List TAXII Collections - Cloud Security API

{"type":"api","title":"List TAXII Collections","meta":{"id":"/apps/pubhub/media/cloud-security-apis-in-eft/83e8a10367d157243cd1c3e478b807cb81262a3d/9c9cc32c-275c-3119-8ff5-3eceac33f676","info":{"title":"Cisco Secure Access Threat Intelligence Feeds API","version":"1.0.0","description":"Create and manage the integration of STIX-TAXII threat intelligence feeds in Secure Access.","contact":{"name":"Cloud Security Developer Community"}},"security":[{"oauthFlow":[]}],"tags":[{"name":"Integrations","description":"Integration management"},{"name":"Secure Access"}],"x-parser-conf":{"overview":{"markdownPath":"secure-access/reference/admin/threat-intelligence-feeds-overview.md","uri":"secure-access-api-reference-threat-intelligence-feeds-overview"}},"openapi":"3.0.3","servers":[{"url":"https://api.sse.cisco.com/{basePath}","variables":{"basePath":{"default":"admin/v2"}}}],"securitySchemes":{"oauthFlow":{"type":"oauth2","description":"The client credential flow.","flows":{"clientCredentials":{"tokenUrl":"https://api.sse.cisco.com/auth/v2/token","scopes":{"admin.integrations.threatfeeds:read":"Read threat intelligence feeds","admin.integrations.threatfeeds:write":"Create, update, or delete threat intelligence feeds"}}}}}},"spec":{"operationId":"listTaxiiCollections","summary":"List TAXII Collections","description":"Get the TAXII collections from a TAXII API root.\nUse the list of collections to discover API roots and select collections for polling.","security":[{"oauthFlow":["admin.integrations.threatfeeds:write"]}],"tags":["Integrations","Secure Access"],"requestBody":{"required":true,"description":"The properties used to list the collections provided by threat intelligence feed.","content":{"application/json":{"schema":{"type":"object","description":"The properties of the collections provided by threat intelligence feed.","required":["root_url","auth_type","credentials"],"properties":{"root_url":{"type":"string","format":"uri","description":"The root URL for the TAXII API.\nThe root URL must end with a trailing slash.\nFor more information, see the TAXII 2.1 standard, section 4.2.","example":"https://limo.anomali.com/api1/","$$ref":"#/components/schemas/root_url"},"auth_type":{"type":"string","enum":["basic","bearer","api_key"],"description":"The authentication method used with the threat intelligence feed.","example":"basic","$$ref":"#/components/schemas/auth_type"},"credentials":{"type":"object","description":"The properties of the credentials used to authenticate with the threat intelligence feed.","properties":{"username":{"type":"string","description":"The username on the account for the threat intelligence feed.","nullable":true},"password":{"type":"string","description":"The password on the account for the threat intelligence feed.","format":"password","nullable":true},"token":{"type":"string","description":"The access token on the account for the threat intelligence feed.","nullable":true},"api_key":{"type":"string","description":"The API key on the account for the threat intelligence feed.","nullable":true}},"$$ref":"#/components/schemas/credentials"}},"example":{"root_url":"https://limo.anomali.com/api1/","auth_type":"basic","credentials":{"username":"user","password":"pass"}}}}},"$$ref":"#/components/requestBodies/listTAXIICollectionsRequest"},"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"array","description":"The list of TAXII collections for the threat intelligence feed.","items":{"type":"object","description":"The properties of the TAXII collection.","required":["id","title","can_read","can_write"],"properties":{"id":{"type":"string","format":"uuid","description":"The unique identifier (UUID) of the collection.","example":"91a7b528-80eb-42ed-a74d-c6fbd5a26116"},"title":{"type":"string","description":"The name of the collection."},"description":{"type":"string","nullable":true,"description":"The description of the collection."},"can_read":{"type":"boolean","description":"Specifies whether the collection has the Read permission.","example":false},"can_write":{"type":"boolean","description":"Specifies whether the collection has the Write permission.","example":true},"media_types":{"type":"array","description":"The list of media types supported by the STIX JSON format.","items":{"type":"string","description":"The supported STIX content type."