Egnyte Secure and Govern Public API (1.0.0)
Download OpenAPI specification:Download
Egnyte Secure and Govern Public API exposes issues for the purpose of listing, polling for new issues and watching for changes in issue pool.
Definitions:
- Environment
- One of the two egnyteprotect.com subdomains to use with the API: usc1-api.egnyteprotect.com or euw1-api.egnyteprotect.com
- Tenant
- A company/organization account in Egnyte Secure and Govern.
- Issue
- A violation of data protection policies listed in Secure and Govern
CodeGrantAuth
Code Grant from OAuth2 is used for obtaining tokens to the API for applications using the Public API to provide functionality for Secure and Govern users.
Request a client_id from https://developers.egnyte.com - register and select "Issue a new key for Egnyte Secure and Govern" to get it.
Example calls
# get code - open in the browser
https://usc1-api.egnyteprotect.com/oauth2/code?client_id=CLIENT_ID&redirect_uri=https://your-app.com/oauthredirect&response_type=code&scope=issues:read
# exchange code for token - POST request
curl -v -d 'client_id=CLIENT_ID&client_secret=SECRET&grant_type=authorization_code&redirect_uri=https://your-app.com/oauthredirect&code=CODE' https://usc1-api.egnyteprotect.com/oauth2/token
# refresh token - POST request
curl -v -d 'client_id=CLIENT_ID&client_secret=SECRET&grant_type=refresh_token&redirect_uri=https://your-app.com/oauthredirect&refresh_token=REF_TOKEN' https://usc1-api.egnyteprotect.com/oauth2/token
authorizationCode https://<env>.egnyteprotect.com/oauth2/codehttps://<env>.egnyteprotect.com/oauth2/tokenissues:read-Read issues and react to issue status changes
classification:write-Register content classification sources
sar:read-Check SAR status and list files from SAR matches
sar:write-Create SAR and delete files from SAR matches
sc:read-Read classification results
sc:matches-Read the actual sensitive content text in classified files
legalhold:read-Read Legal holds details and retained files
legalhold:write-Create and update Legal holds
auditevents:read-Read audit events
Create a Subject Access Request
Creates a SAR. IDs in "identifiers" come from the endpoint for listing identifiers
Authorizations:
Request Body schema: application/json
required | object |
| requestType required | string Enum: "NOTIFICATION" "RIGHT_TO_BE_FORGOTTEN" |
| serviceTime | number |
Responses
Request samples
- Payload
{ }Response samples
- 201
- 400
- 401
- 403
- 404
- 500
{- "id": "c9ac0519-284a-4bee-9574-30ae7891e5dc"
}List all Subject Access Requests
List the details of all Subject Access Requsts created in the tenant.
Authorizations:
query Parameters
| cursor | string cursor value from the previous response body - for continuity. Each response is returning a cursor - a string pointing to the place on the list of Subject Access Requests for tenant, and each request passes the last known cursor value to get next SARs page. |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Get SAR
Returns SAR details, including status and stage of processing the SAR.
Authorizations:
path Parameters
| sarId required | string <uuid> Id of the SAR |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "id": "096e400e-56db-4128-bdea-05ebcea9ab7e",
- "subject": {
- "details": {
- "firstName": "John",
- "middleName": "Oneofakind",
- "lastName": "Doe"
}, - "identifiers": [ ]
}, - "requestType": "NOTIFICATION",
- "stage": "COLLECTING_DATA",
- "daysLeft": 29,
- "created": 1576580243855,
- "serviceTime": 30,
- "servicedDays": 0,
- "serviceDate": 1576580243855,
- "processed": false,
- "completed": false,
- "actions": {
- "list": {
- "name": "List SAR files",
- "method": "get",
}
}
}List paths from fulfilled SAR
Returns paths to files from SAR matches
Authorizations:
path Parameters
| sarId required | string <uuid> Id of the SAR |
query Parameters
| count | integer [ 1 .. 100 ] Default: 100 Number of items to return at most |
| cursor | string cursor value from the previous response body - for continuity. Each response is returning a cursor - a string pointing to the place on the list of files from SAR matches, and each request passes the last known cursor value to get items which occurred after that. |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "files": [
- {
- "id": "string",
- "name": "string",
- "url": "string",
- "path": "string",
- "versionId": "string",
- "source": {
- "name": "string",
- "type": "string"
}, - "containsOtherPersonMatches": true,
- "retained": true,
- "canBeDeleted": true
}
], - "cursor": "string"
}Submit download request
Request SAR files to be prepared for downloading. Status of the download preparation can be checked by using action's url from the response.
