browse
The Umbrella API was released in September 2022, providing a user-friendly and secure platform that enables users to build on, extend, and integrate with Umbrella. It facilitates the creation of multiple cross-platform workflows aggregating our market-leading threat intelligence with other security solutions to expand security enforcement, broaden visibility, and automate incident response.
The Umbrella API endpoints are hosted on api.umbrella.com, with grouped paths per use case. API keys can be managed both in the Umbrella dashboard, under Admin -> API keys, and programmatically with the KeyAdmin API. Each key can be granularly configured with multiple scopes grouped under five primary use cases:
- Admin API endpoints enable you to provision and manage Umbrella API keys and users, view roles, and manage customers for providers and managed providers.
- Auth API endpoints enable you to authorize other services’ integrations with the Umbrella platform.
- Deployments API endpoints enable you to provision, monitor and manage networks and other various entities, and secure them by configuring them in your existing Umbrella policies.
- Policies API endpoints enable you to provision and manage destination lists and the destinations per list.
- Investigate API endpoints enable you to research domains, IPs, and URLs observed by the Umbrella resolvers.
-
Reports API endpoints enable you to read and audit real-time security information about your deployments. The Umbrella App Discovery API provides insights into your cloud-based applications.
Admins can adjust the level of access per scope between Read / Write and Read-Only, depending on the intended use of each API key, while the API keys can be configured to expire on a pre-defined date.
The API credentials generate API access tokens which are valid for 60 minutes. This procedure supports the OAuth 2.0 client credentials flow. In Umbrella multi-org or service provider environments, parent-org API credentials can be used to generate access tokens with the same scopes for a child org specified during the authorization process.
You can find more information and detailed instructions on the Umbrella API platform in our documentation. All the available APIs are documented per use case under API Reference. All the available endpoints and their parameters are documented in the OpenAPI Specification link at the bottom of each use case’s overview page.
If you already use the Legacy Umbrella APIs, please review our API migration guide. There is also a self-paced course on the Cloud Security APIs including the Umbrella API, and a useful Postman Collection for the Umbrella API to help you with your first steps. Finally, you can find additional information including learning labs, and a Sandbox where you can try out the Umbrella API in the Cloud Security section of the Cisco developer page.
If you have questions or need further assistance with the Umbrella API, reach out to Umbrella support at umbrella-support@cisco.com.