NAV Navbar
cURL Node Python

REST API

Barricade API Endpoint

    https://api.barricade.io

//
// The Node examples use the superagent
// package. You can install it as such:
//
//     $> npm install superagent
//
// Once you've installed the package, the
// examples should be as easy as copy and
// paste (and replacing your key)
//
"""
The Python examples use the requests
package. You can install it as such:

    $> pip install requests

Once you've installed the package, the
examples should be as easy as copy and
paste (and replacing your key)
"""

The Barricade REST API provides programmatic access ot read and write Barricade data. Retrieve your security cases, close them, retrieve your agents, edit their name, retire them, etc.

Structure

On the left-panel, you have the information about various collections and resources.

The middle area contains the actual documentation for the item you selected on the left-side panel.

The right-side panel contains code examples for accessing and using the API.

Feedback and Next Steps

If you find any issues with the API never hesitate to let us know please!. We’re here for you and we’ll fix it asap!

We’re looking forward to working with you and your feedback is paramount to the success of the API. Do get in touch :-)

Authenticate Everything

# cURL uses the -u flag to pass basic auth credentials
# (adding a colon after your API key prevents cURL from asking for a password).
curl "api_endpoint_here" \
  -u <api_key_here>:
//authenticates with Basic Auth
var superagent = require('superagent');
superagent.get('api_endpoint_here')
  .auth('api_key_here', null)
  .end(function (e, res) {
    //...
  });

//authenticates with Authorization header
var superagent = require('superagent');
superagent.get('api_endpoint_here')
  .set('Authorization', 'bearer api_key_here')
  .end(function (e, res) {
    //...
  });
base_url = 'https://api.barricade.io'

# Authenticate with Basic Auth
from requests.auth import HTTPBasicAuth
response = requests.get(
    base_url + '/agents', 
    auth=HTTPBasicAuth('api-key-here', '')
)

print response.status_code
print response.json()

# Authenticate using a Bearer Token
response = requests.get(
    base_url + '/agents',
    headers={"Authorization": "bearer your-api-key-here"}
)

print response.status_code
print response.json()

We require everyone and every application to authenticate all of their requests either with HTTP Basic Auth or using a Bearer Token.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.

We strongly recommend you never turn off SSL verification and the verifypeer option often available in most HTTP-clients.

Barricade Account

You will need a Barricade account before proceeding any further. You can create your account for free and without a credit card right away.

Developer API Keys

You can manage your API keys in the developer section which is accessible through your Barricade dashboard.

Do not share your secret API keys in publicly accessible areas such GitHub, client-side code, and so forth.

Basic HTTP Authentication

Because we only support HTTPs we’ve decided to support Basic Authentication as an authentication mechanism for convenience reasons. You only have to provide your API Key as the username and you do not need to provide a password.

Bearer Token

Should you want to use a Bearer Token using the Authorization header, you are welcomed to do so. We also support it.

Versioning

# Request with Accept header 
curl "api_endpoint_here" \
  -u <apiKey>: \
  -H "Accept: application/json;version=1.0.0"

# or Request with X-API-Version header 
curl "api_endpoint_here" \
  -u <apiKey>: \
  -H "X-API-Version: 1.0.0"
//set version with Accept header
var superagent = require('superagent');
superagent.get('api_endpoint_here')
  .set('Accept', 'application/json; version=1.0.0')
  .end(function (e, res) {
    //...  
  });

//or, set version with X-API-Version header
var superagent = require('superagent');
superagent.get('api_endpoint_here')
  .set('X-API-Version', '1.0.0')
  .end(function (e, res) {
    //...  
  });
import requests

base_url = 'https://api.barricade.io'

# Set version using the Accept header
res = requests.get(
    base_url + '/endpoint-here',
    headers={"Accept": "application/json;version=1.0.0"}
)

print res.status_code
print res.json()

# Or set the version using the X-API-Version
res = requests.get(
    base_url + '/endpoint-here',
    headers={"X-API-Version": "1.0.0"}
)

print res.status_code
print res.json()

The current version is 1.0.0.