Authorizations:
path Parameters
| sarId required | string <uuid> Id of the SAR |
query Parameters
| flat | boolean If it is |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Check a download preparation status
Check if the download with provided downloadId is ready and SAR files can be served. If it is, use actions from the downloads list to download ZIP archives with files content.
Authorizations:
path Parameters
| sarId required | string <uuid> Id of the SAR |
| downloadId required | string <uuid> Id of the download |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Get a content of a SAR file
Get a binary content of a file returned as ZIP archive
Authorizations:
path Parameters
| sarId required | string <uuid> Id of the SAR |
| downloadId required | string <uuid> Id of the download |
| archiveId required | string Id of an archiveId |
Responses
Response samples
- 400
- 401
- 403
- 404
- 500
{- "code": "string",
- "message": "string",
- "details": "string"
}Register a source for classification
Creates a classification source in Secure and Govern sourceId in response can be used to unregister, it also shows up as sourceId in results of Content Classification and Issues
Authorizations:
Request Body schema: application/json
| transport required | string Value: "https" Transport choice. |
| discoveryURL required | string URL of the Classification FS discovery endpoint for the particular source. |
| sourceDisplayName required | string Visible name of the registered source. |
| location | string Visible name of the location of the source, can be left empty or used as a hint to the user as to where to look for the source (a network address or a specific section of the source system). |
| troubleshootingURL required | string A URL to display to the user if the classification source stops responding. Can be a direct link to configuration of the source or a link to a troubleshooting guide. |
| authHeader | string The content for authorization header of requests made to Classification FS. |
| emailContact | string E-mail address to contact when source is down for. |
| sourceType | string Display name of source. |
| iconUrl | string Source icon url. |
Responses
Request samples
- Payload
{- "transport": "https",
- "discoveryURL": "string",
- "sourceDisplayName": "string",
- "location": "string",
- "troubleshootingURL": "string",
- "authHeader": "string",
- "emailContact": "string",
- "sourceType": "string",
- "iconUrl": "string"
}Response samples
- 201
- 400
- 401
- 403
- 404
- 500
{- "sourceId": "string"
}Request a test run on a classification source
Runs a simulation of a Classification Source scan pass on the given source URL and invokes report endpoint with issues it finds.
Does not return a success/failure result - it's intended as a tool for helping the developer during work and manual acceptance testing, not as a CI/CD tool.
Authorizations:
Request Body schema: application/json
| transport required | string Value: "https" Transport choice. |
| discoveryURL required | string URL of the Classification FS discovery endpoint for the particular source |
| authHeader | string The content for authorization header of requests made to Classification FS |
Responses
Request samples
- Payload
{- "transport": "https",
- "discoveryURL": "string",
- "authHeader": "string"
}Response samples
- 400
- 401
- 403
- 404
- 500
{- "code": "string",
- "message": "string",
- "details": "string"
}Get policies
Returns policies from current tenant's setup.
Content listing will only refer to policies by tags. Details and display names can be resolved from this endpoint.
Policies don't change often so it's reasonable to cache the response to this.
Authorizations:
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Locations
List locations with Sensitive Content found. Returns a list of paths to locations containing files identified as sensitive.
Authorizations:
path Parameters
| sourceId required | string ID of the source |
query Parameters
| cursor | string The cursor returned in previous request |
| count | number [ 1 .. 100 ] The number of items to return in one response |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Get location
Get location details along with the list of IDs of sensitive files found.
Authorizations:
path Parameters
| sourceId required | string ID of the source |
| locationId required | string <uuid> ID of the location to read |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
List location
List files in a location.
Authorizations:
path Parameters
| sourceId required | string ID of the source |
| locationId required | string <uuid> ID of the location to list |
query Parameters
| cursor | string The cursor returned in previous request |
| count | number [ 1 .. 100 ] The number of items to return in one response |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Get file
Get sensitive file details.