},"example":["application/stix+json;version=2.1"]}},"example":{"id":"91a7b528-80eb-42ed-a74d-c6fbd5a26116","title":"Indicators","description":"Malware indicators","can_read":true,"can_write":false,"media_types":["application/stix+json;version=2.1"]}},"example":[{"id":"91a7b528-80eb-42ed-a74d-c6fbd5a26116","title":"Indicators","description":"Malware indicators","can_read":true,"can_write":false,"media_types":["application/stix+json;version=2.1"]}],"$$ref":"#/components/schemas/listTAXIICollectionsResponse"}}}},"400":{"description":"Bad Request","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The date and time (ISO 8601-formatted timestamp) when the system returned the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"error_id":{"type":"string","description":"Error message explaining the reason for failure.","example":"Forbidden"},"http_status":{"type":"integer","description":"The HTTP status code returned in the response.","example":403}}},"examples":{"example_one":{"summary":"Bad Request","value":{"title":"Bad Request","description":"Invalid discovery URL format","http_status":400,"error_id":"err-20260310-a1b2c3d4","error_code":"VALIDATION_ERROR"}},"invalidRequest":{"summary":"Bad request","value":{"title":"Bad Request","description":"Invalid job definition","http_status":400,"error_id":"err-20260310-a1b2c3d4","error_code":"VALIDATION_ERROR"}},"vendorLimit":{"summary":"Vendor limit exceeded","value":{"title":"Vendor Limit Exceeded","description":"Maximum 5 active jobs allowed for vendor 'pulsedive'","http_status":400,"error_id":"err-20260310-b2c3d4e5","error_code":"VENDOR_LIMIT_EXCEEDED"}}}}},"$$ref":"#/components/responses/400Error"},"401":{"description":"Unauthorized","content":{"application/json":{"example":{"title":"Authentication Failed","description":"The provided credentials were rejected by the TAXII server","http_status":401,"error_id":"err-20260310-b2c3d4e5","error_code":"TAXII_UPSTREAM_ERROR"}}}},"403":{"description":"Forbidden","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The date and time (ISO 8601-formatted timestamp) when the system returned the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"error_id":{"type":"string","description":"Error message explaining the reason for failure.","example":"Forbidden"},"http_status":{"type":"integer","description":"The HTTP status code returned in the response.","example":403}}}}},"$$ref":"#/components/responses/403Error"},"404":{"description":"Not Found","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The date and time (ISO 8601-formatted timestamp) when the system returned the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"error_id":{"type":"string","description":"Error message explaining the reason for failure.","example":"Not Found"},"http_status":{"type":"integer","description":"The HTTP status code returned in the response.","example":404}}},"example":{"title":"Not Found","description":"TAXII discovery endpoint not found","http_status":404,"error_id":"err-20260310-d4e5f6a7","error_code":"TAXII_UPSTREAM_ERROR"}}},"$$ref":"#/components/responses/404Error"},"422":{"description":"Unprocessable Entity - Validation error","content":{"application/json":{"example":{"title":"Validation Error","description":"1 validation error(s): body.root_url","http_status":422,"error_id":"err-20260310-e5f6a7b8","error_code":"REQUEST_VALIDATION_ERROR","details":{"errors":[{"field":"body.root_url","message":"field required","type":"value_error.missing"}]}}}}},"429":{"description":"Too Many Requests","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The date and time (ISO 8601-formatted timestamp) when the system returned the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"example":{"Error":"Rate limit exceeded"}}},"$$ref":"#/components/responses/429Error"},"500":{"description":"Internal Server Error","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The date and time (ISO 8601-formatted timestamp) when the system returned the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"error_id":{"type":"string","description":"Error message explaining the reason for failure.","example":"Internal Server Error"},"http_status":{"type":"integer","description":"The HTTP status code returned in the response.","example":500}},"example":{"title":"Internal Server Error","description":"An unexpected error occurred","http_status":500,"error_id":"err-20260310-f6a7b8c9"}}}},"$$ref":"#/components/responses/500Error"}},"__originalOperationId":"listTaxiiCollections","method":"post","path":"/integrations/threatFeeds/discovery/collections"}}