When no version is specified, the API uses the current version.

To set the API version on a specific request, set Accept or the X-API-Version header on your request.

Pagination

Example Request

curl -v \
     -XGET https://api.barricade.io/agents\?offset=0&limit=20
     -u <api_key_here>:
//paginate with offset and limit
var superagent = require('superagent');
superagent.get('https://api.barricade.io/agents?offset=0&limit=20')
  .auth('api_key', null)
  .end(function (e, res) {
    //response headers
    //res.header['x-total']
    //res.header['x-offset']
    //res.header['x-limit']
  });
import requests
from requests.auth import HTTPBasicAuth

base_url = 'https://api.barricade.io'
response = requests.get(
    base_url + '/agents?offset=0&limit=20',
    auth=HTTPBasicAuth('api-key-here', ''),
    headers={"Accept": "application/json;version=1.0.0"}
)

print response.status_code
print response.headers
print response.json()

All top-level API resources have support for bulk fetches via their collection (a list of resources). For instance you can list agents, and list cases. These list API methods share a common structure, optionally accepting the following two parameters: limit, and offset.

Query Parameters

Field Type Description
offset Integer A cursor for use in pagination. Pagination starts offset the specified offset.
limit Integer A limit on the number of objects to be returned, between 1 and 100.

Response Headers

Field Type Description
X-Offset Integer The offset used for the query.
X-Limit Integer The limit used for the query.
X-Total Integer The total number of items available for the query.

Agents

Agents quietly monitor, without getting in the way or impacting on your server resources. There is no need for any code or configuration changes to your app.

You can find more information about agents on our general documentation page.

The Agent Resource

The Barricade Agent resource contains the information Barricade uses to build its agents’ page dashboard.

You can change the name, tags and status of the agent resources.

Example Agent Resource
{
  "id": "56e01d450xdb230100841b33",
  "teamId": "55a64a3e82f167c1433f1909",
  "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
  "uuid": "43f0e842-cf60-46ea-bxe9-44d5c363d07d",
  "version": "0.5.0",
  "type": "DigitalOcean",
  "hostname": "ip-172-30-0-75",
  "publicIP": "52.18.109.102",
  "privateIP": "172.30.0.75",
  "mac": "06:c2:36:7c:52:a3",
  "name": "ip-172-30-0-75",
  "tags": [
    "production"
  ],
  "status": "paused",
  "system": {
    "processor": "x86_64",
    "version": "14.04",
    "codename": "Trusty Tahr",
    "name": "ubuntu"
  },
  "identity": {
    "availabilityZone": "eu-west-1a",
    "instanceType": "t2.small",
    "instanceId": "i-c0685479"
  },
  "createdAt": "2013-07-26T23:00:00.000Z"
}
Field Type Description
id String Agent identifier.
teamId String Agent team identifier.
automationKey String Agent automation key.
uuid String Agent randomly generated identifier.
version String Agent version.
type String Target host type.
hostname String Target host name.
publicIP String Public IP address.
privateIP String Private IP address.
mac String MAC address.
name String Agent name.
tags Array The tags associated with your agent.
system Object System details.
identity Object Identity details (dependent on cloud provider).
status String Agent status [active, paused, retired].
createdAt Number Agent registration time in ISO-8601 standard.

