Getting Started

Base URL

For the Authorization of the Secure Email Threat Defense API mentioned, use a URL that begins with the fully qualified domain name (FQDN) of the Secure Email Threat Defense API Servers. you should use the corresponding API service depending on whether your Email Threat Defense instance is located in the Americas, Europe, Middle East, and Africa (EMEA) or Asia-Pacific (APAC) data center.

Americas API endpoint:

https://api.us.etd.cisco.com/

Europe API endpoint:

https://api.de.etd.cisco.com/

Australia API endpoint:

https://api.au.etd.cisco.com/

India API endpoint:

https://api.in.etd.cisco.com/

UAE API endpoint:

https://api.ae.etd.cisco.com/

API Features

The Secure Email Threat Defense API features can be divided into five groups:

Authentication – This API allows you to use the client credentials generated on the ETD admin page to create a JWT token for the Secure Email Threat Defense API. For more information, refer to Authentication section.

Message Search – This API allows you to search message information within a period, with or without filters narrowing down the results.

Remediation and Reclassification API - This API allows customers to remediate and reclassify large batches of messages to respond to threats.

Status - This API allows you to check the status of the message.

Reporting - This API empowers customers to create their reports and dashboards, enabling better management of their clients.

Log Export API - The API gives user capability to download consolidated ETD logs.