Authorizations:
path Parameters
| sourceId required | string ID of the source |
| fileId required | string <uuid> ID of the file to read |
query Parameters
| classificationStatus | boolean Option to get status of classification |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Get matches
Get sensitive file details including the list of matched content occurrences. > Note a specific scope is required for this endpoint access
Authorizations:
path Parameters
| sourceId required | string ID of the source |
| fileId required | string <uuid> ID of the file to read |
query Parameters
| includeTextContext | number [ 10 .. 250 ] Number of characters before and after the match to include in the context. Context is only returned if this parameter is set. Otherwise context field is missing from response. |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Get classification status
Get status of file's classification
Authorizations:
path Parameters
| sourceId required | string ID of the source |
query Parameters
| versionId required | string <uuid> ID of the version of the file to read |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Get list of issues
Returns Secure and Govern issues, starting from oldest, uses a cursor to iterate without duplicates.
- Issue
- A violation of data protection policies listed in Secure and Govern
- Cursor
- A value pointing to a location in the list of issues. Cursor refers to the last item you already received. The API will return items newer than the cursor.
Authorizations:
query Parameters
| count | integer [ 1 .. 100 ] Default: 100 Number of items to return at most |
| cursor | integer <int64> >= 0 Most recent known id, return items with IDs after this one. |
| format | string Default: "short" Enum: "short" "full" Either short or full to include less or more issue details. |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "cursor": 46,
- "issues": [
- {
- "id": 1,
- "sourceId": "1232f6b8-3258-4528-ab64-b4a636da3327",
- "status": "OPEN",
- "type": "INDIVIDUAL_PERMISSION",
- "source": "someworkgroup.egnyte.com",
- "sourceLabel": "Source added by tests",
- "sourceType": "Egnyte",
- "severity": 1,
- "item": {
- "type": "FOLDER",
- "displayName": "/Shared/2018-09-04_10-37-02/folder-parent14/folder15",
- "issueDetails": null
}, - "updated": 1536050328021,
- "detected": 1536050328021,
- "policies": [ ]
}, - {
- "id": 2,
- "sourceId": "1232f6b8-3258-4528-ab64-b4a636da3327",
- "status": "OPEN",
- "type": "PUBLIC_LINK",
- "source": "someworkgroup.egnyte.com",
- "sourceLabel": "Source added by tests",
- "sourceType": "Egnyte",
- "severity": 2,
- "item": {
- "type": "FILE",
- "displayName": "/Shared/2018-09-04_10-37-02/file6.test",
- "issueDetails": null
}, - "updated": 1536050328571,
- "detected": 1536050328571,
- "policies": [
- "relevant policy name"
]
}, - {
- "id": 3,
- "sourceId": "1232f6b8-3258-4528-ab64-b4a636da3327",
- "status": "OPEN",
- "type": "PUBLIC_LINK",
- "source": "someworkgroup.egnyte.com",
- "sourceLabel": "Source added by tests",
- "sourceType": "Egnyte",
- "severity": 2,
- "item": {
- "type": "FOLDER",
- "displayName": "/Shared/2018-09-04_10-37-02/folder20",
- "issueDetails": null
}, - "updated": 1536050328571,
- "detected": 1536050328571,
- "policies": [
- "relevant policy name"
]
}, - {
- "id": 5,
- "sourceId": "1232f6b8-3258-4528-ab64-b4a636da3327",
- "status": "OPEN",
- "type": "EXTERNAL_SHARING",
- "source": "someworkgroup.egnyte.com",
- "sourceLabel": "Source added by tests",
- "sourceType": "Egnyte",
- "severity": 3,
- "item": {
- "type": "FOLDER",
- "displayName": "/Shared/2018-09-04_10-37-02/folder-parent14/folder15",
- "issueDetails": null
}, - "updated": 1536050328753,
- "detected": 1536050328753,
- "policies": [
- "relevant policy name"
]
}, - {
- "id": 6,
- "sourceId": "1232f6b8-3258-4528-ab64-b4a636da3327",
- "status": "OPEN",
- "type": "COMPROMISED_ACCOUNT",
- "source": "someworkgroup.egnyte.com",
- "sourceLabel": "Source added by tests",
- "sourceType": "Egnyte",
- "severity": 9,
- "item": {
- "type": "USER",
- "displayName": "Delphi Admin (bob@egnyte.com)",
- "issueDetails": {
- "userName": "Delphi Admin",
- "userEmail": "bob@egnyte.com"
}