Get all agents

Example Request

curl \
  -XGET "https://api.barricade.io/agents?offset=0&limit=30" \
  -u <api_key_here>:
var superagent = require('superagent');
superagent.get('https://api.barricade.io/agents?offset=0&limit=30')
  .auth('api_key_here', null)
  .end(function (e, res) {
    //...
  });
import requests
from requests.auth import HTTPBasicAuth

base_url = 'https://api.barricade.io'
response = requests.get(
    base_url + '/agents?offset=0&limit=30',
    auth=HTTPBasicAuth('api-key-here', ''),
    headers={"Accept": "application/json;version=1.0.0"}
)
[
  {
    "id": "56e01d450xdb230100841b33",
    "teamId": "55a64a3e82f167c1433f1909",
    "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
    "uuid": "43f0e842-cf60-46ea-bxe9-44d5c363d07d",
    "version": "0.5.0",
    "type": "DigitalOcean",
    "hostname": "ip-172-30-0-75",
    "publicIP": "52.18.109.102",
    "privateIP": "172.30.0.75",
    "mac": "06:c2:36:7c:52:a3",
    "name": "PROD_WEB",
    "tags": [
      "production",
      "web",
    ],
    "status": "active",
    "system": {
      "processor": "x86_64",
      "version": "14.04",
      "codename": "Trusty Tahr",
      "name": "ubuntu"
    },
    "identity": {
      "availabilityZone": "eu-west-1a",
      "instanceType": "t2.small",
      "instanceId": "i-c0685479"
    },
    "createdAt": "2013-07-26T23:00:00.000Z"
  }
]

This call is used to retrieve all the agents associated with your Barricade account. Some of our users have a large amount of agents associated with their account and therefore we recommend using pagination with the limit and offset parameters as referenced above.

HTTP Request

GET https://api.barricade.io/agents

Query Parameters

Field Type Description
offset Integer A cursor for use in pagination. Pagination starts from the specified offset.
limit Integer A limit on the number of objects to be returned, between 1 and 100.

Retrieve an Agent

Example Request

curl \
  -XGET https://api.barricade.io/agents/{agentId} \
  -u <api_key_here>:
var superagent = require('superagent');
superagent.get('https://api.barricade.io/agents/{agentId}')
  .auth('api_key_here', null)
  .end(function (e, res) {
    //...
  });
import requests
from requests.auth import HTTPBasicAuth

base_url = 'https://api.barricade.io'
response = requests.get(
    base_url + '/agents/{agentId}',
    auth=HTTPBasicAuth('api-key-here', ''),
    headers={"Accept": "application/json;version=1.0.0"}
)

print response.status_code
print response.headers
print response.json()
{
  "id": "56e01d450xdb230100841b33",
  "teamId": "55a64a3e82f167c1433f1909",
  "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
  "uuid": "43f0e842-cf60-46ea-bxe9-44d5c363d07d",
  "version": "0.5.0",
  "type": "DigitalOcean",
  "hostname": "ip-172-30-0-75",
  "publicIP": "52.18.109.102",
  "privateIP": "172.30.0.75",
  "mac": "06:c2:36:7c:52:a3",
  "name": "ip-172-30-0-75",
  "tags": [
    "production"
  ],
  "status": "paused",
  "system": {
    "processor": "x86_64",
    "version": "14.04",
    "codename": "Trusty Tahr",
    "name": "ubuntu"
  },
  "identity": {
    "availabilityZone": "eu-west-1a",
    "instanceType": "t2.small",
    "instanceId": "i-c0685479"
  },
  "createdAt": "2013-07-26T23:00:00.000Z"
}

This call is used when you want to retrieve an individual agent and its associated information.

HTTP Request

GET https://api.barricade.io/agents/{agentId}

Query Parameters

There are no specific query parameters required to use this resource.

Update an Agent

Example Request

curl \
  -XPUT https://api.barricade.io/agents/{agentId} \
  -u <api_key_here>: \
  -d name=PROD_WEB \
  -d tags=production \
  -d tags=web \
var superagent = require('superagent');
superagent.put('https://api.barricade.io/agents/{agentId}')
  .auth('api_key_here', null)
  .send({name:'PROD_WEB', tags:['production', 'web']})
  .end(function (e, res) {
    //...
  });
import requests
from requests.auth import HTTPBasicAuth

