TSI API v2¶
For testing and additional technical information, we also provide credentials and access on request to the Cyderes Swagger API: https://tsi-api.cyderes.io/docs
The Cyderes Ticket System Integration (TSI) API can be used to integrate third-party systems with the Cyderes Ticket System. This API allows third parties to do the following:
-
Get multiple tickets by type
-
Get ticket information
-
Get a ticket's attachments
-
Add a comment to a ticket
-
Close a ticket
-
Add an attachment to a ticket
-
Create a new service request ticket
Get tickets¶
Returns a list of tickets for a specific type of ticket. The tickets are returned sorted from newest to oldest based on the lookup field of created or updated.
Definition¶
GET https://tsi-api.cyderes.io/v2/tickets
Header Parameters¶
authentication_token
Unique authentication token provided by Cyderes.
Query Parameters¶
skip integer
Number of tickets to skip.
Default: 0
limit integer
Number of tickets returned.
Range: 1 – 250
Default: 50
created_from date
Date parameter
Format: YYYY-MM-DD (UTC)
created_to date
Date parameter
Format: YYYY-MM-DD (UTC)
updated_from date
Date parameter
Format: YYYY-MM-DD (UTC)
updated_to date
Date parameter
Format: YYYY-MM-DD (UTC)
ticket_type string
Type of ticket to return.
Default: alert
Options:
-
all
-
alert
-
service_task
-
service_proactive
-
service_request
-
phishing
lookup_fields string
Field to sort responses for the search when it comes to date and time. Newest to oldest.
Default: created
Options:
-
created
-
updated
escalated_only boolean
Field to specify whether to only get the escalated tickets.
Default: true
Options:
-
true
-
false
include_raw_event boolean
Options:
-
true
-
false
Example¶
curl -X 'GET' \
'https://tsi-api.cyderes.io/v2/tickets?skip=0&limit=50&ticket_type=alert&lookup_fields=created&escalated_only=true' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <authentication_token>'
Response¶
Returns a list of dictionaries with the data for each ticket. The response body will be different based on the type of ticket selected. Below is a full schema of the response. Returns a status code of 200 if successful.
{
[
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"category": "string",
"type": "string",
"short_description": "string",
"description": "string",
"alert_description": "string",
"soar_case_id": "string",
"soar_alert_ticket_id": "string",
"phishing_investigation": "string",
"analyst_notes": "string",
"recommendations": "string",
"alert_insights": "string",
"alert_insights_html": "string",
"escalated": "True",
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
]
}
Response for Alert Tickets¶
[
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"short_description": "string",
"alert_description": "string",
"alert_insights": "string",
"alert_insights_html": "string",
"soar_case_id": "string",
"soar_alert_ticket_id": "string",
"analyst_notes": "string",
"recommendations": "string",
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
]
Response for Alert Tickets with Cyderes raw event payload¶
[
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"short_description": "string",
"alert_description": "string",
"alert_insights": "string",
"alert_insights_html": "string",
"soar_case_id": "string",
"soar_alert_ticket_id": "string",
"analyst_notes": "string",
"recommendations": "string",
"raw_event_description": "string"
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
]
Response for Service Task Tickets¶
[
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"category": "string",
"type": "string",
"escalated": "string",
"short_description": "string",
"description": "string",
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
]
Response for Service Proactive Tickets¶
[
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"category": "string",
"type": "string",
"escalated": "string",
"short_description": "string",
"description": "string",
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
]
Response for Service Request Tickets¶
[
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"category": "string",
"type": "string",
"escalated": "string",
"short_description": "string",
"description": "string",
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
]
Response for Phishing Tickets¶
[
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"escalated": "string",
"short_description": "string",
"soar_case_id": "string",
"soar_alert_ticket_id": "string",
"phishing_investigation": "string",
"analyst_notes": "string",
"recommendations": "string",
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
]
Get ticket¶
Returns a dictionary of the ticket data.
Definition¶
GET https://tsi-api.cyderes.io/v2/tickets/{ticket_id}
Header Parameters¶
authentication_token
Unique authentication token provided by Cyderes.
Path Parameters¶
ticket_id string
Ticket ID of the ticket.
Example¶
curl -X 'GET' \
'https://tsi-api.cyderes.io/v2/tickets/{ticket_id}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <authentication_token>'
Response¶
Returns a dictionary with the data for ticket. The response body will be different based on the type of ticket. Below is a full schema of the response. Returns a status code of 200 if successful.
