Jump to Content
Home
Guides
API Reference
Log In
API Reference
Log In
Home
Guides
API Reference
Indicator Attributes Overview
All
Pages
Start typing to search…
JUMP TO
ThreatConnect v3 API Overview
Introduction
Getting Started
Postman Configuration
Features
Create Activity Logs
Create and Manage Associations
Delete Case Objects in Bulk
Enable Pagination
Filter Results With TQL
HTTP Status Codes
Include Additional Fields in API Responses
Retrieve a List of Available Fields for an Endpoint
Retrieve OpenAPI Documentation
Return a Count of Items
Sort Results
Specify an Owner
Update an Object's Metadata
Available Endpoints
ThreatConnect v3 API
Artifact Types
Artifact Types Overview
Retrieve tql
optns
Retrieve fields
optns
Retrieve entity info
optns
Retrieve ArtifactTypes
get
Retrieve ArtifactType by ID
get
Artifacts
Artifacts Overview
Retrieve tql
optns
Retrieve fields
optns
Retrieve entity info
optns
Delete Artifacts
del
Retrieve Artifacts
get
Create Artifact
post
Delete Artifact by ID
del
Retrieve Artifact by ID
get
Update Artifact
put
Attribute Types
Attribute Types Overview
Retrieve AttributeTypes
get
Retrieve entity info
optns
Retrieve entity info
optns
Retrieve fields
optns
Retrieve tql
optns
Retrieve AttributeType by ID
get
Retrieve fields
optns
Retrieve tql
optns
Case Attributes
Case Attributes Overview
Retrieve CaseAttributes
get
Create CaseAttribute
post
Retrieve entity info
optns
Retrieve fields
optns
Delete CaseAttribute by ID
del
Retrieve tql
optns
Retrieve CaseAttribute by ID
get
Update CaseAttribute by ID
put
Cases
Cases Overview
Retrieve entity info
optns
Delete Cases
del
Retrieve fields
optns
Retrieve Cases
get
Retrieve tql
optns
Create Case
post
Delete Case by ID
del
Retrieve Case by ID
get
Update Case
put
Exclusion List
Exclusion Lists Overview
Retrieve ExclusionLists
get
Create ExclusionList
post
Delete ExclusionList by ID
del
Retrieve ExclusionList by ID
get
Update ExclusionList by ID
put
Group Attributes
Group Attributes Overview
Retrieve GroupAttributes
get
Retrieve entity info
optns
Retrieve entity info
optns
Create GroupAttribute
post
Retrieve fields
optns
Retrieve tql
optns
Retrieve fields
optns
Retrieve tql
optns
Delete GroupAttribute by ID
del
Retrieve GroupAttribute by ID
get
Update GroupAttribute by ID
put
Groups
Groups Overview
Retrieve entity info
optns
Retrieve Groups
get
Retrieve fields
optns
Retrieve tql
optns
Create Group
post
Retrieve fields
optns
Retrieve tql
optns
Delete Group by ID
del
Retrieve Group by ID
get
Update Group by ID
put
Retrieve Document
get
Retrieve PDF
get
Create Document
post
Update Document
put
Indicator Attributes
Indicator Attributes Overview
Retrieve IndicatorAttributes
get
Retrieve entity info
optns
Retrieve entity info
optns
Create IndicatorAttribute
post
Retrieve fields
optns
Retrieve tql
optns
Retrieve fields
optns
Retrieve tql
optns
Delete IndicatorAttribute by ID
del
Retrieve IndicatorAttribute by ID
get
Update IndicatorAttribute by ID
put
Indicator Enrichment
Indicator Enrichment Overview
Enrich Indicators
post
Enrich Indicator
post
Indicators
Indicators Overview
Retrieve Indicators
get
Retrieve entity info
optns
Create Indicator
post
Retrieve fields
optns
Retrieve Deleted Indicators
get
Retrieve tql
optns
Delete Indicator by ID
del
Retrieve Indicator by ID
get
Update Indicator by ID
put
IntelRequirements
Intelligence Requirements Overview
Retrieve Intel Requirements
get
Retrieve entity info
optns
Create Intel Requirement
post
Retrieve fields
optns
Retrieve tql
optns
Delete Intel Requirement by ID
del
Retrieve Intel Requirement by ID
get
Update Intel Requirement by ID
put
IntelRequirementsCategories
Intelligence Requirement Categories Overview
Retrieve Intel Requirements Categories
get
Retrieve entity info
optns
Retrieve fields
optns
Retrieve tql
optns
Retrieve Intel Requirement Category by ID
get
IntelRequirementsResults