base_url = 'https://api.barricade.io'
response = requests.put(
    base_url + '/agents',
    data={"name": "NewName", "tags": ["newtag", "docker", "mesos"]},
    auth=HTTPBasicAuth('api-key-here', ''),
    headers={"Accept": "application/json;version=1.0.0"}
)

print response.status_code
print response.headers
print response.json()
{
  "id": "56e01d450xdb230100841b33",
  "teamId": "55a64a3e82f167c1433f1909",
  "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
  "uuid": "43f0e842-cf60-46ea-bxe9-44d5c363d07d",
  "version": "0.5.0",
  "type": "DigitalOcean",
  "hostname": "ip-172-30-0-75",
  "publicIP": "52.18.109.102",
  "privateIP": "172.30.0.75",
  "mac": "06:c2:36:7c:52:a3",
  "name": "PROD_WEB",
  "tags": [
    "production",
    "web",
  ],
  "status": "paused",
  "system": {
    "processor": "x86_64",
    "version": "14.04",
    "codename": "Trusty Tahr",
    "name": "ubuntu"
  },
  "identity": {
    "availabilityZone": "eu-west-1a",
    "instanceType": "t2.small",
    "instanceId": "i-c0685479"
  },
  "createdAt": "2013-07-26T23:00:00.000Z"
}

This call is used to update an agent’s information. At the moment you can only modify the name, tags of an agent.

HTTP Request

PUT https://api.barricade.io/agents/{agentId}

Query Parameters

There are no specific query parameters required to use this resource.

Request Body

Field Type Description
name String The updated name for the agent.
tags Array The tags associated with an agent.

Activate an Agent

Example Request

curl \
  -XPUT https://api.barricade.io/agents/{agentId}/activate \
  -u <api_key_here>:
var superagent = require('superagent');
superagent.put('https://api.barricade.io/agents/{agentId}/activate')
  .auth('api_key_here', null)
  .end(function (e, res) {
    //...
  });
import requests
from requests.auth import HTTPBasicAuth

base_url = 'https://api.barricade.io'
response = requests.put(
    base_url + '/agents/{agentId}/activate',
    auth=HTTPBasicAuth('api-key-here', ''),
    headers={"Accept": "application/json;version=1.0.0"}
)

print response.status_code
print response.headers
print response.json()
{
  "id": "56e01d450xdb230100841b33",
  "teamId": "55a64a3e82f167c1433f1909",
  "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
  "uuid": "43f0e842-cf60-46ea-bxe9-44d5c363d07d",
  "version": "0.5.0",
  "type": "DigitalOcean",
  "hostname": "ip-172-30-0-75",
  "publicIP": "52.18.109.102",
  "privateIP": "172.30.0.75",
  "mac": "06:c2:36:7c:52:a3",
  "name": "PROD_WEB",
  "tags": [
    "production",
    "web",
  ],
  "status": "active",
  "system": {
    "processor": "x86_64",
    "version": "14.04",
    "codename": "Trusty Tahr",
    "name": "ubuntu"
  },
  "identity": {
    "availabilityZone": "eu-west-1a",
    "instanceType": "t2.small",
    "instanceId": "i-c0685479"
  },
  "createdAt": "2013-07-26T23:00:00.000Z"
}

An agent can have three states: active, paused, retired. This call allows you to activate an agent that had previously been paused.

We have written about stopping and removing agents in our general documentation.

HTTP Request

PUT https://api.barricade.io/agents/{agentId}/activate

Query Parameters

There are no specific query parameters required to use this resource.

