
Object
A dictionary containing the API request fields. An empty dictionary returns all results.
filters
optional
Array of objects
Array of filter fields. Each JSON object must contain a field, operator, and value.
field
optional
String (Enum)

String that identifies the external service field the filter is matching. Filters are based on the following case-sensitive keywords:

  • host
  • is_active
  • technology_ids
  • provider_names
  • site_categories
  • active_service_ids
  • ips
  • tags
  • http_type
  • third_party_script_domains
  • authentication
Allowed values:
ips
technology_ids
http_type
is_active
provider_names
tags
active_service_ids
third_party_script_domains
host
authentication
site_categories
operator
optional
String (Enum)

String that identifies the comparison operator you want to use for this filter. Valid operator keywords and corresponding filter fields are:

  • contains/not_contains- used with http_type, provider_names, site_categories, authentication
  • eq/ne - used with ips, host
  • in - used with is_active, http_type, tags, active_service_ids, third_party_script_domains, technology_ids
Allowed values:
in
contains
eq
neq
not_contains
value
optional

Value that the filter must match. The contents of this field will differ depending on the website field that you specified for this filter:

  • host - string
  • is_active - values are yes or no
  • technology_ids - list of strings
  • provider_names - string
  • site_categories - string
  • active_service_ids - list of strings
  • ips - list of strings
  • tags - list of strings
  • http_type - values are http_only, http_that_redirects_to_https, https_only
  • third_party_script_domains - list of strings
  • authentication - string
search_from
optional
Integer
An integer representing the start offset index of results
Default value - 0
search_to
optional
Integer
An integer representing the start offset index of results. Use this field to specify the number of results on a page when using page token pagination.
Default value - 500
sort
optional
Object
Identifies the sort order for the result set. Values are case sensitive. The default sort is defined as is_active and ASC.
field
optional
String (Enum)

Valid values are:

  • host
  • first_observed
  • last_observed
Allowed values:
first_observed
host
last_observed
keyword
optional
String (Enum)

Valid values are:

  • ASC - ascending order
  • DESC - descending order ASC is the default.
Allowed values:
ASC
asc
DESC
desc
use_page_token
optional
Boolean
Use "use_page_token":true in the initial request to paginate the response data. Sort is not supported when using the use_page_token/next_page_token fields.
next_page_token
optional
String
If "use_page_token":true was included in the initial request, the response for that request will include a page token.
Use "next_page_token":"string" to pass that page token into the next request to paginate the next set of data.
Responses

OK

Body
reply
optional
Object
total_count
optional
Integer
result_count
optional
Integer
websites
optional
Array of objects
website_id
optional
String
host
optional
String
protocol
optional
String
is_active
optional
String
site_categories
optional
Array of strings
technology_ids
optional
Array of strings
first_observed
optional
Integer
last_observed
optional
Integer
provider_names
optional
Array of strings
ips
optional
Array of strings
port
optional
Integer
active_service_ids
optional
Array of strings
http_type
optional
String
third_party_script_domains
optional
Array of strings
security_assessments
optional
Array of objects
name
optional
String
priority
optional
Integer
score
optional
Integer
securityAssessmentDetails
optional
Object
pages
optional
Array of objects
url
optional
String
message
optional
String
elements
optional
Array of objects
name
optional
String
value
optional
String
description
optional
String
authentication
optional
Array of strings
rootPageHttpStatusCode
optional
String
isNonConfiguredHost
optional
Boolean
externally_inferred_vulnerability_score
optional
Number
externally_inferred_cves
optional
Array of strings
tags
optional
Array of strings
next_page_token
optional
String
This attribute is only returned if use_page_token is provided in the request with value true

Bad Request. Got an invalid JSON.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. User does not have the required license type to run this API.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unprocessable Entity

Body
code
optional
Integer
Error code
status
optional
String
Error name
message
optional
String
Error message
errors
optional
Object
Errors

Internal server error. A unified status for API communication type errors.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.