Chapter 7. Endpoint Security API

7.1. getSecureEndpoint

7.1.1. Description

Get the endpoint security data for the specified app and runtime environment.

7.1.2. Endpoint

  • uri - /box/srv/1.1/app/endpointsecurity/get
  • method - POST

7.1.3. Request Body

{
  // required
  "appId": "unqiue app identifier",
  // required
  "environment": "dev",
}

7.1.4. Response Body

7.1.4.1. Success

{
  "status": "ok",
  "appId": "unqiue app identifier",
  "environment": "dev",
  "default": "https", // can be "https" | "appapikey"
  "updatedBy": "user@example.com",
  "updatedWhen": "2012-12-04 12:00",
  "overrides": {
    "<endpoint name 1>": {
      "security" : "https", // can be "https" | "appapikey",
      "updatedBy": "user@example.com",
      "updatedWhen": "2012-12-04 12:00"
    },
    "<endpoint name 2>": {
      "security" : "https", // can be "https" | "appapikey",
      "updatedBy": "user@example.com",
      "updatedWhen": "2012-12-04 12:00"
    },
    // ...
    "<endpoint name n>": {
      "security" : "https", // can be "https" | "appapikey",
      "updatedBy": "user@example.com",
      "updatedWhen": "2012-12-04 12:00"
    }
  }
}

7.1.4.2. Error

{
  "status": "error",
  "message": "<error_message>"
}

7.2. setSecureEndpoint

7.2.1. Description

Set the endpoint security data for the specified app and runtime environment.

7.2.2. Endpoint

  • uri - /box/srv/1.1/app/endpointsecurity/set
  • method - POST

7.2.3. Request Body

{
  // required
  "appId": "unqiue app identifier",
  // required
  "environment": "dev",
  // required
  "default": "https", // can be "https" | "appapikey"
  "overrides": {
    "<endpoint name 1>": {
      "security" : "https" // can be "https" | "appapikey"
    },
    "<endpoint name 2>": {
      "security" : "https" // can be "https" | "appapikey"
    },
    // ...
    "<endpoint name n>": {
      "security" : "https" // can be "https" | "appapikey"
    }
  }
}

7.2.4. Response Body

7.2.4.1. Success

{
  "status": "ok"
}

7.2.4.2. Error

{
  "status": "error",
  "message": "<error_message>"
}

7.3. setSecureEndpointOverride

7.3.1. Description

Set the endpoint security data for the specified endpoints of an app and runtime environment. This does not change the default security setting for the app.

7.3.2. Endpoint

  • uri - /box/srv/1.1/app/endpointsecurity/setOverride
  • method - POST

7.3.3. Request Body

{
  // required
  "appId": "unqiue app identifier",
  // required
  "environment": "dev",
  // required
  "overrides": {
    "<endpoint name 1>": {
      "security" : "https" // can be "https" | "appapikey"
    },
    "<endpoint name 2>": {
      "security" : "https" // can be "https" | "appapikey"
    },
    // ...
    "<endpoint name n>": {
      "security" : "https" // can be "https" | "appapikey"
    }
  }
}

7.3.4. Response Body

7.3.4.1. Success

{
  "status": "ok"
}

7.3.4.2. Error

{
  "status": "error",
  "message": "<error_message>"
}

7.4. removeSecureEndpointOverride

7.4.1. Description

Remove the endpoint security overrides for the specified endpoints of an app and runtime environment. This does not change the default security setting for the app.

7.4.2. Endpoint

  • uri - /box/srv/1.1/app/endpointsecurity/removeOverride
  • method - POST

7.4.3. Request Body

{
  // required
  "appId": "unqiue app identifier",
  // required
  "environment": "dev",
  // required
  "endpoint": "<endpoint name>"
}

7.4.4. Response Body

7.4.4.1. Success

{
  "status": "ok"
}

7.4.4.2. Error

{
  "status": "error",
  "message": "<error_message>"
}

7.5. setDefaultSecureEndpoint

7.5.1. Description

Set the default endpoint security for the specified app and runtime environment.

7.5.2. Endpoint

  • uri - /box/srv/1.1/app/endpointsecurity/setDefault
  • method - POST

7.5.3. Request Body

{
  // required
  "appId": "unqiue app identifier",
  // required
  "environment": "dev",
  // required
  "default": "https" // can be "https" | "appapikey"
}

7.5.4. Response Body

7.5.4.1. Success

{
  "status": "ok"
}

7.5.4.2. Error

{
  "status": "error",
  "message": "<error_message>"
}

7.6. auditLog

7.6.1. Description

Get the Endpoint Security Audit Log data for the specified app and runtime environment.

An optional filter parameter can be specified to filter the returned audit log records by the following criteria:

  • endpoint: the name of an endpoint
  • security: can be https or appapikey
  • updatedBy: a userId
  • event: one of "Set App Security", "Add Endpoint", "Remove Endpoint"
  • limit: number of records to return

7.6.2. Endpoint

  • uri - /box/srv/1.1/app/endpointsecurity/auditLog
  • method - POST

7.6.3. Request Body

{
  // required
  "appId": "unqiue app identifier",
  // required
  "environment": "dev",
  "filter": {
    "endpoint": "<endpoint>",
    "security": "<security>",
    "updatedBy": "<updatedBy>",
    "event": "<event>",
    "limit": "<num records>"
  }
}

7.6.4. Response Body

7.6.4.1. Success

{
  "list": [
    {
      "appId": "O_6sZAYZN4O3KsJtJ2-ssvAf",
      "endpoint": "getDemo",
      "environment": "dev",
      "event": "Add Endpoint",
      "security": "https",
      "updatedBy": "training@example.com",
      "updatedWhen": "Thu Dec 13 12:01:33 UTC 2012",
      "updatedWhenMillis": 1355400093157
    },
    {
      "appId": "O_6sZAYZN4O3KsJtJ2-ssvAf",
      "endpoint": "",
      "environment": "dev",
      "event": "Set App Security",
      "security": "appapikey",
      "updatedBy": "training@example.com",
      "updatedWhen": "Thu Dec 13 11:57:24 UTC 2012",
      "updatedWhenMillis": 1355399844528
    }
  ],
  "status": "ok"
}

7.6.4.2. Error

{
  "status": "error",
  "message": "<error_message>"
}