Pause an Agent

Example Request

curl \
  -XPUT https://api.barricade.io/agents/{agentId}/pause \
  -u <api_key_here>:
var superagent = require('superagent');
superagent.put('https://api.barricade.io/agents/{agentId}/pause')
  .auth('api_key_here', null)
  .end(function (e, res) {
    //...
  });
import requests
from requests.auth import HTTPBasicAuth

base_url = 'https://api.barricade.io'
response = requests.put(
    base_url + '/agents/{agentId}/pause',
    auth=HTTPBasicAuth('api-key-here', ''),
    headers={"Accept": "application/json;version=1.0.0"}
)

print response.status_code
print response.headers
print response.json()
{
  "id": "56e01d450xdb230100841b33",
  "teamId": "55a64a3e82f167c1433f1909",
  "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
  "uuid": "43f0e842-cf60-46ea-bxe9-44d5c363d07d",
  "version": "0.5.0",
  "type": "DigitalOcean",
  "hostname": "ip-172-30-0-75",
  "publicIP": "52.18.109.102",
  "privateIP": "172.30.0.75",
  "mac": "06:c2:36:7c:52:a3",
  "name": "PROD_WEB",
  "tags": [
    "production",
    "web",
  ],
  "status": "paused",
  "system": {
    "processor": "x86_64",
    "version": "14.04",
    "codename": "Trusty Tahr",
    "name": "ubuntu"
  },
  "identity": {
    "availabilityZone": "eu-west-1a",
    "instanceType": "t2.small",
    "instanceId": "i-c0685479"
  },
  "createdAt": "2013-07-26T23:00:00.000Z"
}

Sometimes you find yourself with a lot of active agents that are not actually active. You have discarded those servers and you may not be interested in having their output clutter the dashboard. You can pause these agents. Pausing an agent will stop the monitoring on Barricade’s side.

See our general documentation about stopping & pausing agents.

HTTP Request

PUT https://api.barricade.io/agents/{agentId}/pause

Query Parameters

There are no specific query parameters required to use this resource.

Retire an Agent

Example Request

curl \
  -XPUT https://api.barricade.io/agents/{agentId}/retire \
  -u <api_key_here>:
var superagent = require('superagent');
superagent.put('https://api.barricade.io/agents/{agentId}/retire')
  .auth('api_key_here', null)
  .end(function (e, res) {
    //...
  });
import requests
from requests.auth import HTTPBasicAuth

base_url = 'https://api.barricade.io'
response = requests.put(
    base_url + '/agents/{agentId}/retire',
    auth=HTTPBasicAuth('api-key-here', ''),
    headers={"Accept": "application/json;version=1.0.0"}
)

print response.status_code
print response.headers
print response.json()
{
  "id": "56e01d450xdb230100841b33",
  "teamId": "55a64a3e82f167c1433f1909",
  "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
  "uuid": "43f0e842-cf60-46ea-bxe9-44d5c363d07d",
  "version": "0.5.0",
  "type": "DigitalOcean",
  "hostname": "ip-172-30-0-75",
  "publicIP": "52.18.109.102",
  "privateIP": "172.30.0.75",
  "mac": "06:c2:36:7c:52:a3",
  "name": "PROD_WEB",
  "tags": [
    "production",
    "web",
  ],
  "status": "retired",
  "system": {
    "processor": "x86_64",
    "version": "14.04",
    "codename": "Trusty Tahr",
    "name": "ubuntu"
  },
  "identity": {
    "availabilityZone": "eu-west-1a",
    "instanceType": "t2.small",
    "instanceId": "i-c0685479"
  },
  "createdAt": "2013-07-26T23:00:00.000Z"
}

If you are no longer interested in an agent’s potential, feel free to retire it. We created the concept of reitred agents so that you never loose information about the cases related to an agent, even after it has been paused and is no longer in use. We call it responsible management.

See our general documentation about stopping & pausing agents.

HTTP Request

PUT https://api.barricade.io/agents/{agentId}/retire

Query Parameters

There are no specific query parameters required to use this resource.

Cases

Whenever Barricade identifies strange behaviour we log it. When we identify something that could require your attention we create a “case file” which contains information related to the behaviour we’ve identified.

Using this part of the API you can retrieve all the cases associated with your Barricade account.