Intelligence Requirement Results Overview
Retrieve Intel Requirements Results
get
Retrieve entity info
optns
Delete Intel Requirement Result by ID
del
Retrieve Intel Requirement Result by ID
get
Update Intel Requirement Result by ID
put
IntelRequirementsSubtypes
Intelligence Requirement Subtypes Overview
Retrieve Intel Requirements Subtypes
get
Retrieve entity info
optns
Retrieve Intel Requirement Subtype by ID
get
Job Executions
Job Executions Overview
Jobs
Jobs Overview
Notes
Notes Overview
Retrieve tql
optns
Retrieve fields
optns
Retrieve entity info
optns
Delete Notes
del
Retrieve Notes
get
Create Note
post
Delete Note by ID
del
Retrieve Note by ID
get
Update Note by ID
put
Owner Roles
Owner Roles Overview
Retrieve OwnerRoles
get
Retrieve entity info
optns
Retrieve OwnerRole by ID
get
Retrieve fields
optns
Retrieve tql
optns
Owners
Owners Overview
Retrieve Owners
get
Retrieve entity info
optns
Retrieve Owner by ID
get
Retrieve fields
optns
Retrieve tql
optns
Playbook Executions
Playbook Executions Overview
Playbooks
Playbooks Overview
Posts
Posts Overview
Delete Post by ID
del
Retrieve Posts
get
Create Post
post
Delete Post by ID
del
Create Post
post
Retrieve Post by ID
get
Security Labels
Security Labels Overview
Retrieve SecurityLabels
get
Retrieve entity info
optns
Retrieve SecurityLabel by ID
get
Retrieve fields
optns
Retrieve tql
optns
System Roles
System Roles Overview
Retrieve SystemRoles
get
Retrieve entity info
optns
Retrieve fields
optns
Retrieve SystemRole by ID
get
Retrieve tql
optns
Tags
Tags Overview
Retrieve Tags
get
Create Tag
post
Retrieve entity info
optns
Retrieve fields
optns
Delete Tag by ID
del
Retrieve tql
optns
Retrieve Tag by ID
get
Update Tag by ID
put
Tasks
Tasks Overview
Retrieve tql
optns
Retrieve fields
optns
Retrieve entity info
optns
Delete Tasks
del
Retrieve Tasks
get
Create Task
post
Delete Task by ID
del
Retrieve Task by ID
get
Update Task by ID
put
TC Exchange Administration
User Groups
User Groups Overview
Retrieve UserGroups
get
Retrieve entity info
optns
Retrieve fields
optns
Retrieve fields
optns
Retrieve tql
optns
Retrieve UserGroup by ID
get
Retrieve tql
optns
Users
Users Overview
Retrieve Users
get
Retrieve entity info
optns
Retrieve fields
optns
Retrieve tql
optns
Retrieve User by ID
get
VictimAssets
Victim Assets Overview
Retrieve VictimAssets
get
Retrieve entity info
optns
Retrieve entity info
optns
Create VictimAsset
post
Retrieve fields
optns
Retrieve tql
optns
Retrieve fields
optns
Retrieve tql
optns
Delete VictimAsset by ID
del
Retrieve VictimAsset by ID
get
Update VictimAsset by ID
put
Victim Attributes
Victim Attributes Overview
Retrieve VictimAttributes
get
Retrieve entity info
optns
Retrieve entity info
optns
Create VictimAttribute
post
Retrieve fields
optns
Retrieve tql
optns
Retrieve fields
optns
Retrieve tql
optns
Delete VictimAttribute by ID
del
Retrieve VictimAttribute by ID
get
Update VictimAttribute by ID
put
Victims
Victims Overview
Retrieve Victims
get
Retrieve entity info
optns
Retrieve entity info
optns
Create Victim
post
Retrieve fields
optns
Retrieve tql
optns
Retrieve fields
optns
Retrieve tql
optns
Delete Victim by ID
del
Retrieve Victim by ID
get
Update Victim by ID
put
Workflow Events
Workflow Events Overview
Delete WorkflowEvents
del
Retrieve WorkflowEvents
get
Retrieve entity info
optns
Create WorkflowEvent
post
Retrieve fields
optns
Retrieve tql
optns
Delete WorkflowEvent by ID
del
Retrieve WorkflowEvent by ID
get
Update WorkflowEvent by ID
put
Workflow Templates
Workflow Templates Overview
Delete WorkflowTemplates
del
Retrieve WorkflowTemplates
get
Retrieve entity info
optns
Retrieve fields
optns
Create WorkflowTemplate
post
Retrieve tql
optns
Delete WorkflowTemplate by ID
del
Retrieve WorkflowTemplate by ID
get
Update WorkflowTemplate by ID
put
Powered by
Indicator Attributes Overview
Ask AI
