API docs by Redocly

InsightVM Cloud Integrations API (Localhost)

Download OpenAPI specification:Download

License: Rapid7

Overview

This guide documents the InsightVM Cloud Integrations Application Programming Interface (API). This API supports the Representation State Transfer (REST) design pattern. See Insight Platform API Overview for an overview of all Insight Platform APIs.

Versioning

Versioning is specified in the URL and the base path of this API is:

https://{region}.api.insight.rapid7.com/vm/{version}/

Version numbers are numerical and prefixed with the letter "v", such as "v4".

The region indicates the geo-location of the Insight Platform desired:

Code Region
us United States
eu Europe
ca Canada
au Australia
ap Japan

Authorization

Authorization requires a token header X-Api-Key and can be generated from the Insight Platform key management page. See Insight Platform API Key for more details.

Media Types

Unless noted otherwise this API accepts and produces the application/json and application/xml media types. Unless otherwise indicated, the default request body media type is application/json.

Verbs and Responses

The following HTTP operations are supported throughout this API. The general usage of the operation and both its failure and success status codes are outlined below.

Verb
 Usage Success Failure
GET Used to retrieve a resource by identifier, or a collection of resources by type. 200 400, 401, 402, 404, 405, 408, 410, 415, 500
POST Creates a resource with an application-specified identifier. 201 400, 401, 404, 405, 408, 413, 415, 500
POST Performs a request to queue an asynchronous job. 202 400, 401, 405, 408, 410, 413, 415, 500
PUT Creates a resource with a client-specified identifier. 200 400, 401, 403, 405, 408, 410, 413, 415, 500
PUT Performs a full update of a resource with a specified identifier. 201 400, 401, 403, 405, 408, 410, 413, 415, 500
DELETE Deletes a resource by identifier or an entire collection of resources. 204 400, 401, 405, 408, 410, 413, 415, 500
OPTIONS Requests what operations are available on a resource. 200 401, 404, 405, 408, 500

Formats

Dates & Times

Dates and/or times are specified as strings in the ISO 8601 format(s). The following formats are supported as input:

Value Format Notes
Date YYYY-MM-DD Defaults to 12 am UTC (if used for a date & time
Date & time only YYYY-MM-DD'T'hh:mm:ss[.nnn] Defaults to UTC
Date & time in UTC YYYY-MM-DD'T'hh:mm:ss[.nnn]Z
Date & time w/ offset YYYY-MM-DD'T'hh:mm:ss[.nnn][+|-]hh:mm
Date & time w/ zone-offset YYYY-MM-DD'T'hh:mm:ss[.nnn][+|-]hh:mm[]

Timezones

Timezones are specified in the regional zone format, such as "America/Los_Angeles", "Asia/Tokyo", or "GMT".

Paging

Pagination may be supported on collection resources using a combination of two query parameters, page and size. The page parameter dictates the zero-based index of the page to retrieve, and the size indicates the size of the page.

For example, /resources?page=2&size=10 will return page 3, with 10 records per page, giving results 21-30.

The maximum page size for a request is 500.

Some paginated endpoints may supported "cursored" pages, allowing for a guaranteed consistent view of data across page boundaries. Cursored page requests support a consistent, sequential way to access data across pages. Only if this option is used are you guaranteed that you will read a record once and only once in any page ("repeatable read"). The cursor property is used to follow the same chain of paginated requests from page to page. Each request will change the value of the next cursor to use on the subsequent page, and may only be used to iterate sequentially through pages. Cursors are stateless (results may shift across page boundaries while they are being read as data updates) unless otherwise noted.

The response to a paginated request follows the format:

{
   data": [ 
      ... 
   ],
   "metadata": { 
      "number": ...,
      "size": ...,
      "sort": ...,
      "totalResources": ...,
      "totalPages": ...,
      "cursor": ...
   },
   "links": [ 
      "first" : {
         "href" : "..."
       },
       "prev" : {
         "href" : "..."
       },
       "self" : {
         "href" : "..."
       },
       "next" : {
         "href" : "..."
       },
       "last" : {
         "href" : "..."
       } 
   ]
}

The data property is an array of the resources being retrieved from the endpoint, each which should contain at minimum a "self" relation hypermedia link. The metadata property outlines the details of the current page and total possible pages. The object for the page includes the following properties:

  • number - The page number (zero-based) of the page returned.
  • size - The size of the pages, which is less than or equal to the maximum page size.
  • totalResources - The total amount of resources available across all pages.
  • totalPages - The total amount of pages.
  • cursor - An optional cursor for "cursored" page requests

The last property of the paged response is the links array, which contains all available hypermedia links. For paginated responses, the "self", "next", "previous", "first", and "last" links are returned. The "self" link must always be returned and should contain a link to allow the client to replicate the original request against the collection resource in an identical manner to that in which it was invoked.

