{"activeVersionTag":"latest","latestAvailableVersionTag":"latest","collection":{"info":{"_postman_id":"745d682f-3337-4bba-842f-c040b1ebb6e1","name":"iboss API","description":"## **Getting Started**\n\nThe iboss Zero Trust SSE platform is completely API driven and uses a RESTful and JSON interface. The API provides a method to integrate and automate the configuration of the platform with custom workflows.\n\nTo start using the iboss Zero Trust SSE API,\n\n1. You must have an active iboss Zero Trust SSE account and administrative privileges to manage the platform.\n    \n2. The API provides an interface to various capabilities of the platform, including security policies, logging and Browser Isolation. You must have an active subscription to the capabilities you access through the API or an error will be returned when access is attempted to unsubscribed modules.\n    \n3. The platform must be on version 10.1 or above.\n    \n\n## API Libraries\n\nThe iboss cloud service is highly distributed and uses a containerized architecture to provide its capabilities and functions. Each category of capabilities are delivered through containerized nodes of different types. When interacting with the iboss Zero Trust SSE via API, you will make requests to different node types which deliver the associated functionality of each API library. Each library is organized into folders with the following names:\n\n- Authentication - Used to authenticate to the iboss Zero Trust SSE and obtain an authentication token\n    \n- Core - This library contains APIs related to core functionality, such as managing adminstrators, locations and settings of the cloud service.\n    \n- Gateway - This library contains APIs related to the Policy Enforcement Points (PEPs) which include access controls, security, decryption and policies.\n    \n- Reporting - This library contains APIs related to logging and reporting dashboards.\n    \n- Browser Isolation - This library contains APIs related to Browser Isolation\n    \n\n### API Variables\n\nMany iboss Zero Trust SSE \"POST/PUT\" APIs require data provided as results from other iboss Zero Trust SSE \"GET\" APIs. For simplicity these items are stored as Postman environment variables. The \"GET\" API requests may store/update a variable via a Postman test and a corresponding \"POST/PUT\" API request will use the variable.\n\nAPI variables are stored as \"iboss API Environment\" variables and as collection variables. The variables are grouped in the following manner;\n\n- Environment Variables\n    \n    - Used to store pre-authentication information such as username, password, and mfa.\n        \n    - Used to store post-authentication information such as auth tokens, session IDs, and XSRF tokens.\n        \n- Collection Variables\n    \n    - Used to store values used across APIs. The use of these variables is usually limited to a single folder and will be noted where the use crosses the API folder structure.\n        \n\n## Authentication\n\nThe iboss Zero Trust SSE API uses the Bearer Authentication scheme and leverages bearer tokens for authentication. An authentication token is retrieved by making a login request to \"accounts.iboss.com\" using the Login API. The authentication token is used to access the APIs across the various libraries. The session token has a 4 hour lifetime before it is expired.\n\nTo authenticate:\n\n1. Open the \"Login\" API under the \"Authentication\" folder.\n    \n2. Enter your username and password under the Authentication tab. If the account requires MFA, enter the MFA code within the \"totp\" parameter.\n    \n3. Run each of the API calls within the \"Authentication\" folder in order from top to bottom:\n    \n    1. Run the \"Login\" API - This generates the authentication bearer token that will be used for API requests\n        \n    2. Run the \"Get Primary Account ID\" API - This sets the primary account ID for the username sent in the \"Login\" API and sets \"iboss API Environment\" variables for this account.\n        \n    3. Run the \"Get API Base Domains\" API - This sets the domains for the primary nodes (gateway, reporting, browser isolation) within the \"iboss API Environment\" variables. These domain of each primary node will be used when making API calls for functionality provided by each node type.