ℹ️ Authentication is conducted via API key. Enterprise accounts can have up to one valid API key at a time.
\nℹ️ To provision a new key, a license holder with access to the platform must sign in to dashboard.it-harvest.com and do so through their user settings panel.
\nℹ️ Rate limits are set to 10 queries / sec with a total monthly query limit of 1,000,000 calls across all endpoints. These are baseline limits - for users with needs that exceed these limits, please contact IT-Harvest.
\n","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[],"owner":"27044018","collectionId":"eaab4151-9512-4a65-a1b8-567a264e8a73","publishedId":"2sAXqtbMNa","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"publishDate":"2024-09-24T17:59:38.000Z"},"item":[{"name":"Metadata","id":"05c76217-6c61-4efd-8891-9505c0c5e1ca","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json"}],"body":{"mode":"raw","raw":"{\n \"token\": \"your_token\",\n \"type\": \"type\"\n}","options":{"raw":{"language":"json"}}},"url":"https://api.it-harvest.com/api:9CUm3jDG/eapi/metadata","description":"\"type\" (String, required): Specifies the type of grouping to retrieve. Can be one of the following:
\"categories\": Returns all vendor categories.
Returned as: A flat list of strings (categories).
Example: [\"IAM\",\"GRC\"]
\"intermediate_subcategories\": Returns all vendor intermediate (cross-category) subcategories.
Returned as: A flat list of strings (categories).
Example: [\"Monitoring\",\"Cloud Asset Management\"]
\"subcategories\": Returns all vendor subcategories.
Returned as: A flat list of strings (categories).
Example: [\"Mobile Device Management\",\"Post-Quantum\"]
\"product_tags\": Returns all product tags.
Returned as: A flat list of strings (categories).
Example: [\"Mobile Device Management\",\"Post-Quantum\"]
\"mitre_tactics\": Returns all MITRE ATT&CK tactics (current version is Enterprise Matrix v15.1).
Returned as: A JSON array with the following schema:
[ { \"id\": int, \"mitre_tactic_id\": string, \"name\": string } ]\"mitre_techniques\": Returns all MITRE ATT&CK techniques.
Returned as: A JSON array with the following schema:
[ { \"id\": int, \"mitre_technique_id\": string, \"name\": string, \"tactic_id\": int } ]\"mitre_subtechniques\": Returns all MITRE ATT&CK subtechniques.
Returned as: A JSON array with the following schema:
[ { \"id\": int, \"technique_id\": int, \"mitre_subtechnique_id\": string, \"name\": string } ]\"nist_functions\": Returns all NIST functions (current version is CSF 2.0).
Returned as: A JSON array with the following schema:
[ { \"id\": int, \"name\": string } ]\"nist_categories\": Returns all NIST categories (current version is CSF 2.0).
Returned as: A JSON array with the following schema:
[ { \"id\": int, \"function_id\": int, \"name\": string, \"nist_category_id\": string } ]\"nist_subcategories\": Returns all NIST subcategories (current version is CSF 2.0).
Returned as: A JSON array with the following schema:
[ { \"id\": int, \"nist_subcategory_id\": string, \"category_id\": int, \"description\": string } ]Here’s the updated version for the Vendors API documentation:
\n\"token\" (String, required): Your authentication token.
\"categories\" (Array of Strings, optional): Filter vendors by specific categories.
\"subcategories\" (Array of Strings, optional): Filter vendors by specific subcategories.
\"page\" (Integer, optional, default: 1): The page number to retrieve.
\"per_page\" (Integer, optional, default: 50, max: 250): The number of vendors to return per page.
\"token\" (String, required): Your authentication token.
\"vendor\" (Integer, required): The ID of the vendor to retrieve.
Vendors are organized in the following hierarchy: Category, Intermediate Subcategory, Subcategory, Group, and Subgroup. Not all vendors have subcategories, groups, or subgroups.
