ThreatJammer.com User API

Number of APIs: 37

The public API open to the users. Read the docs and learn more..

General information

Description

Threat Jammer supports two end-user REST APIs: the User API and the Report API. The end-user uses the User API to interact with the different databases, heuristics, and machine learning processes. Devices use the Report API to interact with Threat Jammer. This document will explain how to use the User API and interact with the different services, create a token, interpret the quota information, and create the HTTP request to interact with the User API.

Authentication

The API is protected by a Bearer authentication schema. Bearer authentication (also called token authentication) is an HTTP authentication scheme that involves security tokens called bearer tokens. It is used to authenticate the user. All the different endpoints expect a Bearer token in the Authorization header.

Example:

curl -X 'GET'
  'https://dublin.api.threatjammer.com/test'
  -H 'accept: application/json'
  -H 'Authorization: Bearer YOUR_API_KEY'

You can obtain a token after registering on the ThreatJammer.com website for free.

Region specific tokens

All the Bearer tokens contain information about the authorized region. The developers have to use a token created for the region they want to use. A token used in a different region will return a 401 Unauthorized error.

Global errors

The API will return the following permanent errors: - a 401 Unauthorized error if the token is not valid, or does not belong to the region. - a 401 Unauthorized error if the token does not exist. - a 401 Unauthorized error if the token is malformed. - a 403 Forbidden error if the subscription level is not enough. Some endpoints are only available for paid subscription levels.

And these temporary errors: - a 429 Too Many Requests error if the quota is exceeded (see below).

Quota limits

Every request to the User API will consume one (1) quota point.

The API has two rate limiting processes: - a quota limit of 5000 requests per month for the FREE account. The limit is reset every month. - a quota limit of 10 requests per minute for the FREE account. The limit is reset every minute and implements a sliding window mechanism.

Contact Support: Name: ThreatJammer Support Email: support@threatjammer.com

  1. v1-denylist-reported/ip - Get the list of automatically reported IP addresses by the user. GET {{baseUrl}}/v1/denylist/reported/ip?dataset=AOTLX&reported_before=26745926&reported_after=-59968878&expires_before=49822579&expires_after=22732944&greater_than=-86765534&less_than=-58290403&ip_protocol_version=ALL&output_format=JSON

  2. v1-datacenter - Get the IPv4 or IPv6 prefix of the IP address given. GET {{baseUrl}}/v1/datacenter/ip/:ip_address

  3. v1-denylist-reported/ip-{ip address} - Get the details of an automatically reported IP addresses by the user. GET {{baseUrl}}/v1/denylist/reported/ip/:ip_address

  4. v1-allowlist/cidr - Get the list of allowed entered IP addresses by the user. GET {{baseUrl}}/v1/allowlist/cidr?expires_before=49822579&expires_after=22732944&ip_protocol_version=ALL&output_format=JSON

  5. v1-source/ip - Get the full information of all the source lists for the subscription level given. GET {{baseUrl}}/v1/source/ip

  6. v1-denylist-reported/ip-{ip address} - Delete the automatically reported IP address by the user. DELETE {{baseUrl}}/v1/denylist/reported/ip/:ip_address

  7. v1-assess/ip - Get the risk score of all IP address passed in the body and other data signals. POST {{baseUrl}}/v1/assess/ip

  8. v1-assess/ip - Get a risk score of the IP address and different data signals. GET {{baseUrl}}/v1/assess/ip/:ip_address

  9. v1-assess/ip - Get the risk score of all IP address uploaded and other data signals. POST {{baseUrl}}/v1/assess/ip/csv?strict_parse=false

  10. v1-log/ip - Get the changes logged in the different datasets of an IP address. GET {{baseUrl}}/v1/log/ip/:ip_address?dataset=W00P3&logged_after=-23837943