\n        \n\nOnce the API calls above complete, all \"iboss API Environment\" variables will be configured with the authentication information necessary to run any endpoint across the iboss API.\n\nWhen running an API call, notice that the domain name for the endpoint will be different depending on the area of functionality being accessed. There will be a unique API domain for API calls within the Core, Gateway, Reporting, and Browser Isolation folders.\n\n### Authentication Details\n\nWhen using the \"Authentication\" folder API calls to authenticate, all authentication details are handled automatically. The following describes the details of how authentication works.\n\nThe authentication token is sent in the Authentication request header for all API calls that require authentication:\n\n- Core API\n    \n- Gateway API\n    \n- Reporting API\n    \n- Browser Isolation API\n    \n\nWhen passing the token within the Authorization HTTP header, the value must have the following format:\n\n- Token token\n    \n\nWhere \"token\" contains the authentication token obtained from the \"Login\" API call.\n\n## XSRF Tokens\n\nThe \"iboss Core API\" endpoints require XSRF token values to be passed with each API request. The XSRF token value is obtained in a Cookie response when calling the various authentication APIs within the \"Authentication\" library. When making \"iboss Core API\" calls, pass the XSRF token value within the \"X-XSRF-TOKEN\" HTTP header and within a HTTP Cooke value named \"XSRF-TOKEN\".\n\nThe XSRF token values are required with the current iboss Zero Trust SSE v10.1 APIs. In a future version, the need for XSRF tokens will not be required for API access.\n\n## API Endpoint Host\n\nThe domain, or host, that the API request is targetted to depends on the library being accessed. This is due to the highly distributed nature of the iboss Zero Trust SSE service. Each library of API calls are organized into folders. Each API library targets a specific part of the iboss platform and API requests are serviced by the node type that is responsible for that functional area. The primary node FQDN is used and will differ when interacting with the APIs for any library of API calls that are contained within a folder. The appropriate FQDN is automatically obtained when running all of the API calls within the \"Authentication\" folder as described in the Authentication section.\n\nThe following describes the FQDN used for each API library folder:\n\n1. Authentication API - Always uses \"accounts.ibosscloud.com\" for the FQDN of the API call.\n    \n2. Core API - Always uses\"api.ibosscloud.com\" for the FQDN of the API call.\n    \n3. Gateway API - Uses the FQDN of the primary gateway node of the default node cluster within the account.\n    \n4. Reporting API - Uses the FQDN of the primary reporting node of the default node cluster within the account.\n    \n5. Browser Isolation API - Always uses \"api.ibosscloud.com\".\n    \n\nYou can find the FQDN of the primary nodes using the \"Get API Base Domains\" API under the \"Authentication\" folder or by logging into the iboss admin console and navigating to \"Cloud Health->Node Collection Management\". If using the \"Get API Base Domains\" API call, the FQDN of all primary nodes are automatically captured and stored in the \"iboss API Environment\" variables.\n\nWhen making API requests within a specific library folder, make sure to use the correct FQDN for the API based on the mapping described above.\n\n### Authentication error response\n\nIf an API key is missing, malformed, or invalid, you will receive an HTTP 401 Unauthorized response code.\n\n## Rate and usage limits\n\nThe iboss Zero Trust SSE API is not currently rate-limited. Due to the highly distributed and containerized architecture, the iboss platform is capable of handling a large number of API requests without interrupting capabilities. However, unnecessarily high volumes of API requests can be throttled or cut if deemed abusive.","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","isPublicCollection":false,"owner":"26524233","team":4855528,"collectionId":"745d682f-3337-4bba-842f-c040b1ebb6e1","publishedId":"2s93RUuXjk","public":true,"publicUrl":"https://documenter-api.postman.tech/view/26524233/2s93RUuXjk","privateUrl":"https://go.postman.co/documentation/26524233-745d682f-3337-4bba-842f-c040b1ebb6e1","customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"documentationLayout":"classic-double-column","customisation":{"metaTags":[{"name":"description","value":""},{"name":"title","value":"iboss