}, - "updated": 1536050328753,
- "detected": 1536050328753,
- "policies": [ ]
}, - {
- "id": 12,
- "sourceId": "1232f6b8-3258-4528-ab64-b4a636da3327",
- "status": "OPEN",
- "type": "OPEN_ACCESS",
- "source": "someworkgroup.egnyte.com",
- "sourceLabel": "Source added by tests",
- "sourceType": "Egnyte",
- "severity": 3,
- "item": {
- "type": "FOLDER",
- "displayName": "/Shared/2018-09-04_10-37-02/folder-parent10/folder11",
- "issueDetails": null
}, - "updated": 1536050328995,
- "detected": 1536050328995,
- "policies": [
- "relevant policy name"
]
}, - {
- "id": 22,
- "sourceId": "1232f6b8-3258-4528-ab64-b4a636da3327",
- "status": "OPEN",
- "type": "EMPTY_GROUP",
- "source": "someworkgroup.egnyte.com",
- "sourceLabel": "Source added by tests",
- "sourceType": "Egnyte",
- "severity": 1,
- "item": {
- "type": "GROUP",
- "displayName": "empty-group-MWfVpYMG",
- "issueDetails": null
}, - "updated": 1536050366764,
- "detected": 1536050366764,
- "policies": [
- "relevant policy name"
]
}, - {
- "id": 30,
- "sourceId": "1232f6b8-3258-4528-ab64-b4a636da3327",
- "status": "OPEN",
- "type": "UNUSED_GROUP",
- "source": "someworkgroup.egnyte.com",
- "sourceLabel": "Source added by tests",
- "sourceType": "Egnyte",
- "severity": 1,
- "item": {
- "type": "GROUP",
- "displayName": "group-name-jeFLVEbh-82",
- "issueDetails": null
}, - "updated": 1536050367288,
- "detected": 1536050367288,
- "policies": [
- "relevant policy name"
]
}, - {
- "id": 46,
- "sourceId": "1232f6b8-3258-4528-ab64-b4a636da3327",
- "status": "OPEN",
- "type": "MALWARE_INFECTION",
- "source": "someworkgroup.egnyte.com",
- "sourceLabel": "Source added by tests",
- "sourceType": "Egnyte",
- "severity": 9,
- "item": {
- "type": "USER",
- "displayName": "Delphi Admin (bob@egnyte.com)",
- "issueDetails": {
- "userName": "Delphi Admin",
- "userEmail": "bob@egnyte.com"
}
}, - "updated": 1536050367669,
- "detected": 1536050367669,
- "policies": [
- "relevant policy name"
]
}
]
}Get cursor
Get latest cursor or a cursor for provided timestamp. Returns cursor (issue id) for timestamp specified as startTime param. When querying issue listing for the cursor provided, you'll receive all issues created on the timestamp or later.
If the timestamp is older than the oldest issue, the API returns a cursor pointing to a value before all issues
If the timestamp is newer than the newest issue or not provided at all, a cursor is returned that, when used, will only return future issues. (useful for polling for new issues)
Authorizations:
query Parameters
| startTime | integer >= 1500000000000 Timestamp in miliseconds for which to get the cursor |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "cursor": 2343
}Get list of issues updates
Returns Issues in their current state, but ordered by their modification time. Polling this endpoint starting at the current timestamp will result in getting a list of issues as they're being updated or added. Polling with no timestamp to start with will list all issues in their current state and continue returning issues as they're being added or changed over time. Responses from this endpoint may contain more elements than the declared count if the last item in the returned set was not the last with the same timestamp value.
Authorizations:
query Parameters
| count | integer [ 1 .. 100 ] Default: 100 Approximate number of items to return. API doesn't not guarantee the exact match. |
| modifiedAfter | integer <int64> >= 0 Most recent known timestamp, return items which were updated after that timestamp. |
| format | string Default: "short" Enum: "short" "full" Either short or full to include less or more issue details. |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "modifiedAfter": 0,
- "issues": [
- {
- "id": 0,
- "sourceId": "string",
- "status": "string",
- "type": "string",
- "source": "string",
- "sourceLabel": "string",
- "sourceType": "string",
- "severity": 1,
- "updated": 0,
- "detected": 0,
- "item": {
- "type": "string",
- "displayName": "string",
- "issueInitiator": {
- "name": "string",
- "email": "string"
}
}, - "policies": [ ]
}
]
}Get issue details
Returns detailed information about selected issue. It allows to track its status over time.