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"category": "string",
"type": "string",
"short_description": "string",
"description": "string",
"alert_description": "string",
"alert_investigation": "string",
"soar_case_id": "string",
"soar_alert_ticket_id": "string",
"phishing_investigation": "string",
"analyst_notes": "string",
"recommendations": "string",
"escalated": "string",
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
Response for Alert Tickets¶
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"short_description": "string",
"alert_description": "string",
"alert_investigation": "string",
"soar_case_id": "string",
"soar_alert_ticket_id": "string",
"analyst_notes": "string",
"recommendations": "string",
"escalated": "string",
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
Response for Service Task Tickets¶
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"category": "string",
"type": "string",
"escalated": "string",
"short_description": "string",
"description": "string",
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
Response for Service Proactive Tickets¶
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"category": "string",
"type": "string",
"escalated": "string",
"short_description": "string",
"description": "string",
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
Response for Service Request Tickets¶
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"category": "string",
"type": "string",
"escalated": "string",
"short_description": "string",
"description": "string",
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
Response for Phishing Tickets¶
{
"number": "string",
"ticket_id": "string",
"priority": "string",
"state": "string",
"created": "string",
"updated": "string",
"ticket_type": "string",
"escalated": "string",
"short_description": "string",
"soar_case_id": "string",
"soar_alert_ticket_id": "string",
"phishing_investigation": "string",
"analyst_notes": "string",
"recommendations": "string",
"comments": [
{
"id": "string",
"created": "string",
"author": "string",
"body": "string"
}
]
}
Get ticket attachments¶
Returns a list of dictionaries with the attachments data of the ticket.
Definition¶
GET https://tsi-api.cyderes.io/v2/tickets/{ticket_id}/attachments
Header Parameters¶
authentication_token
Unique authentication token provided by Cyderes.
Path Parameters¶
ticket_id string
Ticket ID of the ticket.
Example¶
curl -X 'GET' \
'https://tsi-api.cyderes.io/v2/tickets/{ticket_id}/attachments' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <authentication_token>'
Response¶
Returns a list of dictionaries with the attachments data of the ticket. Returns a status code of 200 if successful.
[
{
"id": "string",
"file_name": "string",
"file_type": "string",
"attachment_byte_data": "string"
}
]
Get ticket attachment¶
Returns a list of dictionaries with the attachments data of the ticket.
Definition¶
GET https://tsi-api.cyderes.io/v2/tickets/{ticket_id}/attachments/{attachment_id}
Header Parameters¶
authentication_token
Unique authentication token provided by Cyderes.
Path Parameters¶
ticket_id string
ID of the ticket.
attachment_id string
ID of the attachment.
Example¶
curl -X 'GET' \
'https://tsi-api.cyderes.io/v2/tickets/{ticket_id}/attachments/{attachment_id}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <authentication_token>'
Response¶
Returns a list of dictionaries with the attachments data of the ticket. Returns a status code of 200 if successful.
{
"id": "string",
"file_name": "string",
"file_type": "string",
"attachment_byte_data": "string"
}
Add a comment to a ticket¶
Provides the ability to add a comment to a ticket.
Definition¶
POST https://tsi-api.cyderes.io/v2/tickets/{ticket_id}/comment
Header Parameters¶
authentication_token
Unique authentication token provided by Cyderes.
Path Parameters¶
ticket_id string
Ticket ID of the ticket.
content_type
Set Content-Type to application/json.
Request Body Parameters¶
author string
Full name of the author of the comment.
body string
Body of the comment to add into the ticket.
Example¶
curl -X 'POST' \
'https://tsi-api.cyderes.io/v2/tickets/{ticket_id}/comment' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {authentication_token}\
-H 'Content-Type: application/json' \
-d '{
"author": "string",
"body": "string"
}'
Response¶
Returns a status code of 201 if successful.
Close a ticket¶
Provides the ability to flag a ticket as closed.
Definition¶
POST https://tsi-api.cyderes.io/v2/tickets/{ticket_id}/close
Header Parameters¶
authentication_token
Unique authentication token provided by Cyderes.
Path Parameters¶
ticket_id string
Ticket ID of the ticket.
Query Parameters¶
comment string
Custom closure comment.
Optional.
Example¶
curl -X 'POST' \
'https://tsi-api.cyderes.io/v2/tickets/{ticket_id}/close?comment=test' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {authentication_token}
Response¶
Returns a status code of 200 if successful.
Add an attachment to a ticket¶
Provides the ability to add an attachment to a ticket.
Definition¶
POST https://tsi-api.cyderes.io/v2/tickets/{ticket_id}/attachment
Header Parameters¶
authentication_token
Unique authentication token provided by Cyderes.
content_type
Set Content-Type to multipart/form-data.
Path Parameters¶
ticket_id string
Ticket ID of the ticket.
Request Body Parameters¶
file string($binary)
Binary data of the document to be added as an attachment.
Example¶
curl -X 'POST' \
'https://tsi-api.cyderes.io/v2/tickets/{ticket_id}/attachment' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {authentication_token} \
-H 'Content-Type: multipart/form-data' \
-F 'file={document}
Response¶
Returns a status code of 200 if successful.
Create a service request¶
Provides the ability to add a comment to a ticket.
Definition¶
POST https://tsi-api.cyderes.io/v2/tickets/create
Header Parameters¶
authentication_token
Unique authentication token provided by Cyderes.
content_type
Set Content-Type to application/json.
Request Body Parameters¶
name string
Full name of the author of the service request.
short_description string
Summary of the service request.
description string
Full description of the service request.
Example¶
curl -X 'POST' \
'https://tsi-api.cyderes.io/v2/tickets/create' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {authentication_token} \
-H 'Content-Type: application/json' \
-d '{
"name": "string",
"priority": "string",
"category": "string",
"type": "string",
"short_description": "string",
"description": "string"
}'
Response¶
Returns a status code of 201 if successful.
{
"status": 201,
"ticket_id": {ticket_id}
"message": "Ticket has been created."
}