HuntressInstall

<!-- DO NOT LINT FOR FORMATTING, you will break how it appears on the docs site --><p><a href='https://www.huntress.com/terms-of-service'>© Huntress - All rights reserved</a></p><h1 id='introduction'>Introduction</h1><p>The Huntress API follows a RESTful pattern. Requests are made via resource-oriented URLs as described in this document and API responses are formatted as JSON data.</p><p>If you&#39;d like to request additional API endpoints or capabilities, <a href="https://feedback.huntress.com/">submit feedback</a> through our feedback portal.</p><h1 id='api-overview'>API Overview</h1><details> <summary><h2 id='authentication'>Authentication</h2></summary><div class="scalar-code-copy"><pre class="scalar-codeblock-pre"><code class="hljs language-curl"><span class="hljs-variable">$KEY</span> = </span><span class="hljs-built_in">echo </span><span class="hljs-string">"$HUNTRESS_PUBLIC_KEY:$HUNTRESS_PRIVATE_KEY"</span> | <span class="hljs-built_in">base64</span><span class="hljs-built_in">curl </span><span class="hljs-string">"https://api.huntress.io/v1/agents"</span> \ -H <span class="hljs-string">"Authorization: Basic $KEY"</span></code></pre></div><p>To begin, generate your API Key at <code>&lt;your_account_subdomain&gt;.huntress.io</code>. Once you are logged into your account on the Huntress site, check the dropdown menu at the top-right corner of the site header. You should see <code>API Credentials</code> among the options if your account has been granted access to the Huntress API. Click on the option to continue to the API Key generation page.</p><p>Once on the API Key generation page, click on the green Setup button to begin the process to generate your API Key. You will be redirected to a page where you will be prompted to generate your API Key. Click the Generate button to generate a public and private key pair for Huntress API access. The inputs on the page will be filled in with your access credentials once you have done so.</p><p><strong>Your API Private Key will only be visible at this stage of API Key generation. Be sure to save the value provided somewhere secure, as once you navigate away from this page, this value will no longer be accessible and you must regenerate your API credentials if your secret key value is lost.</strong></p><p>If necessary, you can repeat the process to regenerate your API credentials with a new API Key and API Secret Key on the same API Key generation page, at <code>&lt;your_account_subdomain&gt;.huntress.io/account/api_credentials</code>.</p><p>The Huntress API implements basic access authentication. Once you have your API Key and API Secret Key, provide these values as the result of a Base64 encoded string in every request to the Huntress API via the <code>Authorization</code> header. Your request header should look something like <code>Authorization: Basic [Base64Encode(&lt;your_api_key&gt;:&lt;your_api_secret_key&gt;)]</code>. Please refer to the code snippets for further examples.</p></details><details> <summary><h2 id='rate-limits'>Rate Limits</h2></summary><p>Every Huntress API account is rate limited to 60 requests per minute, on a sliding window. This means that no more than 60 requests can be made within a 60 second time interval between the first request and the last request.</p><p>For example, if request 1 is made at T0, request 2 is made at T5, and requests 3 through 60 are made at T10, making request 61 at T55 would result in a 429 error response. Making request 61 at T61 would succeed, however making request 62 at T61 would fail, at least until the time has passed T65, corresponding to a minute after request 2 was made.</p></details><details> <summary><h2 id='http-response-codes'>HTTP Response Codes</h2></summary><p>Huntress follows HTTP standards when delivering responses: a <code>2xx</code> response is a success, a <code>4xx</code> response indicates an issue with the client request, and a <code>5xx</code> response indicates an issue with Huntress servers.<br><br>Specific error codes are detailed in the following table:</p><table><thead><tr><th>Error Status Code</th><th>Details</th></tr></thead><tbody><tr><td>400</td><td>There is an unexpected value in the API request being made.</td></tr><tr><td>401</td><td>Your request could not be authenticated. Check that your API key is properly formatted and included in the <code>Authorization</code> header.</td></tr><tr><td>404</td><td>The requested resource is unavailable: either it doesn&#39;t exist, or your account does not hold correct permissions to access it.</td></tr><tr><td>429</td><td>You have made too many requests within the rate limit timeframe. See the previous section on <a href="#rate_limits">rate_limits</a> for details.</td></tr><tr><td>500</td><td><p>An error has occurred within Huntress servers.</p><p>You could retry the request, but if you encounter continued errors, please <a href="https://support.huntress.io">contact Support</a> with details of your error. If all traffic from Huntress is resulting in 500 responses, please check our <a href="https://huntressstatus.statuspage.io/">Huntress Status Page</a>.