The "next" and "previous" links are present if either or both there exists a previous or next page, respectively. The "next" and "previous" links have hrefs that allow "natural movement" to the next page, that is all parameters required to move the next page are provided in the link. The "first" and "last" links provide references to the first and last pages respectively. If the page is "cursored" the cursor is automatically incorporated into the pagination links.

Sorting

Sorting is supported on paginated resources with the sort query parameter(s). The sort query parameter(s) supports identifying a single or multi-property sort with a single or multi-direction output. The format of the parameter is:

sort=property[,ASC|DESC]...

Therefore, the request /resources?sort=name,title,DESC would return the results sorted by the name and title descending, in that order. The sort directions are either ascending ASC or descending DESC. With single-order sorting, all properties are sorted in the same direction. To sort the results with varying orders by property, multiple sort parameters are passed.

For example, the request /resources?sort=name,ASC&sort=title,DESC would sort by name ascending and title descending, in that order.

Responses

The following response statuses may be returned by this API.

Status Meaning Usage
200 OK The operation performed without error according to the specification of the request, and no more specific 2xx code is suitable.
201 Created A create request has been fulfilled and a resource has been created. The resource is available as the URI specified in the response, including the Location header.
202 Accepted An asynchronous task has been accepted, but not guaranteed, to be processed in the future.
400 Bad Request The request was invalid or cannot be otherwise served. The request is not likely to succeed in the future without modifications.
401 Unauthorized The user is unauthorized to perform the operation requested, or does not maintain permissions to perform the operation on the resource specified.
403 Forbidden The resource exists to which the user has access, but the operating requested is not permitted.
404 Not Found The resource specified could not be located, does not exist, or an unauthenticated client does not have permissions to a resource.
405 Method Not Allowed The operations may not be performed on the specific resource. Allowed operations are returned and may be performed on the resource.
408 Request Timeout The client has failed to complete a request in a timely manner and the request has been discarded.
413 Request Entity Too Large The request being provided is too large for the server to accept processing.
415 Unsupported Media Type The media type is not supported for the requested resource.
500 Internal Server Error An internal and unexpected error has occurred on the server at no fault of the client.

Errors

Any error responses can provide a response body with a message to the client indicating more information (if applicable) to aid debugging of the error. All 4xx and 5xx responses will return an error response in the body. The format of the response is as follows:

{
   "status": <statusCode>,
   "message": <message>,
   "localized_message": <message>,
   "links" : [ {
      "rel" : "...",
      "href" : "..."
    } ]
}

The status property is the same as the HTTP status returned in the response, to ease client parsing. The message property is a localized message in the request client's locale (if applicable) that articulates the nature of the error. The last property is the links property.

Security

The response statuses 401, 403 and 404 need special consideration for security purposes. As necessary, error statuses and messages may be obscured to strengthen security and prevent information exposure. The following is a guideline for privileged resource response statuses:

Use Case Access Resource Permission Status
Unauthenticated access to an unauthenticated resource. Unauthenticated Unauthenticated Yes 20x
Unauthenticated access to an authenticated resource. Unauthenticated Authenticated No 401
Unauthenticated access to an authenticated resource. Unauthenticated Non-existent No 401
Authenticated access to a unauthenticated resource. Authenticated Unauthenticated Yes 20x
Authenticated access to an authenticated, unprivileged resource. Authenticated Authenticated No 404
Authenticated access to an authenticated, privileged resource. Authenticated Authenticated Yes 20x
Authenticated access to an authenticated, non-existent resource Authenticated Non-existent Yes 404

Headers

Commonly used response headers include:

Header Example Purpose
Allow OPTIONS, GET Defines the allowable HTTP operations on a resource.
Cache-Control no-store, must-revalidate Disables caching of resources (as they are all dynamic).
Content-Encoding gzip The encoding of the response body (if any).
Location Refers to the URI of the resource created by a request.
Transfer-Encoding chunked Specified the encoding used to transform response.
Retry-After 5000 Indicates the time to wait before retrying a request.
X-Content-Type-Options nosniff Disables MIME type sniffing.
X-XSS-Protection 1; mode=block Enables XSS filter protection.
X-Frame-Options SAMEORIGIN Prevents rendering in a frame from a different origin.
X-UA-Compatible IE=edge,chrome=1 Specifies the browser mode to render in.