Authorizations:
path Parameters
| id required | integer <int64> >= 0 ID of the issue to return |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "id": 0,
- "sourceId": "string",
- "status": "string",
- "type": "string",
- "source": "string",
- "sourceLabel": "string",
- "sourceType": "string",
- "severity": 1,
- "updated": 0,
- "detected": 0,
- "item": {
- "type": "string",
- "displayName": "string",
- "issueDetails": {
- "name": "string",
- "email": "string"
}, - "issueInitiator": {
- "name": "string",
- "email": "string"
}
}, - "policies": [
- "string"
], - "webViewLink": "string",
- "assignee": {
- "email": "user@example.com"
}, - "violationDetails": {
- "publicLinks": [
- {
- "link": "string",
- "createdBy": {
- "displayName": "string",
- "email": "user@example.com"
}, - "views": 0
}
]
}
}Issue Remediation
Resolve or Dismiss open issues
Authorizations:
path Parameters
| id required | integer <int64> >= 0 ID of the issue to update |
Request Body schema: application/json
| issueStatus required | string Enum: "RESOLVED" "IGNORED" RESOLVED - To Resolve issue, |
| fixingMethod | string Enum: "MARK_AS_RESOLVED" "DISABLE_USER_ACCOUNT" "RESET_PASSWORD" Optional parameter to specify fixing method. "MARK_AS_RESOLVED" and "DISABLE_USER_ACCOUNT" are valid for Probable Ransomware, Unusual Access & Suspicious Login whereas "RESET_PASSWORD" is valid for Suspicious Login issue type only |
Responses
Request samples
- Payload
{- "issueStatus": "IGNORED",
- "fixingMethod": "MARK_AS_RESOLVED"
}Response samples
- 204
- 400
- 401
- 403
- 404
- 422
- 500
""Get unusual activity details for an issue
Returns detailed information about unusual activities for selected issue.
Authorizations:
path Parameters
| id required | integer <int64> >= 0 ID of the issue to return |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
[- {
- "type": "ACCESSED",
- "numberOfFiles": 0,
- "numberOfSensitiveFiles": 0,
- "date": "string",
- "topFiles": [
- {
- "path": "string",
- "name": "string",
- "isSensitive": true
}
], - "topItems": [
- {
- "path": "string",
- "filesCount": 0,
- "sensitiveFilesCount": 0
}
], - "machineDetails": {
- "ipAddresses": [
- "string"
], - "locations": [
- "string"
], - "operatingSystems": [
- "string"
], - "entryPoints": [
- "string"
], - "deviceNames": [
- "string"
]
}
}
]Register an issues webhook
Allows for webhook registration. It will be getting notifications about changes in Egnyte Secure and Govern issues. Endpoint returns ID of newly registered webhook, expiration timestamp and current status.
Authorizations:
Request Body schema: application/json
| url required | string |
| eventType | Array of strings non-empty Items Enum: "create" "modify" "resolve" |
| issueType | Array of strings non-empty Items Enum: "COMPROMISED_ACCOUNT" "EMPTY_GROUP" "EXTERNAL_SHARING" "INDIVIDUAL_PERMISSION" "MALFORMED_PERMISSIONS" "MALWARE_INFECTION" "OPEN_ACCESS" "PUBLIC_LINK" "UNUSED_GROUP" "UNUSUAL_ACCESS" |
| authHeader | string |
Responses
Request samples
- Payload
{- "eventType": [
- "create"
]
}Response samples
- 201
- 400
- 401
- 403
- 404
- 409
- 500
{- "webhookId": "c9ac0519-284a-4bee-9574-30ae7891e5dc",
- "expires": 2100000000,
- "status": "enabled"
}Get users webhooks
Returns webhooks ID, expiration timestamp and status.