\n","urlObject":{"protocol":"https","path":["api:9CUm3jDG","eapi","vendors","get"],"host":["api","it-harvest","com"],"query":[],"variable":[]}},"response":[{"id":"cdae739b-022e-4f40-861d-2628b3d85efd","name":"Get a Vendor","originalRequest":{"method":"POST","header":[{"key":"Content-Type","value":"application/json"}],"body":{"mode":"raw","raw":"{\n \"vendor\": 24451,\n \"token\": \"foo\"\n}","options":{"raw":{"language":"json"}}},"url":"https://api.it-harvest.com/api:9CUm3jDG/eapi/vendors/get"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Date","value":"Tue, 17 Sep 2024 20:58:17 GMT"},{"key":"Content-Type","value":"application/json; charset=UTF-8"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Connection","value":"keep-alive"},{"key":"Set-Cookie","value":"XNS=9b0e8e5a38023975f82d83089cb111ae|574d02c9abcc5e83d44caa3c8a37144d; Path=/socket/; Secure; HttpOnly; SameSite=Strict"},{"key":"X-App","value":"miss"},{"key":"X-Workspace","value":"hit"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Cache-Control","value":"private, no-cache, no-store, must-revalidate"},{"key":"Pragma","value":"no-cache"},{"key":"Expires","value":"Sat, 20 Sep 2014 20:58:17 GMT"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-Frame-Options","value":"deny"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Access-Control-Allow-Methods","value":"GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD"},{"key":"Access-Control-Allow-Headers","value":"*"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Access-Control-Max-Age","value":"86400"},{"key":"Content-Encoding","value":"gzip"},{"key":"Strict-Transport-Security","value":"max-age=31536000; includeSubDomains;"}],"cookie":[],"responseTime":null,"body":"{\n \"result\": {\n \"id\": 24451,\n \"Name\": \"HYPR\",\n \"Country\": \"United States of America\",\n \"Category\": \"IAM\",\n \"Intermediate_Subcategory_1\": \"Authentication\",\n \"Intermediate_Subcategory_2\": \"\",\n \"Intermediate_Subcategory_3\": \"\",\n \"Subcategory_1\": \"IAM - Authentication\",\n \"S1_G1\": [\n \"Biometric authentication\"\n ],\n \"S1_Group1_Subgroup1\": [],\n \"Subcategory_2\": \"\",\n \"S2_G1\": [],\n \"S2_Group1_Subgroup1\": [],\n \"Subcategory_3\": \"\",\n \"S3_G1\": [],\n \"Founding_year\": 2014,\n \"Website\": \"http://www.hypr.com/\",\n \"YR_HC_Growth\": -6.82,\n \"LQ_Growth\": 2.5,\n \"Current_HC\": 123,\n \"Total_Funding\": 122.1,\n \"State\": \"NY\",\n \"Public\": false,\n \"Description\": \"HYPR is a company that is revolutionizing the way the world logs in by offering modern authentication solutions. The company's main product is HYPR True Passwordless Security®, a cybersecurity technology that focuses on eliminating the use of passwords for both workforce and customers. This product is designed to significantly reduce exposure to phishing attacks and improve overall enterprise security. It operates using the latest FIDO standards, ensuring a high level of assurance.\\n\\nIn addition to its primary product, HYPR also offers HYPR ADAPT, an innovative authentication solution that provides real-time risk assessment and adaptive authentication. This technology is designed to enhance user experience while simultaneously protecting users, systems, and businesses. Furthermore, HYPR provides an authentication SDK that offers a strong alternative to phishable and inconvenient passwords, and it is compatible across devices that customers use in their daily lives.\",\n \"Revenue\": 38,\n \"Health\": 30,\n \"Logo_url\": \"https://api.it-harvest.com/vault/8pBmkccv/R8SU5_F4C5uf5blMsoLY2GWNGF4/K-NGpw../logo.png\",\n \"products\": [\n {\n \"id\": 23804,\n \"Name\": \"HYPR Adapt\",\n \"Description\": \"HYPR Adapt by HYPR is a continuous, risk-based, adaptive authentication solution designed to enhance Zero Trust authentication and detect and mitigate identity-related risks while minimizing user disruption. It provides real-time risk assessment and dynamically adjusts security controls for individual users in changing security environments. HYPR Adapt continuously assesses risk from diverse sources, including device posture, mobile, web and browser signals, real-time events, and user behavior, generating granular user risk profiles. Its risk engine collects and analyzes extensive data to intelligently adjust IAM security processes in real time, aiming to manage identity-related risks while reducing friction in authentication processes. The solution is integrated into the HYPR Zero Trust authentication framework, complementing the company's passkey-based authentication solutions.\",\n \"Features\": [\n {\n \"name\": \"Comprehensive Identity Risk Engine\",\n \"description\": \"Leverages intelligence from various sources including device posture, mobile, web and browser signals, real-time events, and user behavior. Generates granular user risk profiles for individualized adaptive authentication.\"\n },\n {\n \"name\": \"Automated Risk Response\",\n \"description\": \"Automatically responds to potential risks with adaptive measures. Customizable control policies through Open Policy to suit specific business needs.