The Case Resource

Example Network Case
{
  "id": "AVPl7LFLAhxxxKFz-ORR",
  "teamId": "56e01d450xdb230100841b33",
  "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
  "context": {
    "agent": {
      "id": "570bc627d2c7ee0100375215",
      "teamId": "56e01d450xdb230100841b33",
      "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
      "uuid": "26aafcdc-5c8b-4e2f-bxa3-55e3b7661c71",
      "version": "0.6.0",
      "name": "spring_lake",
      "tags": [
        "production"
      ],
      "hostname": "ip-172-30-0-75.eu-west-1.compute.internal",
      "type": "AmazonEC2",
      "publicIP": "52.18.118.119",
      "privateIP": "172.30.0.75",
      "mac": "06:c2:49:5c:52:a3",
      "system": {
        "name": "ubuntu",
        "codename": "Trusty Tahr",
        "version": "14.04",
        "processor": "x86_64"
      },
      "identity": {
        "instanceId": "i-c0685479",
        "instanceType": "t2.small",
        "availabilityZone": "eu-west-1a"
      }
    }
  },
  "fingerprint": "79bc71a1f99529af09f9e2aea94361bf",
  "type": "network",
  "importance": "attack",
  "status": "open",
  "details": {
    "type": "web-application-attack-xss",
    "src": "144.168.45.117",
    "sport": "55022",
    "dst": "172.30.0.75",
    "dport": "80",
    "path": "/cgi-bin/php",
    "numOfTimesByIPs": "4"
  },
  "createdAt": "1461-07-26T23:00:00.000Z"
}
Example Packages Case 
{
  "id": "AVQl7LFLAhAxQKFz-ORR",
  "teamId": "56e01d450xdb230100841b33",
  "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
  "context": {
    "agent": {
      "id": "570bc627d2c7ee0100375215",
      "teamId": "56e01d450xdb230100841b33",
      "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
      "uuid": "26aafcdc-5c8b-4e2f-bxa3-55e3b7661c71",
      "version": "0.6.0",
      "name": "spring_lake",
      "tags": [
        "production"
      ],
      "hostname": "ip-172-30-0-75.eu-west-1.compute.internal",
      "type": "AmazonEC2",
      "publicIP": "52.18.118.119",
      "privateIP": "172.30.0.75",
      "mac": "06:c2:49:5c:52:a3",
      "system": {
        "name": "ubuntu",
        "codename": "Trusty Tahr",
        "version": "14.04",
        "processor": "x86_64"
      },
      "identity": {
        "instanceId": "i-c0685479",
        "instanceType": "t2.small",
        "availabilityZone": "eu-west-1a"
      }
    }
  },
  "fingerprint": "79bc71a1f99529af09f9e2aea94361bf",
  "type": "packages",
  "importance": "attack",
  "status": "open",
  "details": {
    "type": "software-vulnerable-nofix",
    "packages": "pcre#CVE-2016-3191#7.5,expat#CVE-2015-1283#6.8"
  },
  "createdAt": "1461-07-26T23:00:00.000Z"
}

All cases will contain information related to a case (behaviour we’ve identified that we think need to be stored).

Field Type Description
id String Case identifier.
teamId String Team identifier.
automationKey String Team Automation Key.
context Object Context about when the case was created. For instance the agent information at the time.
type String Case type [network, package].
importance String Case importance [event, attack, incident].
status String Case status [open, opened, resolved].
details Object Case details specific for each case type.

Network:
type, src, sport, dst, dport, path, numOfTimesByIPs

Packages:
type, packages(package#cve#score)

createdAt Number Case creation time in ISO-8601 standard.

Cases can be of two types: network and packages. The Barricade agents listens to all network traffic and also keeps track of the packages installed on your servers. When we notice strange network behavior, we create a case of type network.

When we notice that one of your package is out of date and a known vulnerability exists, we create a case of type package.

Package score is specific to the vendor if it’s specificed, otherwise we give you the CVE score associated with a package case. The CVE score is the importance and seriousness of a vulnerability.