Authorizations:
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
[- {
- "webhookId": "c9ac0519-284a-4bee-9574-30ae7891e5dc",
- "expires": 2100000000,
- "status": "enabled"
}, - {
- "webhookId": "c9ac0519-284a-4bee-9574-30ae7891e5dc",
- "expires": 2100000000,
- "status": "disabled"
}
]Get webhook status
Returns webhook ID, expiration timestamp and status.
Authorizations:
path Parameters
| webhookId required | string ID of the webhook |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "webhookId": "c9ac0519-284a-4bee-9574-30ae7891e5dc",
- "expires": 2100000000,
- "status": "enabled"
}Set webhook status
Allows to set webhook status.
Authorizations:
path Parameters
| webhookId required | string ID of the webhook |
Request Body schema: application/json
| status required | string Enum: "enabled" "disabled" |
Responses
Request samples
- Payload
{- "status": "enabled"
}Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "webhookId": "c9ac0519-284a-4bee-9574-30ae7891e5dc",
- "expires": 2100000000,
- "status": "enabled"
}Create Legal Hold
A Legal Hold retains content related to a legal matter, securing all files defined in the hold scope that were created, accessed or deleted within a specified date range.
These files will be retained until the Legal Hold is closed or cancelled.
Criteria for hold scope are defined in this request, but can be modified and extended later
Authorizations:
Request Body schema: application/json
| name required | string non-empty Human-readable name of the Legal Hold. |
| description | string Description of the particular Legal Hold. |
| legalMatter required | string non-empty Legal matter concerning this particular Legal Hold. |
| startDate | integer <int64> >= 0 Unix timestamp. |
| endDate | integer <int64> >= 0 Unix timestamp. |
| holdScopeOperator required | string Enum: "or" "and" Logical operator defining if ANY or ALL hold scope's criteria should apply to the file for it to be retained. |
required | object Hold scope's criteria. |
Responses
Request samples
- Payload
{- "name": "Copyright Infringement Claim",
- "description": "Claims of Copyright Infringement by Competitor",
- "legalMatter": "Copyright Infringement",
- "startDate": 1566370800000,
- "endDate": 1575435600000,
- "holdScopeOperator": "or",
- "holdScope": {
- "custodians": [
- {
- "email": "johndoe@egnyte.com"
}
], - "folders": [
- {
- "includedFolderIds": [
- "958215e6-14c2-4a3d-b6da-975ed306fb1c"
], - "excludedFolderIds": [
- "2cefff09-d769-49e6-8bd6-70fc3f815b06"
], - "sourceId": "e891cee7-a0e7-462c-97b7-637532729a31"
}
]
}, - "targetDomain": ""
}Response samples
- 201
- 400
- 401
- 403
- 404
- 500
{- "legalHoldId": "df497868-9f1b-4ef2-963c-436d9156a91e"
}Get list of Legal Holds
Returns Legal Holds. The list can be filtered by status.
Authorizations:
query Parameters
| status | string Enum: "open" "closed" Legal Holds status used for filtering. If not provided, all Legal Holds will be returned. |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
[- {
- "legalHoldId": "df497868-9f1b-4ef2-963c-436d9156a91e",
- "name": "Copyright Infringement Claim",
- "legalMatter": "Copyright Infringement",
- "retainedFiles": 2680,
- "status": "open"
}, - {
- "legalHoldId": "746f3ffd-a8ec-4a3f-a8cb-d51b9d4ef96e",
- "name": "Alice White's Non-compete Clause",
- "legalMatter": "Non-compete Clause",
- "retainedFiles": 95,
- "status": "open"
}
]Get Legal Hold details
Returns details of the Legal Hold. This includes the fields defined when creating it and also current status.
Authorizations:
path Parameters
| legalHoldId required | string <uuid> ID of the Legal Hold |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "name": "Copyright Infringement Claim",
- "description": "Claims of Copyright Infringement by Competitor",
- "legalMatter": "Copyright Infringement",
- "startDate": 1566370800000,
- "endDate": 1575435600000,
- "holdScopeOperator": "or",
- "holdScope": {
- "custodians": [
- {
- "name": "John Doe",
- "email": "johndoe@egnyte.com",
- "sources": null,
- "disabledSources": null
}
], - "folders": [
- {
- "includedFolders": {
- "958215e6-14c2-4a3d-b6da-975ed306fb1c": "/Shared/Documents"
}, - "excludedFolders": {
- "2cefff09-d769-49e6-8bd6-70fc3f815b06": "/Shared/Documents/Invoices"
}, - "sourceId": "e891cee7-a0e7-462c-97b7-637532729a31"
}
]
}, - "status": "open",
- "createdBy": "Bob Green",
- "createdDate": 1576535600000,
- "lastModified": 1576535600000,
- "userFacingId": "LH00001",
- "targetDomain": ""
}Update Legal Hold settings
Only settings that were provided in the request will be updated. The rest won't be changed.