Format

When application/json is returned in the response body it is always pretty-printed (indented, human readable output). Additionally, gzip compression/encoding is supported on all responses.

Dates & Times

Dates or times are returned as strings in the ISO 8601 'extended' format. When a date and time is returned (instant) the value is converted to UTC.

For example:

Value Format Example
Date YYYY-MM-DD 2017-12-03
Date & Time YYYY-MM-DD'T'hh:mm:ss[.nnn]Z 2017-12-03T10:15:30Z

Discovery

Endpoints to discover available resources and operations in this API.

Health

Endpoints to monitor service health and quality.

Health Check

Returns an indicator of the health of the API.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

Responses

Response samples

Content type
application/json

Healthy service response

{
  • "components": null,
  • "status": "UP",
  • "summary": null
}

Asset

Resources and operations for managing assets.

Search Assets

Returns the inventory, assessment, and summary details for a page of assets. Only assets which the caller has access to are returned. If using the comparisonTime parameter, the recommended page size is 50.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

query Parameters
cursor
string
Example: cursor=1549252222:::_S:::e3902e81-dcc3-37e2-981f-3ebc334f7122-default-asset-1158888

The stateless cursor to retrieve the next page of resources.

currentTime
string
Example: currentTime=2019-04-02T08:17:56.321Z

The current date and time to compare against the asset state to detect changes. If specified, changes in vulnerabilities from this timestamp since the comparison time are calculated and output in the response. If not provided, defaults to the time of request.

comparisonTime
string
Example: comparisonTime=2018-11-09T08:17:56.321Z

The date and time to compare the asset current state against to detect changes. If specified, changes in vulnerabilities from this timestamp to the current time are calculated and output in the response. If not provided, defaults to the current time value.

includeSame
boolean
Example: includeSame=false

Whether the response should include the list of already-existing vulnerabilities on an asset.

includeUniqueIdentifiers
boolean
Example: includeUniqueIdentifiers=true

Whether the response should include unique identifiers.

page
integer
Example: page=0

The index of the page (zero-based) to retrieve.

size
integer
Example: size=50

The number of records per page to retrieve.

sort
string <<property>[,ASC|DESC]>
Example: sort=id,ASC

The criteria to sort the records by, in the format: <property>[,ASC|DESC]. The default sort order is ascending. Multiple sort criteria can be specified using multiple sort query parameters.

Request Body schema: application/json

Search query for filtering assets and vulnerabilities on assets.

asset
string

Search criteria for filtering assets returned.

vulnerability
string

Search criteria for filtering vulnerabilities returned on each matching asset.

Responses

Request samples

Content type
application/json

Searching recently scanned assets with critical or severe vulnerabilities.

{
  • "asset": "last_scan_end > 2019-09-04T23:16:57.903Z",
  • "vulnerability": "severity IN ['Critical', 'Severe']"
}

Response samples

Content type

A page of assets matching a search filter.

{
  • "data": [
    ],
  • "metadata": {
    },
  • "links": []
}

Get Asset

Returns the assessment and details of an asset (specified by id). Only assets which the caller has access to can be returned.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

id
required
string
Example: 28504

The identifier of the asset to retrieve the details for.

query Parameters
currentTime
string
Example: currentTime=2019-04-02T08:17:56.321Z

The current date and time to compare the asset state against to detect changes. If specified, changes in vulnerabilities from this timestamp since the comparison time are calculated and output in the response. If not provided, defaults to the time of request.

comparisonTime
string
Example: comparisonTime=2018-11-09T08:17:56.321Z

The date and time to compare the current asset state against to detect changes. If specified, changes in vulnerabilities from this timestamp to the current time are calculated and output in the response. If not provided, defaults to the current time value.

includeSame
boolean
Example: includeSame=false

Whether the response should include the list of already-existing vulnerabilities on an asset.

includeUniqueIdentifiers
boolean
Example: includeUniqueIdentifiers=true

Whether the response should include asset unique identifiers in the response.

Responses

Response samples

Content type

The details of an asset.