Get All Cases

Example Request

curl \
  -XGET "https://api.barricade.io/cases?offset=0&limit=30" \
  -u <api_key_here>:
var superagent = require('superagent');
superagent.get('https://api.barricade.io/cases?offset=0&limit=30')
  .auth('api_key_here', null)
  .end(function (e, res) {
    //...
  });
import requests
from requests.auth import HTTPBasicAuth

base_url = 'https://api.barricade.io'
response = requests.get(
    base_url + '/cases?offset=0&limit=30',
    auth=HTTPBasicAuth('api-key-here', ''),
    headers={"Accept": "application/json;version=1.0.0"}
)

print response.status_code
print response.json()
[
  {
    "id": "AVQl7LFLAhAxQKFz-ORR",
    "teamId": "56e01d450xdb230100841b33",
    "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
    "context": {
      "agent": {
        "id": "570bc627d2c7ee0100375215",
        "teamId": "56e01d450xdb230100841b33",
        "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
        "uuid": "26aafcdc-5c8b-4e2f-bxa3-55e3b7661c71",
        "version": "0.6.0",
        "name": "spring_lake",
        "tags": [
          "production"
        ],
        "hostname": "ip-172-30-0-75.eu-west-1.compute.internal",
        "type": "AmazonEC2",
        "publicIP": "52.18.118.119",
        "privateIP": "172.30.0.75",
        "mac": "06:c2:49:5c:52:a3",
        "system": {
          "name": "ubuntu",
          "codename": "Trusty Tahr",
          "version": "14.04",
          "processor": "x86_64"
        },
        "identity": {
          "instanceId": "i-c0685479",
          "instanceType": "t2.small",
          "availabilityZone": "eu-west-1a"
        }
      }
    },
    "fingerprint": "79bc71a1f99529af09f9e2aea94361bf",
    "type": "network",
    "importance": "attack",
    "status": "open",
    "details": {
      "type": "web-application-attack-xss",
      "src": "144.168.45.117",
      "sport": "55022",
      "dst": "172.30.0.75",
      "dport": "80",
      "path": "/cgi-bin/php",
      "numOfTimesByIPs": "4"
    },
    "createdAt": "1461-07-26T23:00:00.000Z"
  }
]

Retrieves agents.

HTTP Request

GET https://api.barricade.io/cases

Query Parameters

Field Type Description
offset Integer A cursor for use in pagination. Pagination starts from the specified offset.
limit Integer A limit on the number of objects to be returned, between 1 and 100.
type String The type of case to retrieve: network, package.
importance String The importance associated with a case: event, attack, incident.
status String The status of a case: open, opened, resolved.

Retrieve a Case

Example Request

curl \
  -H "Content-Type: application/json" \
  -XGET https://api.barricade.io/cases/{caseId} \
  -u <api_key_here>:
var superagent = require('superagent');
superagent.get('https://api.barricade.io/cases/{caseId}')
  .auth('api_key_here', null)
  .end(function (e, res) {
    //...
  });
{
  "id": "AVQl7LFLAhAxQKFz-ORR",
  "teamId": "56e01d450xdb230100841b33",
  "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
  "context": {
    "agent": {
      "id": "570bc627d2c7ee0100375215",
      "teamId": "56e01d450xdb230100841b33",
      "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
      "uuid": "26aafcdc-5c8b-4e2f-bxa3-55e3b7661c71",
      "version": "0.6.0",
      "name": "spring_lake",
      "tags": [
        "production"
      ],
      "hostname": "ip-172-30-0-75.eu-west-1.compute.internal",
      "type": "AmazonEC2",
      "publicIP": "52.18.118.119",
      "privateIP": "172.30.0.75",
      "mac": "06:c2:49:5c:52:a3",
      "system": {
        "name": "ubuntu",
        "codename": "Trusty Tahr",
        "version": "14.04",
        "processor": "x86_64"
      },
      "identity": {
        "instanceId": "i-c0685479",
        "instanceType": "t2.small",
        "availabilityZone": "eu-west-1a"
      }
    }
  },
  "fingerprint": "79bc71a1f99529af09f9e2aea94361bf",
  "type": "network",
  "importance": "attack",
  "status": "open",
  "details": {
    "type": "web-application-attack-xss",
    "src": "144.168.45.117",
    "sport": "55022",
    "dst": "172.30.0.75",
    "dport": "80",
    "path": "/cgi-bin/php",
    "numOfTimesByIPs": "4"
  },
  "createdAt": "1461-07-26T23:00:00.000Z"
}

