Forcepoint Insights - API Documentation

API docs by Redocly

Insights API specification (0.12)

Download OpenAPI specification:

Summary

This specification describes the REST APIs used by Insights to define and export data.

To use the APIs, each point product will require the following

  1. Point Product Code - An unique code within Insights that identifies the point product(eg. SSE, RBI)
  2. Auth Token - A bearer token generated by Insights Operations, required to authenticate the request. It is required to be passed in Authorization header of REST API.

Concepts

Dimensions

Dimensions are qualitative fields i.e. they cannot be measured. Some examples of Dimesions include Category, Domain, Country etc.

Measures

Measures are the quantitative fields i.e. those fields which can be generally represented as numbers or as boolean fields. Some examples of Measures include bytesDownloaded, latency, avScanDone etc.

Collections

Collections define various type of data that is processed by Insights. Each collection has a set of dimensions and measures associated with it. Each collection is associated with a point product code. for example, the collection 'Admin' with point product code 'SSE' contains data related to admin activities in SSE product.

Token Management

Token Management Public API for generating bearer access tokens

Generate bearer access token

Generate a bearer access token that can be used for authorization purpose. Token Validity: The generated bearer access token is valid for 59 minutes after creation.

Authorizations:
apiKeyAuth
header Parameters
X-API-KEY
required
string
Example: api-key-string

API key for authentication. Generate this token from Platform Services > Admin.

Responses

Request samples 

# Generate bearer access token
curl -X POST "https://portal.forcepointone.com/api/apikeys/token" \
  -H "X-API-KEY: your-api-key-string" \
  -H "Content-Type: application/json"

Response samples

Content type
application/json
{
  • "token": "at_Gpl9pruW7mpHykzzdvBDgg4v2ozN9NJ8-LHpVzpLUkA..."
}

Export

Export data from a collection

Exports data from the specified collection in the requested format (JSON or CSV). The response format is determined by the Accept header.

Authorizations:
bearerAuth
path Parameters
ppcode
required
string

point product code identifying the data source eg RBI, SSE etc.
name
required
string

Collection name to export data from eg. Admin, CASBInline, CASBAPI, ZTNA, SWG, DLP, Health etc for SSE.
header Parameters
Accept
string
Enum: "application/json" "text/csv" "application/csv"

Desired response format.
X-Correlation-Id
string

Correlation ID for request tracking.
Request Body schema: application/json
required
object
Array of objects (ReportRequestFields)
limit
integer
offset
integer
starttime
datetime

Responses

Request samples

Content type
application/json
{
  • "filters": {
    },
  • "fields": [
    ],
  • "limit": 300,
  • "offset": 0,
  • "starttime": "2024-08-01 00:00:00"
}

Response samples

Content type
{
  • "data": [
    ],
  • "status": "string"
}