{
  • "assessed_for_policies": false,
  • "assessed_for_vulnerabilities": true,
  • "critical_vulnerabilities": 16,
  • "exploits": 24,
  • "host_name": "host.domain.com",
  • "id": "12344375-34a7-40d3-9821-90db0b5cc90e-default-asset-7912",
  • "ip": "10.1.0.128",
  • "last_assessed_for_vulnerabilities": "2019-02-14T21:19:41.090Z",
  • "last_scan_end": "2019-02-14T21:19:41.090Z",
  • "last_scan_start": "2019-02-14T21:05:35.014Z",
  • "mac": "00:50:56:8B:62:45",
  • "malware_kits": 1,
  • "moderate_vulnerabilities": 31,
  • "os_architecture": "",
  • "os_description": "Microsoft Windows Server 2008 R2, Standard Edition SP1",
  • "os_family": "Windows",
  • "os_name": "Windows Server 2008 R2, Standard Edition",
  • "os_system_name": "Microsoft Windows",
  • "os_type": "General",
  • "os_vendor": "Microsoft",
  • "os_version": "SP1",
  • "risk_score": 74621.5625,
  • "severe_vulnerabilities": 229,
  • "tags": [
    ],
  • "total_vulnerabilities": 276,
  • "type": "guest",
  • "new": [ ],
  • "remediated": [ ]
}

Scan

Resources and operations for managing scans.

Get Scans

Retrieves a page of scans.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

query Parameters
includeDetails
boolean
Default: false
Example: includeDetails=true

Whether the response should include additional details about scans.

page
integer
Example: page=0

The index of the page (zero-based) to retrieve.

size
integer
Example: size=50

The number of records per page to retrieve.

Responses

Response samples

Content type
application/json

A page of scans.

{
  • "data": [
    ],
  • "metadata": {
    },
  • "links": []
}

Start Scan

Starts a scan.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

Request Body schema: application/json

Input resource for starting a new scan.

asset_ids
Array of strings unique

The identifiers of the assets to scan.

credential_sources
Array of strings unique

The names of the sites on the Nexpose console to pull asset credentials from.

engine_ids
Array of strings unique

The identifiers of the engines to use for the scan.

exclusions
object (ScanForm) Recursive

The payload for starting a scan.

name
string

The name of the scan.

result_consumer
string

The name of the site on the Nexpose console used to ingest the scanned assets.

solution_ids
Array of strings unique

The identifiers of the solutions used to reduce the scope of the scan.

start_time
string

The time at which to start the scan.

vulnerability_ids
Array of strings unique

The identifiers of the vulnerabilities used to reduce the scope of the scan.

Responses

Request samples

Content type
application/json
{
  • "asset_ids": [
    ],
  • "credential_sources": [
    ],
  • "engine_ids": [
    ],
  • "exclusions": { },
  • "name": "string",
  • "result_consumer": "string",
  • "solution_ids": [
    ],
  • "start_time": "string",
  • "vulnerability_ids": [
    ]
}

Response samples

Content type
application/json

The identifier of the newly started scan.

{
  • "scans": [
    ],
  • "unscanned_assets": [
    ]
}

Get Scan Engines

Retrieves a page of scan engines.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

query Parameters
page
integer
Example: page=0

The index of the page (zero-based) to retrieve.

size
integer
Example: size=50

The number of records per page to retrieve.

Responses

Response samples

Content type
application/json

A page of scan engines.

{
  • "data": [
    ],
  • "metadata": {
    },
  • "links": []
}

Get Scan Engine

Retrieves the scan engine with the specified identifier.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

id
required
string
Example: 6c384978-3545-455b-a69a-afa6e8cbd2dd

The identifier of the scan engine to retrieve.

Responses

Response samples

Content type
application/json

Retrieving scan engine with identifier "6c384978-3545-455b-a69a-afa6e8cbd2dd".

{
  • "id": "6c384978-3545-455b-a69a-afa6e8cbd2dd",
  • "host_name": "127.0.0.1",
  • "status": "HEALTHY",
  • "last_seen": "2021-03-02T22:29:05.006Z",
  • "registered": "2020-09-11T18:36:49.973Z",
  • "name": "Scan Engine Example Name",
  • "profile": {
    }
}

Update Scan Engine Configuration

Updates the custom properties configuration of a scan engine with the specified identifier. May require engine restart before taking effect. Care should be taken when setting custom properties. If you are not familiar with custom properties we recommend contacting Rapid7 Support for assistance.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

id
required
string
Example: 6c384978-3545-455b-a69a-afa6e8cbd2dd

The identifier of the scan engine to update.

Request Body schema: application/json

A list of key-value pair objects with the custom properties name and parameter values specified.

Array of objects (Scan Engine Properties Input)

The properties to apply to the engine payload.