</p></td></tr></tbody></table></details><details> <summary><h2 id='pagination'>Pagination</h2></summary><p>Certain Huntress API endpoints utilize a <code>page_token</code> and <code>limit</code> parameter to specify a window location and size, respectively, to the resources currently being requested.<br><br>Each API request will also return a pagination object with details about your current pagination state based on the parameters provided. The pagination object contains:<br></p><table><thead><tr><th>Key</th><th>Type</th><th>Description</th></tr></thead><tbody><tr><td>next_page_token</td><td>string</td><td>The token used to request the next page in paginated results. If no page token is included, the first page contains all results.</td></tr><tr><td>next_page_url</td><td>string</td><td>URL containing the next page and the limit provided in the original API request, to be used to continue sequentially accessing resources. Only displays when another page can be accessed.</td></tr></tbody></table><br><p>Following is a formatted example of the pagination object in an API response:<br><div class="scalar-code-copy"><pre class="scalar-codeblock-pre"><code class="hljs language-json"><span class="hljs-attr">"pagination"</span><span class="hljs-punctuation">: {</span><span class="hljs-attr"> "next_page_url"</span><span class="hljs-punctuation">: </span><span class="hljs-string">"https://api.huntress.io/v1/agents?page_token=MjAyMi0wMy0wMVQxODo1NDoyNFo&amp;limit=10"</span><span class="hljs-punctuation">,</span><span class="hljs-attr"> "next_page_token"</span><span class="hljs-punctuation">: </span><span class="hljs-string">"MjAyMi0wMy0wMVQxODo1NDoyNFo"</span><span class="hljs-punctuation">}</span></code></pre></div></details><details> <summary><h2 id='request-and-response-format'>Request and Response Format</h2></summary> <details> <summary><h3 id='request'>Request</h3></summary> <div class="scalar-code-copy"><pre class="scalar-codeblock-pre"><code class="hljs language-curl"><span class="hljs-built_in">curl</span> <span class="hljs-string">"https://api.huntress.io/v1/agents?organization_id=1&amp;page_token=MjAyMi0wMy0wMVQxODo1NDoyNFo"</span> -H <span class="hljs-string">"Authorization: Basic &lt;Your B64 encoded hash&gt;"</span></code></pre></div> <p>The base URL for API requests is <code>api.huntress.io/v1/</code>, followed by the resource requested. Resources can be requested either singularly or as a list, which correspond to <code>/v1/&lt;resources&gt;/:id</code> or <code>/v1/&lt;resources&gt;</code> respectively, with the exception of the <code>/v1/account</code> and <code>/v1/actor</code> endpoints, which only returns the account associated with the API credentials provided.</p> <p>As an example, <code>api.huntress.io/v1/agents</code> would return a list of agents, while <code>api.huntress.io/v1/agents/1</code> would return a singular agent with ID: 1.</p> <p>Parameters are provided to the API through a query string. As an example, providing the organization_id filter as a parameter to the <code>/v1/agents</code> endpoint would look like <code>api.huntress/io/v1/agents?organization_id=1</code>. Accessing a sequential page with the same filter active would look like <code>api.huntress.io/v1/agents?organization_id=1&amp;page_token=MjAyMi0wMy0wMVQxODo1NDoyNFo</code>.</p> </details> <details> <summary><h3 id='response'>Response</h3></summary> <p>The Huntress API responds with a JSON object containing requested resources if the request is valid and authorized.</p> <h4 id='singular-case'>Singular Case</h4> <div class="scalar-code-copy"> <pre class="scalar-codeblock-pre"><code class="hljs-json"><span class="hljs-punctuation">{</span><span class="hljs-attr"> "report"</span><span class="hljs-punctuation">: { ... }}</span></code></div> <p>In the case of accessing a singular resource, the JSON object in question will contain one key that maps the singular resource to the singular representation of the resource name. As an example, if you were to request <code>api.huntress.io/v1/reports/1</code>, the JSON response would contain a single key <code>report</code> that maps to the report with ID: 1.</p> <h4 id='multiple-case'>Multiple Case</h4><div class="highlight"><pre class="highlight json tab-json"><pre class="scalar-codeblock-pre"><code class="hljs-json"><span class="hljs-punctuation">{</span><span class="hljs-attr"> "reports"</span><span class="hljs-punctuation">: [ ... ],</span><span class="hljs-attr"> "pagination"</span><span class="hljs-punctuation">: { ... }</span><span class="hljs-punctuation">}</span></code></pre></div> <p>When accessing a list of resources, the JSON response contains two keys at the root level. The first key is the plural representation of that resource. The second is a <code>pagination</code> key that represents the current state of pagination based on parameters provided in the original request. As an example, a request to <code>api.huntress.io/v1/reports</code> returns a JSON object with the keys <code>reports</code> and <code>pagination</code> at its root level. Further details on the fields within the pagination object can be seen at <a href="#pagination">the relevant section</a>.</p> </details></details>