\"\n },\n {\n \"name\": \"Personalized Authentication Flow\",\n \"description\": \"Delivers a dynamic adaptive authentication flow for each user based on individual risk profiles. Automatically adjusts authentication processes and optimizes user experience by providing appropriate level of authentication security.\"\n },\n {\n \"name\": \"Regulatory Compliance Acceleration\",\n \"description\": \"Integrates with existing systems to help meet requirements of NIST, ISO, HIPAA, GDPR, PCI, FISMA, FRCP, and HITECH regulations. Supports implementation of NIST AAL3-compliant authentication and aligns with Zero Trust security framework.\"\n },\n {\n \"name\": \"Security Ecosystem Integration\",\n \"description\": \"Integrates with external systems through an extensible framework. Enables seamless exchange of authentication risk information with existing security systems.\"\n },\n {\n \"name\": \"Soc Empowerment\",\n \"description\": \"Provides high-fidelity identity risk scores and user information to Security Operations Center (SOC). Helps reduce investigation times by prioritizing users with the highest risk/impact ratio.\"\n },\n {\n \"name\": \"Continuous Risk Assessment\",\n \"description\": \"HYPR Adapt continuously assesses user behavior and environmental signals from diverse sources to detect potential identity-related risks and maintain an up-to-date risk profile for each user.\"\n },\n {\n \"name\": \"Dynamic Security Control Adjustment\",\n \"description\": \"Based on the risk assessment, HYPR Adapt dynamically adjusts security controls for individual employees to mitigate identified risks in changing security environments.\"\n },\n {\n \"name\": \"Real-Time Response\",\n \"description\": \"The system drives real-time responses to detected risks, including implementing step-up authentication and initiating re-verification processes when necessary.\"\n },\n {\n \"name\": \"Risk-Based Authentication\",\n \"description\": \"HYPR Adapt enables organizations to enforce step-up authentication and block fraudulent logins based on real-time risk intelligence.\"\n },\n {\n \"name\": \"User Friction Reduction\",\n \"description\": \"The solution aims to minimize user friction during authentication by adapting the process based on the assessed risk level.\"\n },\n {\n \"name\": \"Zero Trust Authentication Integration\",\n \"description\": \"HYPR Adapt is integrated into the HYPR Zero Trust authentication framework, complementing the company's passkey-based authentication solutions.\"\n }\n ],\n \"tags\": []\n },\n {\n \"id\": 23805,\n \"Name\": \"HYPR Affirm\",\n \"Description\": \"HYPR Affirm is an automated identity verification solution provided by HYPR, designed specifically for workforce and customer use cases. It offers continuous identity proofing and verification throughout the user lifecycle, automating processes and integrating into existing security ecosystems and help desk workflows. The product leverages multiple identity verification and proofing technologies, including advanced biometrics, liveness detection, AI-powered chat, document verification, video, and face recognition. HYPR Affirm ensures only authorized individuals gain access to corporate systems and data, meeting enterprise Know Your Employee (KYE) needs and ensuring trust in workforce identities across the entire employee lifecycle.\",\n \"Features\": [\n {\n \"name\": \"Document Verification\",\n \"description\": \"Verifies passports, driver's licenses, and other official documents. Uses advanced verification technology to detect forgeries or alterations.\"\n },\n {\n \"name\": \"Location Detection\",\n \"description\": \"Detects geolocation and compares it against expected location.\"\n },\n {\n \"name\": \"Facial Recognition\",\n \"description\": \"Utilizes cutting-edge technology to detect spoofing tactics like photos or masks.\"\n },\n {\n \"name\": \"Chat Verification\",\n \"description\": \"Implements a secure chat system combining AI and human interaction for identity verification.\"\n },\n {\n \"name\": \"Video Verification\",\n \"description\": \"Confirms employee identity through live video feed.\"\n },\n {\n \"name\": \"Manager Attestation\",\n \"description\": \"Allows supervisor attestation of employee identity to strengthen security. Results are retained but sensitive data is not stored.\"\n },\n {\n \"name\": \"Risk-Based Re-Verification\",\n \"description\": \"Provides risk-based re-verification at critical moments defined by high-impact events, such as an employee logging in on a new device or during a high-value transaction.\"\n },\n {\n \"name\": \"Lifecycle Identity Verification\",\n \"description\": \"Verifies and enforces identity at critical moments in the identity lifecycle based on activity and risk, including employee onboarding, offboarding, or role changes.\"\n },\n {\n \"name\": \"Adaptive Identity Verification\",\n \"description\": \"Implements proactive, adaptive identity verification that prompts reverification of users at risk from new threat vectors or suspect behavior.