262-299-4606 • Email us

Requests API

This page explains how to get your requests extracted. Note that the example array of requests entries further down shows only the first entry and a subset of scan results for readability. You can use query parameters to filter your search.


Resources

/requestsReturns an array of requestsGET
/requests/{id}Returns one requestGET
/requests/{id}Approve request. If request is already approved or started, nothing happensPUT
/requests/{id}Deny request. If request is already approved or started, nothing happensDELETE
Note that the prefix of urls above depend on which data center you belong to. Please log in to see the full url.

Headers

apikeyYour apikey listed in your settings to retrieve the dataint

Filters (query string parameters)

statusOnly get request of a certain type (possible values: Pending, Denied, Approved, Quarantined)int
startidThe starting ID you wish to receive. Can be used for incremental offload of data to your own systemint
takeMaximum number of resources to return. Default is 50 to preserve bandwidth, maximum is 1000. For queries with more than 500 records, pagination is mandatoryint
wantscandetailsUse this filter, if you wish to receive detailed lists of scan results. The default is to give you the overall result onlybit
reasonCan be passed when denying a requeststring
deniedbyCan be passed when denying a request - this has to be an email address that matches a portal user, otherwise it will be ignoredstring
approvedbyCan be passed when approving a request - this has to be an email address that matches a portal user, otherwise it will be ignoredstring
  • Example url to get one pending request: /requests?status=pending&take=1&wantscandetails=1
  • Pagination works by using the last id in the list and feeding it as startid in the next query
  • To copy new data to your own system, we recommend to store the highest id (last entry in list) you have retrieved from a previous call and pass this number plus 1 as "startid"

Fields

idThe unique ID of this entry. This ID can be used to query updated information on this entry by appending it to the url to request this resource onlyint
traceNoThe trace number to find this entry in the portal auditlogint
settingsNameThe name of the matching subsettings or "Global" if no subsetting was matchedint
typeType of request (possible values: Run As Admin, Admin Session, Server Session)string
typeCode0 = Run As Admin, 1 = Admin Session, 2 = Server Sessionint
statusStatus of the request (possible values: Open, Running, Finished, Denied, Pending approval, Quarantined)string
statusCode0 = Open, 1 = Running, 2 = Finished, 3 = Denied, 4 = Pending Approval, 5 = Quarantinedint
reasonReason supplied by end userstring
approvedByName of person that approved the requeststring
deniedReasonReason for denying the request supplied by an administratorstring
deniedByName of person denying the requeststring
requestTimeTime of a request by end userdatetime
startTimeStart time of running the application or starting a sessiondatetime
endTimeTime when the application or session finisheddatetime
auditlogLinkLink to this request in the auditlog on www.adminbyrequest.comstring
user.accountThe user account the end user used to log on to the computerstring
user.fullNameThe full name of the user userstring
user.emailThe user's email address supplied on the request formstring
user.phoneThe user's phone number supplied on the request formstring
computer.nameThe name of the computer executing the requeststring
computer.platformOperating system platform (possible values: Windows, Mac, Server)string
computer.platformCode0 = Windows, 1 = Mac, 2 = Server, int
computer.makeThe vendor of the machine, as it appears in the inventorystring
computer.modelThe model of the machine, as it appears in the inventorystring
application.fileThe file name of the file executed using Run As Adminstring
application.nameThe name of the application (description property of file)string
application.vendorThe vendor of the applicationstring
application.versionThe version of the filestring
application.sha256The checksum of the filestring
application.scanResultMalware scan result (possible values: Clean, Malicious, Suspicious)string
application.scanResultCode0 = Clean, 1 = Malicious, 2 = Suspiciousint
application.threatName of malware, if file is malicious or suspiciousstring
application.virustotalLinkLink to the file (checksum) on virustotal.comstring
scanResults[].scanResultMalware scan result (possible values: Clean, Malicious, Suspicious)string
scanResults[].scanResultCode0 = Clean, 1 = Malicious, 2 = Suspiciousint
scanResults[].engineName of the antivirus engine with this resultstring
scanResults[].threadName of malware, if file is malicious or suspiciousstring

Example successful request

[
  {
    "id": 615669,
    "traceNo": "34376579",
    "settingsName": "Global",
    "type": "Run As Admin",
    "typeCode": 0,
    "status": "Pending approval",
    "statusCode": 4,
    "reason": "Need to update reader. It says out of date when trying to open PDF files from our supplier.",
    "approvedBy": null,
    "deniedReason": null,
    "deniedBy": null,
    "requestTime": "2020-04-01T12:03:00",
    "auditLogLink": "https://www.adminbyrequest.com/AuditLog?Page=AppElevations&ID=34376579&ShowFilter=false",
    "user": {
      "account": "ACME\\PDH",
      "fullName": "Paul David Hewson",
      "email": "pdh@acme.com",
      "phone": "555.345.6789"
    },
    "computer": {
      "name": "W1005623",
      "platform": "Windows",
      "platformCode": 0,
      "make": "Dell Inc.",
      "model": "XPS 15 9550"
    },
    "application": {
      "file": "readerdc_uk_fb_crd_install.exe",
      "name": "Adobe Download Manager",
      "vendor": "Adobe Inc.",
      "version": "2.0.0.495s",
      "sha256": "9369FB712545F6B6FEC5FBF8B1DD228E57CA7899933BBE354B7C4351C8700C99",
      "scanResult": "Clean",
      "scanResultCode": 0,
      "threat": null,
      "virustotalLink": "https://www.virustotal.com/latest-scan/9369FB712545F6B6FEC5FBF8B1DD228E57CA7899933BBE354B7C4351C8700C99",
      "preapproved": false
    },
    "scanResults": [
      {
        "scanResult": "Clean",
        "scanResultCode": 0,
        "engine": "BitDefender",
        "threat": null
      },
      {
        "scanResult": "Clean",
        "scanResultCode": 0,
        "engine": "CrowdStrike",
        "threat": null
      },
      {
        "scanResult": "Clean",
        "scanResultCode": 0,
        "engine": "McAfee",
        "threat": null
      }
    ]
  }
]