Zero Trust SSE"}],"appearance":{"default":"light","themes":[{"name":"dark","logo":null,"colors":{"top-bar":"212121","right-sidebar":"303030","highlight":"FF6C37"}},{"name":"light","logo":null,"colors":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"}}]}},"version":"8.10.1","publishDate":"2023-05-16T22:00:59.000Z","activeVersionTag":"latest","documentationTheme":"light","metaTags":{"title":"iboss Zero Trust SSE","description":""},"logos":{"logoLight":null,"logoDark":null}},"statusCode":200},"environments":[{"name":"iboss API Environment","id":"b2368d33-00a1-4aa3-9769-70b1318a7b6c","owner":"26742614","values":[{"key":"auth_username","value":"","enabled":true,"type":"default"},{"key":"auth_password","value":"","enabled":true,"type":"secret"},{"key":"auth_mfa","value":"","enabled":true,"type":"secret"},{"key":"token","value":"example-token","enabled":true,"type":"default"},{"key":"accountSettingsId","value":"example-account-settings-id","enabled":true,"type":"default"},{"key":"baseApiDomain","value":"api.ibosscloud.com","enabled":true,"type":"default"},{"key":"gatewayNodeApiDomain","value":"example-gateway-node-api-domain","enabled":true,"type":"default"},{"key":"reportingNodeApiDomain","value":"example-reporting-node-api-domain","enabled":true,"type":"default"},{"key":"browserIsolationNodeApiDomain","value":"example-browser-isolation-node-api-domain","enabled":true,"type":"default"},{"key":"cloudXsrfToken","value":"example-cloud-xsrf-token","enabled":true,"type":"default"},{"key":"cloudSessionId","value":"example-cloud-session-id","enabled":true,"type":"default"},{"key":"reporterSessionId","value":"example-reporter-session-id","enabled":true,"type":"default"},{"key":"reporterXsrfToken","value":"example-reporter-xsrf-token","enabled":true,"type":"default"},{"key":"ibossAccounts","value":"accounts.iboss.com","enabled":true,"type":"default"},{"key":"selective_ssl_decryption_application_id","value":"example-selective-ssl-decryption-application-id","enabled":true,"type":"default"},{"key":"selective_ssl_decryption_application_uuid","value":"example-selective-ssl-decryption-application-uuid","enabled":true,"type":"default"}],"published":true}],"user":{"authenticated":false,"permissions":{"publish":false}},"run":{"button":{"js":"https://run.pstmn.io/button.js","css":"https://run.pstmn.io/button.css"}},"web":"https://www.getpostman.com/","team":{"logo":"https://res.cloudinary.com/postman/image/upload/t_team_logo_pubdoc/v1/team/768118b36f06c94b0306958b980558e6915839447e859fe16906e29d683976f0","favicon":""},"isEnvFetchError":false,"languages":"[{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"HttpClient\"},{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"RestSharp\"},{\"key\":\"curl\",\"label\":\"cURL\",\"variant\":\"cURL\"},{\"key\":\"dart\",\"label\":\"Dart\",\"variant\":\"http\"},{\"key\":\"go\",\"label\":\"Go\",\"variant\":\"Native\"},{\"key\":\"http\",\"label\":\"HTTP\",\"variant\":\"HTTP\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"OkHttp\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"Unirest\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"Fetch\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"jQuery\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"XHR\"},{\"key\":\"c\",\"label\":\"C\",\"variant\":\"libcurl\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Axios\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Native\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Request\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Unirest\"},{\"key\":\"objective-c\",\"label\":\"Objective-C\",\"variant\":\"NSURLSession\"},{\"key\":\"ocaml\",\"label\":\"OCaml\",\"variant\":\"Cohttp\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"cURL\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"Guzzle\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"HTTP_Request2\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"pecl_http\"},{\"key\":\"powershell\",\"label\":\"PowerShell\",\"variant\":\"RestMethod\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"http.client\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