Regarding hold scope's criteria this endpoint will overwrite only those that were passed.
It means that if there are only 'folders' defined in the request under 'holdScope', the list of custodians won't be updated.
To clear the list of folders or custodians in the hold scope, empty array '[]' should be passed.
Authorizations:
path Parameters
| legalHoldId required | string <uuid> ID of the Legal Hold |
Request Body schema: application/json
| name | string non-empty Human-readable name of the Legal Hold. |
| description | string Description of the particular Legal Hold. |
| legalMatter | string non-empty Legal matter concerning this particular Legal Hold. |
| startDate | integer <int64> >= 0 Unix timestamp. |
| endDate | integer <int64> >= 0 Unix timestamp. |
| holdScopeOperator | string Enum: "or" "and" Logical operator defining if ANY or ALL hold scope's criteria should apply to the file for it to be retained. |
object Hold scope's criteria. |
Responses
Request samples
- Payload
{- "name": "Copyright Infringement Claim",
- "description": "Claims of Copyright Infringement by Competitor",
- "legalMatter": "Copyright Infringement",
- "startDate": 1566370800000,
- "endDate": 1575435600000,
- "holdScopeOperator": "or",
- "holdScope": {
- "custodians": [
- {
- "email": "johndoe@egnyte.com"
}
], - "folders": [
- {
- "includedFolderIds": [
- "958215e6-14c2-4a3d-b6da-975ed306fb1c"
], - "excludedFolderIds": [
- "2cefff09-d769-49e6-8bd6-70fc3f815b06"
], - "sourceId": "e891cee7-a0e7-462c-97b7-637532729a31"
}
]
}, - "targetDomain": ""
}Response samples
- 200
- 400
- 401
- 403
- 404
- 500
""Delete Legal Hold
Deletes Legal Hold definition from the system. This action is not recoverable and nothing is retained. The corect way to end working with a Legal Hold is to close it - see the /close endpoint.
Authorizations:
path Parameters
| legalHoldId required | string <uuid> ID of the Legal Hold |
Responses
Response samples
- 204
- 400
- 401
- 403
- 404
- 500
""Close Legal Hold
Files retained for this Legal Hold will no longer be preserved.
Closing Legal Hold doesn't remove it entirely from the system. It's still possible to check some of the Legal Hold details.
Authorizations:
path Parameters
| legalHoldId required | string <uuid> ID of the Legal Hold |
Responses
Response samples
- 204
- 400
- 401
- 403
- 404
- 500
""Modify hold scope
Hold scope's criteria, folders and custodians, can be modified by adding or deleting items which expand or shrink the hold scope.