\"\n },\n {\n \"name\": \"Regulatory Compliance\",\n \"description\": \"Meets NIST IAL2 identity proofing guidelines and supports FIDO 2 Certified biometric authentication credentials.\"\n },\n {\n \"name\": \"Legacy System Integration\",\n \"description\": \"Integrates with legacy systems and various credential systems, eliminating vendor lock-in.\"\n },\n {\n \"name\": \"Ai-Powered Chat Verification\",\n \"description\": \"HYPR Affirm incorporates AI-powered chat technology for identity verification processes.\"\n },\n {\n \"name\": \"Automated Verification Workflows\",\n \"description\": \"HYPR Affirm automates identity verification processes throughout the employee identity lifecycle.\"\n },\n {\n \"name\": \"Integration With Existing Systems\",\n \"description\": \"The product integrates into existing security ecosystems and help desk workflows.\"\n },\n {\n \"name\": \"Know Your Employee (Kye) Controls\",\n \"description\": \"The solution is designed to meet enterprise KYE needs and ensure trust in workforce identities across the entire employee lifecycle.\"\n }\n ],\n \"tags\": [\n {\n \"tag_id\": 117,\n \"Name\": \"Incident Response\"\n }\n ]\n }\n ]\n }\n}"}],"_postman_id":"71373d87-75a0-40a7-850a-dba54ac0bba2"},{"name":"Get all products","id":"9426214f-ed1d-49fa-a130-b6d0a27cca9c","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Content-Type","value":"application/json"}],"body":{"mode":"formdata","formdata":[]},"url":"https://api.it-harvest.com/api:9CUm3jDG/eapi/products/all?token=your_token","description":"\"token\" (String, required): Your authentication token.\"token\" (String, required): Your authentication token.
\"search_query\" (String, optional, nullable): The search string that follows specific syntax rules (detailed below) to filter products.
\"smart_search_query\" (String, optional, nullable): The target string search used for fuzzy matching and cybersecurity term recognition (similar functionality to /se endpoint).
Providing a valid string to smart_search_query automatically overrides the following inputs:
\n\"search_query\" - is not taken into consideration. Only the string provided to the \"smart_search_query\" is used.
\n\"search_query_targets\" - is not taken into consdieration. This input only applies to the \"search_query\" input and only works when a smart search query value is null/not passed and there is a valid \"search_query\" input.
\nWhat does this mean?
\nYou can either use the \"search_query\" + \"search_query_targets\" input combination to search through specific fields OR you can pass a single string to \"smart_search_query\".
\nOnly \"smart_search_query\" leverages IT-Harvests internal cybersecurity dictionary and advanced search engine.
\n\"smart_search_query\" does not support IT-Harvest's search syntax specified below. Syntax only applies to \"search_query\" input.
\nMITRE, NIST, Tag, etc. filters are still applied for every query, regardless of whether you use search_query or smart_search_query.
\n\"search_query_targets\" (Array of Strings, optional, minimum 1 value): Specifies which fields and datapoints will be searched using the search_query. The search will match if the search_query matches any of the specified fields (OR logic). Allowed values are:
\"product_name\"
\"product_description\"
\"vendor_category\"
\"vendor_subcategory\"
\"vendor_description\"
\"vendor_name\"
\"feature_name\"
\"feature_description\"
\"tag_name\"
\"mitre_tactic_name\"
\"mitre_technique_name\"
\"mitre_subtechnique_name\"
\"nist_category_name\"
\"nist_subcategory_description\"
* If a search_query value is passed but no query targets are specified, no results will be returned. When the search_query input is used, targets must be specified for results.
\n\"page\" (Integer, optional, default: 1): The page number to retrieve.
\"per_page\" (Integer, optional, default: 50, max: 250): The number of results per page.
\"tag_ids\" (Array of Integers, optional): An array of tag IDs to filter by. OR logic is applied within this filter.
\"nist_function_ids\" (Array of Integers, optional): An array of NIST function IDs to filter by. OR logic is applied within this filter.
\"nist_category_ids\" (Array of Integers, optional): An array of NIST category IDs to filter by. OR logic is applied within this filter.
\"nist_subcategory_ids\" (Array of Integers, optional): An array of NIST subcategory IDs to filter by. OR logic is applied within this filter.
\"mitre_tactic_ids\" (Array of Integers, optional): An array of MITRE ATT&CK tactic IDs to filter by. OR logic is applied within this filter.
\"mitre_technique_ids\" (Array of Integers, optional): An array of MITRE ATT&CK technique IDs to filter by. OR logic is applied within this filter.
OR within filters: For any array input (e.g., tag_ids, nist_function_ids), the query will match results that satisfy any of the values in the array. For example, [1, 2] will match results containing tag ID 1 OR 2.