Responses

Request samples

Content type
application/json

Sample request body to update a scan engine configuration properties.

{
  • "properties": [
    ]
}

Response samples

Content type
application/json

Updating the configuration of the scan engine with identifier "6c384978-3545-455b-a69a-afa6e8cbd2dd".

{
  • "message": "A response message"
}

Remove Scan Engine Configuration Property

Removes specified custom properties from the configuration of the scan engine with the specified identifier if applied. May require engine restart before taking effect. Care should be taken when setting custom properties. If you are not familiar with custom properties we recommend contacting Rapid7 Support for assistance.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

id
required
string
Example: 6c384978-3545-455b-a69a-afa6e8cbd2dd

The identifier of the scan engine to update.

Request Body schema: application/json

List of property names to remove from the scan engine configuration.

properties
Array of strings

List of property names to remove from a scan engine.

Responses

Request samples

Content type
application/json

Sample request body to remove a scan engine configuration property.

{
  • "properties": [
    ]
}

Response samples

Content type
application/json

Removing custom properties from the scan engine with identifier "6c384978-3545-455b-a69a-afa6e8cbd2dd".

{
  • "message": "A sample message"
}

Get Scan

Retrieves the scan with the specified identifier.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

id
required
string
Example: bcc3fd8f-7bb6-41cc-a52f-4046c8742bf0

The identifier of the scan to retrieve.

query Parameters
includeDetails
boolean
Default: false
Example: includeDetails=true

Whether the response should include additional details about the scan.

Responses

Response samples

Content type
application/json

Retrieving scan with identifier "bcc3fd8f-7bb6-41cc-a52f-4046c8742bf0".

{
  • "id": "bcc3fd8f-7bb6-41cc-a52f-4046c8742bf0",
  • "name": "Scan API Example Name",
  • "engine_id": "b177d730-5cde-468a-89a4-2c5b9d26b465",
  • "status": "Success",
  • "started": "2020-05-12T09:00:12.199Z",
  • "finished": "2020-05-12T09:08:54.404Z"
}

Stop Scan

Stops the scan with the specified identifier.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

id
required
string
Example: bcc3fd8f-7bb6-41cc-a52f-4046c8742bf0

The identifier of the scan to stop.

Responses

Response samples

Content type

Example response with a Bad Request (400) status.

{
  • "status": 400,
  • "localized_message": "A request body must be provided.",
  • "message": "Required request body is missing."
}

Site

Resources and operations for managing sites.

List Sites

Returns the details for sites.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

query Parameters
cursor
string
Example: cursor=1549252222:::_S:::e3902e81-dcc3-37e2-981f-3ebc334f7122-default-asset-1158888

The stateless cursor to retrieve the next page of resources.

page
integer
Example: page=0

The index of the page (zero-based) to retrieve.

size
integer
Example: size=50

The number of records per page to retrieve.

sort
string <<property>[,ASC|DESC]>
Example: sort=id,ASC

The criteria to sort the records by, in the format: <property>[,ASC|DESC]. The default sort order is ascending. Multiple sort criteria can be specified using multiple sort query parameters.

Responses

Response samples

Content type

The details for all sites.

{}

Vulnerability

Resources and operations for viewing vulnerability data.

Search Vulnerabilities

Returns all vulnerabilities that can be assessed.

Authorizations:
api-key
path Parameters
region
required
string (Region)
Enum: "us" "us2" "us3" "eu" "ca" "au" "ap"
Example: us

The region of the Insight Platform to use. See Overview for more information.

query Parameters
cursor
string
Example: cursor=1549252222:::_S:::e3902e81-dcc3-37e2-981f-3ebc334f7122-default-asset-1158888

The stateless cursor to retrieve the next page of resources.

page
integer
Example: page=0

The index of the page (zero-based) to retrieve.

size
integer
Example: size=50

The number of records per page to retrieve.

sort
string <<property>[,ASC|DESC]>
Example: sort=id,ASC

The criteria to sort the records by, in the format: <property>[,ASC|DESC]. The default sort order is ascending. Multiple sort criteria can be specified using multiple sort query parameters.

Request Body schema: application/json

Search criteria for finding vulnerabilities.

vulnerability
string

Search expression with criteria for searching on vulnerabilities.

Responses

Request samples

Content type
application/json

Searching vulnerabilities by last modified date.

{
  • "vulnerability": "modified > 2020-01-01T00:00:00Z"
}

Response samples

Content type

Retrieving a page of vulnerabilities by last modified date.

{}