Retrieve an individual case and its associated information.

HTTP Request

GET https://api.barricade.io/cases/{caseId}

Query Parameters

Not applicable

Resolves a Case

curl \
  -XPUT https://api.barricade.io/cases/{caseId}/resolve \
  -u <api_key_here>:
var superagent = require('superagent');
superagent.put('https://api.barricade.io/cases/{caseId}/resolve')
  .auth('api_key_here', null)
  .end(function (e, res) {
    //...
  });
import requests
from requests.auth import HTTPBasicAuth

base_url = 'https://api.barricade.io'
response = requests.put(
    base_url + '/cases/{caseId}/resolve',
    auth=HTTPBasicAuth('api-key-here', ''),
    headers={"Accept": "application/json;version=1.0.0"}
)
{
  "id": "AVQl7LFLAhAxQKFz-ORR",
  "teamId": "56e01d450xdb230100841b33",
  "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
  "context": {
    "agent": {
      "id": "570bc627d2c7ee0100375215",
      "teamId": "56e01d450xdb230100841b33",
      "automationKey": "c81c1627-a697-4517-9xa3-eb122d727f5e",
      "uuid": "26aafcdc-5c8b-4e2f-bxa3-55e3b7661c71",
      "version": "0.6.0",
      "name": "spring_lake",
      "tags": [
        "production"
      ],
      "hostname": "ip-172-30-0-75.eu-west-1.compute.internal",
      "type": "AmazonEC2",
      "publicIP": "52.18.118.119",
      "privateIP": "172.30.0.75",
      "mac": "06:c2:49:5c:52:a3",
      "system": {
        "name": "ubuntu",
        "codename": "Trusty Tahr",
        "version": "14.04",
        "processor": "x86_64"
      },
      "identity": {
        "instanceId": "i-c0685479",
        "instanceType": "t2.small",
        "availabilityZone": "eu-west-1a"
      }
    }
  },
  "fingerprint": "79bc71a1f99529af09f9e2aea94361bf",
  "type": "network",
  "importance": "attack",
  "status": "resolved",
  "details": {
    "type": "web-application-attack-xss",
    "src": "144.168.45.117",
    "sport": "55022",
    "dst": "172.30.0.75",
    "dport": "80",
    "path": "/cgi-bin/php",
    "numOfTimesByIPs": "4"
  },
  "createdAt": "1461-07-26T23:00:00.000Z"
}

Resolve an individual case so that you can better manage your active cases through the dashboard.

HTTP Request

PUT https://api.barricade.io/cases/{caseId}/resolve

Query Parameters

Not applicable

Errors

The Barricade API uses the following error codes:

Error Code Meaning
400 Bad Request – Something seems to be wrong with your requests
401 Unauthorized – Your API key is wrong
403 Forbidden – The resource requested is hidden for administrators only
404 Not Found – The specified resource could not be found
405 Method Not Allowed – You tried to access a resource with an invalid method
406 Not Acceptable – You requested a format that isn’t json
410 Gone – The resource requested has been removed from our servers
429 Too Many Requests – You’re requesting too many resources! Slow down!
500 Internal Server Error – We had a problem with our server. Try again later.
503 Service Unavailable – We’re temporarily offline for maintenance. Please try again later.