AND across filters: When multiple filters are used together (e.g., search_query and tag_ids), the query will match results that satisfy the conditions of all filters. For example, (apple OR orange) AND (tag ID 1 OR 2).
Search Query Application: The search_query will be applied to any of the fields specified in search_query_targets using OR logic. For example, if search_query_targets is [\"product_name\", \"vendor_category\"], the query will match products where the search_query matches either the product_name OR the vendor_category.
The search_query string input allows you to search for products based on specific criteria. It follows the rules and syntax detailed below:
Default Behavior: Words separated by a space imply an AND condition.
\nExample: apple orange will search for results containing both \"apple\" AND \"orange\".
Use double quotes to search for an exact phrase.
\nExample: \"Apple Platform\" will search for results that match the exact phrase \"Apple Platform\".
JSON Escape Note: If entering this directly into a JSON payload, escape the quotes with a backslash.
\nExample: {\"search_query\": \"\\\"Apple Platform\\\"\"}.
Use asterisks * to allow partial phrase matching.
\nExample: Apple * Platform will return results where there is one word between \"Apple\" and \"Platform\".
\nApple * Platform allows for three words in between.
\nWildcards :* can be used within or at the end of a word to match multiple possibilities.
\nExample: Pen:* will return results for \"Pentest\", \"Penetration Testing\", etc.
\nUse parentheses () to group multiple expressions.
Example: (apple OR orange) AND (network OR endpoint) will return results that contain either \"apple\" OR \"orange\" AND either \"network\" OR \"endpoint\".
Example: (quantum OR segmentation) platform will return muliple matches for \"platform\" that also contain either quantum or segmentation.
You can exclude words using a minus - character.
Example: apple -platform will search for results containing \"apple\" but exclude those that contain \"platform\".
You can combine different methods for advanced searches.
\nExample: \"apple platform\" network -security will search for the exact phrase \"apple platform\" AND the word \"network\" while excluding results with \"security\".
The search supports automatic detection of singular and plural forms of words.
\nExample: Searching for platform will also return results for platforms.
\"token\" (String, required): Your authentication token.
\"query\" (String, required, min of 3 characters): The search string.
\"page\" (Integer, optional, default: 1): The page number to retrieve.
\"per_page\" (Integer, optional, default: 50, max: 250): The number of results per page.
This endpoint is designed for straightforward single-input based product name/description matching.
\nComes with more sophisticated handling of user inputs than other product search endpoints including.
\nTypo correction
\nAcronym handling
\nFuzzy matching
\nCybersecurity terminology recognition
\n\"token\" (String, required): Your authentication token.
\"product\" (Integer, required): The ID of the product you want to retrieve.
\"token\" (String, required): Your authentication token.
\"name\" (String, required): The name (or partial name) of the product you want to match.
\"similar_matches_limit\" (Integer, optional, default: 5, max: 25): The number of additional matches to show.
\"token\" (String, required): Your authentication token.
\"chat_context\" (List of Chat Objects, required): The conversation history. Allowed values are:
Chat Object
{\"role\": \"string\", \"content\": \"string\"}
\nThe first and last message in the chat context must have a role of \"user\".
\nIf you are asking a single question with no conversation history, then you would pass:
\n\"chat_context\" = [{\"role\":\"user\", \"content\": \"what are crowdstrike's products\"}]User chat content must be less than 800 characters long.
\nAssistant chat content must be less than 10,000 characters long.
\nRoles must be alternating each message, starting and ending with user messages.
\nChat context is the conversation history being passed to the chatbot.
\nThe input is a list of chat objects, each of which is either a user message or an assistant message. All chat objects must have a \"content\" string representing the user's prompt or the assistant's reply.
\nThis endpoint is desined to only return a list of products. There is no natural language output. Returned products are those that Gideon has determined are most relevant to the user's prompt. This endpoint will not return long lists of products (the upper limit is around fifteen to twenty).
\nPrompts with explicit intent that go beyond asking for products may be rejected. Gideon screens the user's input to ensure that the prompt is relevant and is asking for a product(s). Prompts with direct and explicit parameters on what products the user is looking for will yield the best results.
\nWhy does intent matter?
\nBad Question Examples:
\n\"Does crowdstrike have any post-quantum capabilities?\"
\n\"What kind of anti-phishing functionalities does OPSWAT's product suite have?\"
\nGood Question Examples:
\n\"Show me Crowdstrike Falcon.\"
\n\"Return all of OPSWAT's email security products or solutions that have some kind of email protection features.\"
\n\"I need to replace my cloud SIEM solution, reccomend me some that aren't Splunk.\"
\n\"token\" (String, required): Your authentication token.