Discover TAXII API Roots - Cloud Security API

{"type":"api","title":"Discover TAXII API Roots","meta":{"id":"/apps/pubhub/media/cloud-security-apis-in-eft/83e8a10367d157243cd1c3e478b807cb81262a3d/9c9cc32c-275c-3119-8ff5-3eceac33f676","info":{"title":"Cisco Secure Access Threat Intelligence Feeds API","version":"1.0.0","description":"Create and manage the integration of STIX-TAXII threat intelligence feeds in Secure Access.","contact":{"name":"Cloud Security Developer Community"}},"security":[{"oauthFlow":[]}],"tags":[{"name":"Integrations","description":"Integration management"},{"name":"Secure Access"}],"x-parser-conf":{"overview":{"markdownPath":"secure-access/reference/admin/threat-intelligence-feeds-overview.md","uri":"secure-access-api-reference-threat-intelligence-feeds-overview"}},"openapi":"3.0.3","servers":[{"url":"https://api.sse.cisco.com/{basePath}","variables":{"basePath":{"default":"admin/v2"}}}],"securitySchemes":{"oauthFlow":{"type":"oauth2","description":"The client credential flow.","flows":{"clientCredentials":{"tokenUrl":"https://api.sse.cisco.com/auth/v2/token","scopes":{"admin.integrations.threatfeeds:read":"Read threat intelligence feeds","admin.integrations.threatfeeds:write":"Create, update, or delete threat intelligence feeds"}}}}}},"spec":{"operationId":"discoverTaxiiRoots","summary":"Discover TAXII API Roots","description":"Query a TAXII 2.1 discovery endpoint to retrieve the available API roots.","security":[{"oauthFlow":["admin.integrations.threatfeeds:write"]}],"tags":["Integrations","Secure Access"],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["discovery_url","auth_type","credentials"],"properties":{"discovery_url":{"type":"string","format":"uri","description":"The URL of the TAXII 2.1 discovery endpoint.\nThe URL must end with a trailing slash. For more information see the TAXII 2.1 specification, Section 4.1.","example":"https://limo.anomali.com/taxii2/"},"auth_type":{"type":"string","enum":["basic","bearer","api_key"],"description":"Authentication method","example":"basic"},"credentials":{"type":"object","description":"The properties of the credentials used to authenticate with the threat intelligence feed.","properties":{"username":{"type":"string","description":"The username on the account for the threat intelligence feed.","nullable":true},"password":{"type":"string","description":"The password on the account for the threat intelligence feed.","format":"password","nullable":true},"token":{"type":"string","description":"The access token on the account for the threat intelligence feed.","nullable":true},"api_key":{"type":"string","description":"The API key on the account for the threat intelligence feed.","nullable":true}},"$$ref":"#/components/schemas/credentials"}},"example":{"discovery_url":"https://limo.anomali.com/taxii2/","auth_type":"basic","credentials":{"username":"user","password":"pass"}}}}},"$$ref":"#/components/requestBodies/createDiscoveryRoot"},"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object","description":"The properties of the Taxii discovery root for the threat intelligence feed.","required":["title","api_roots"],"properties":{"title":{"type":"string","description":"The title of the server.","example":"Anomali TAXII Server"},"description":{"type":"string","nullable":true,"description":"The description for the server."},"contact":{"type":"string","nullable":true,"description":"The email address that the system can use to contact the owner of the server."},"default":{"type":"string","nullable":true,"description":"The URL of the default API root."},"api_roots":{"type":"array","description":"The list of URLs for the available API roots.","items":{"type":"string","format":"uri","description":"The URL of an available API root."}},"max_content_length":{"type":"integer","nullable":true,"description":"The maximum content length of the response in bytes."}},"example":{"title":"Anomali TAXII Server","description":"Threat intelligence feed","contact":"support@anomali.com","default":"https://limo.anomali.com/api1/","api_roots":["https://limo.anomali.com/api1/","https://limo.anomali.com/api2/"],"max_content_length":52428800},"$$ref":"#/components/schemas/discoveryTaxiiRootResponse"}}}},"400":{"description":"Bad Request","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The date and time (ISO 8601-formatted timestamp) when the system returned the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"error_id":{"type":"string","description":"Error message explaining the reason for failure.","example":"Forbidden"},"http_status":{"type":"integer","description":"The HTTP status code returned in the response.","example":403}}},"examples":{"example_one":{"summary":"Bad Request","value":{"title":"Bad Request","description":"Invalid discovery URL format","http_status":400,"error_id":"err-20260310-a1b2c3d4","error_code":"VALIDATION_ERROR"}},"invalidRequest":{"summary":"Bad request","value":{"title":"Bad Request","description":"Invalid job definition","http_status":400,"error_id":"err-20260310-a1b2c3d4","error_code":"VALIDATION_ERROR"}},"vendorLimit":{"summary":"Vendor limit exceeded","value":{"title":"Vendor Limit Exceeded","description":"Maximum 5 active jobs allowed for vendor 'pulsedive'","http_status":400,"error_id":"err-20260310-b2c3d4e5","error_code":"VENDOR_LIMIT_EXCEEDED"}}}}},"$$ref":"#/components/responses/400Error"},"401":{"description":"Unauthorized","content":{"application/json":{"example":{"title":"Authentication Failed","description":"The provided credentials were rejected by the TAXII server","http_status":401,"error_id":"err-20260310-b2c3d4e5","error_code":"TAXII_UPSTREAM_ERROR"}}}},"403":{"description":"Forbidden","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The date and time (ISO 8601-formatted timestamp) when the system returned the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"error_id":{"type":"string","description":"Error message explaining the reason for failure.","example":"Forbidden"},"http_status":{"type":"integer","description":"The HTTP status code returned in the response.","example":403}}}}},"$$ref":"#/components/responses/403Error"},"404":{"description":"Not Found","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The date and time (ISO 8601-formatted timestamp) when the system returned the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"error_id":{"type":"string","description":"Error message explaining the reason for failure.","example":"Not Found"},"http_status":{"type":"integer","description":"The HTTP status code returned in the response.","example":404}}},"example":{"title":"Not Found","description":"TAXII discovery endpoint not found","http_status":404,"error_id":"err-20260310-d4e5f6a7","error_code":"TAXII_UPSTREAM_ERROR"}}},"$$ref":"#/components/responses/404Error"},"422":{"description":"Unprocessable Entity - Validation error","content":{"application/json":{"example":{"title":"Validation Error","description":"1 validation error(s): body.auth_type","http_status":422,"error_id":"err-20260310-e5f6a7b8","error_code":"REQUEST_VALIDATION_ERROR","details":{"errors":[{"field":"body.auth_type","message":"Invalid value","type":"value_error"}]}}}}},"429":{"description":"Too Many Requests","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The date and time (ISO 8601-formatted timestamp) when the system returned the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"example":{"Error":"Rate limit exceeded"}}},"$$ref":"#/components/responses/429Error"},"500":{"description":"Internal Server Error","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The date and time (ISO 8601-formatted timestamp) when the system returned the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"error_id":{"type":"string","description":"Error message explaining the reason for failure.","example":"Internal Server Error"},"http_status":{"type":"integer","description":"The HTTP status code returned in the response.","example":500}},"example":{"title":"Internal Server Error","description":"An unexpected error occurred","http_status":500,"error_id":"err-20260310-f6a7b8c9"}}}},"$$ref":"#/components/responses/500Error"}},"__originalOperationId":"discoverTaxiiRoots","method":"post","path":"/integrations/threatFeeds/discovery/roots"}}