Authorizations:
path Parameters
| legalHoldId required | string <uuid> ID of the Legal Hold |
Request Body schema: application/json
object Definition of items to be added to the hold scope. If the content of the particular folder ids list shouldn't be changed, empty array should be passed. | |
object Definition of items to be deleted from the hold scope. If the content of the particular folder ids list shouldn't be changed, empty array should be passed. |
Responses
Request samples
- Payload
{- "add": {
- "custodians": [
- {
- "email": "bobgreen@egnyte.com"
}
], - "folders": [
- {
- "includedFolderIds": [
- "38515d32-9f14-4719-8dcb-712be0ca772e",
- "d50c3a10-4b1f-4e6e-b9f5-d10f82156498"
], - "excludedFolderIds": [
- "3bbfed22-fd0d-49a9-8e1b-d12fc40f340c"
], - "sourceId": "e891cee7-a0e7-462c-97b7-637532729a31"
}
]
}, - "delete": {
- "custodians": [
- {
- "email": "johndoe@egnyte.com"
}
], - "folders": [
- {
- "includedFolderIds": [
- "7770defb-302a-4fc4-8ce2-ab860722b9d1"
], - "excludedFolderIds": [
- "dc1d2a68-d108-43dc-8d2c-7e72095bfb3b"
], - "sourceId": "e891cee7-a0e7-462c-97b7-637532729a31"
}
]
}
}Response samples
- 200
- 400
- 401
- 403
- 404
- 500
""Get retained files
Returns retained files matching Legal Hold settings. Resulting items are paginated using a cursor. Pagination may return pages with less items than expected based on permissions to view them. As long as a cursor is not null, there's more data to fetch
Authorizations:
path Parameters
| legalHoldId required | string <uuid> ID of the Legal Hold |
query Parameters
| cursor | string The cursor returned in the previous request. |
| count | integer [ 1 .. 100 ] Default: 100 Number of items to return in one response. |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "cursor": null,
- "files": [
- {
- "name": "file_01.txt",
- "path": "/Shared/LegalHolds/XYZ/folder",
- "createdDate": 1582062983539,
- "lastModified": 1582062983539,
- "modifiedBy": {
- "name": "John Doe",
- "email": "johndoe@egnyte.com"
}, - "size": 24,
- "custodians": [
- {
- "name": "John Doe",
- "email": "johndoe@egnyte.com",
- "disabled": false,
- "fileActionDate": 1582062983539,
- "action": "CREATE"
}
]
}, - {
- "name": "file_02.txt",
- "path": "/Shared/LegalHolds/XYZ/folder",
- "createdDate": 1582062983539,
- "lastModified": 1582062983539,
- "modifiedBy": {
- "name": "John Doe",
- "email": "johndoe@egnyte.com"
}, - "size": 25,
- "custodians": [
- {
- "name": "John Doe",
- "email": "johndoe@egnyte.com",
- "disabled": false,
- "fileActionDate": 1582062983539,
- "action": "CREATE"
}
]
}
]
}Get User Actions audit events
Returns User Actions audit events, starting from oldest, uses a cursor to iterate without duplicates.
Authorizations:
query Parameters
| count | integer [ 1 .. 1000 ] Default: 100 Number of items to return at most |
| cursor | string Iteration pointer for a following (not the initial) request. A cursor is returned in response to the initial request and then every following request generates a new cursor to be used in the next request. |
| startDate | string <date-time> Start of date range for audit events to retrieve (if "cursor" and "startDate" is provided, "cursor" has highest priority). ISO 8601 format: "YYYY-MM-DD'T'HH:MM:SSZ" |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Get Content Lifecycle audit events
Returns Content Lifecycle audit events, starting from oldest, uses a cursor to iterate without duplicates.
Authorizations:
query Parameters
| count | integer [ 1 .. 1000 ] Default: 100 Number of items to return at most |
| cursor | string Iteration pointer for a following (not the initial) request. A cursor is returned in response to the initial request and then every following request generates a new cursor to be used in the next request. |
| startDate | string <date-time> Start of date range for audit events to retrieve (if "cursor" and "startDate" is provided, "cursor" has highest priority). ISO 8601 format: "YYYY-MM-DD'T'HH:MM:SSZ" |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Get basic information about the user
Returns information about the user making request: data from Secure and Govern plus clientId of application used.
Authorizations:
Responses
Response samples
- 200
{- "clientId": "hweb8adyh3gumiypa45qdgkm",
- "user": "d870600d-dd67-448f-b482-7c4618862008",
- "tenant": "fc7e9d03-b838-40b3-ae6b-80f761f418d7",
- "scopes": [
- "issues:read"
]
}Request a test run on a classification source
Runs a simulation of a Classification Source scan pass on the given source URL and invokes report endpoint with issues it finds.
Does not return a success/failure result - it's intended as a tool for helping the developer during work and manual acceptance testing, not as a CI/CD tool.
Authorizations:
Request Body schema: application/json
| transport required | string Value: "https" Transport choice. |
| discoveryURL required | string URL of the Classification FS discovery endpoint for the particular source |
| authHeader | string The content for authorization header of requests made to Classification FS |
Responses
Request samples
- Payload
{- "transport": "https",
- "discoveryURL": "string",
- "authHeader": "string"
}Response samples
- 400
- 401
- 403
- 404
- 500
{- "code": "string",
- "message": "string",
- "details": "string"
}