"Requests\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"httr\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"RCurl\"},{\"key\":\"ruby\",\"label\":\"Ruby\",\"variant\":\"Net::HTTP\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"Httpie\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"wget\"},{\"key\":\"swift\",\"label\":\"Swift\",\"variant\":\"URLSession\"}]","languageSettings":[{"key":"csharp","label":"C#","variant":"HttpClient"},{"key":"csharp","label":"C#","variant":"RestSharp"},{"key":"curl","label":"cURL","variant":"cURL"},{"key":"dart","label":"Dart","variant":"http"},{"key":"go","label":"Go","variant":"Native"},{"key":"http","label":"HTTP","variant":"HTTP"},{"key":"java","label":"Java","variant":"OkHttp"},{"key":"java","label":"Java","variant":"Unirest"},{"key":"javascript","label":"JavaScript","variant":"Fetch"},{"key":"javascript","label":"JavaScript","variant":"jQuery"},{"key":"javascript","label":"JavaScript","variant":"XHR"},{"key":"c","label":"C","variant":"libcurl"},{"key":"nodejs","label":"NodeJs","variant":"Axios"},{"key":"nodejs","label":"NodeJs","variant":"Native"},{"key":"nodejs","label":"NodeJs","variant":"Request"},{"key":"nodejs","label":"NodeJs","variant":"Unirest"},{"key":"objective-c","label":"Objective-C","variant":"NSURLSession"},{"key":"ocaml","label":"OCaml","variant":"Cohttp"},{"key":"php","label":"PHP","variant":"cURL"},{"key":"php","label":"PHP","variant":"Guzzle"},{"key":"php","label":"PHP","variant":"HTTP_Request2"},{"key":"php","label":"PHP","variant":"pecl_http"},{"key":"powershell","label":"PowerShell","variant":"RestMethod"},{"key":"python","label":"Python","variant":"http.client"},{"key":"python","label":"Python","variant":"Requests"},{"key":"r","label":"R","variant":"httr"},{"key":"r","label":"R","variant":"RCurl"},{"key":"ruby","label":"Ruby","variant":"Net::HTTP"},{"key":"shell","label":"Shell","variant":"Httpie"},{"key":"shell","label":"Shell","variant":"wget"},{"key":"swift","label":"Swift","variant":"URLSession"}],"languageOptions":[{"label":"C# - HttpClient","value":"csharp - HttpClient - C#"},{"label":"C# - RestSharp","value":"csharp - RestSharp - C#"},{"label":"cURL - cURL","value":"curl - cURL - cURL"},{"label":"Dart - http","value":"dart - http - Dart"},{"label":"Go - Native","value":"go - Native - Go"},{"label":"HTTP - HTTP","value":"http - HTTP - HTTP"},{"label":"Java - OkHttp","value":"java - OkHttp - Java"},{"label":"Java - Unirest","value":"java - Unirest - Java"},{"label":"JavaScript - Fetch","value":"javascript - Fetch - JavaScript"},{"label":"JavaScript - jQuery","value":"javascript - jQuery - JavaScript"},{"label":"JavaScript - XHR","value":"javascript - XHR - JavaScript"},{"label":"C - libcurl","value":"c - libcurl - C"},{"label":"NodeJs - Axios","value":"nodejs - Axios - NodeJs"},{"label":"NodeJs - Native","value":"nodejs - Native - NodeJs"},{"label":"NodeJs - Request","value":"nodejs - Request - NodeJs"},{"label":"NodeJs - Unirest","value":"nodejs - Unirest - NodeJs"},{"label":"Objective-C - NSURLSession","value":"objective-c - NSURLSession - Objective-C"},{"label":"OCaml - Cohttp","value":"ocaml - Cohttp - OCaml"},{"label":"PHP - cURL","value":"php - cURL - PHP"},{"label":"PHP - Guzzle","value":"php - Guzzle - PHP"},{"label":"PHP - HTTP_Request2","value":"php - HTTP_Request2 - PHP"},{"label":"PHP - pecl_http","value":"php - pecl_http - PHP"},{"label":"PowerShell - RestMethod","value":"powershell - RestMethod - PowerShell"},{"label":"Python - http.client","value":"python - http.client - Python"},{"label":"Python - Requests","value":"python - Requests - Python"},{"label":"R - httr","value":"r - httr - R"},{"label":"R - RCurl","value":"r - RCurl - R"},{"label":"Ruby - Net::HTTP","value":"ruby - Net::HTTP - Ruby"},{"label":"Shell - Httpie","value":"shell - Httpie - Shell"},{"label":"Shell - wget","value":"shell - wget - Shell"},{"label":"Swift - URLSession","value":"swift - URLSession - Swift"}],"layoutOptions":[{"value":"classic-single-column","label":"Single Column"},{"value":"classic-double-column","label":"Double Column"}],"versionOptions":[],"environmentOptions":[{"value":"0","label":"No Environment"},{"label":"iboss API Environment","value":"26742614-b2368d33-00a1-4aa3-9769-70b1318a7b6c"}],"canonicalUrl":"https://documenter.gw.postman.com/view/metadata/2s93RUuXjk"}