Documentation
Public API > Requests API.
Documentation Menu
Requests API
This page explains how to get your requests extracted. Note that the example array of requests entries further down shows only the first entry and a subset of scan results for readability. You can use query parameters to filter your search.
Resources
| /requests |  | Returns an array of requests | GET |
| /requests/{id} | | Returns one request | GET |
| /requests/{id} | | Approve request. If request is already approved or started, nothing happens | PUT |
| /requests/{id} | | Deny request. If request is already approved or started, nothing happens | DELETE |
Note that the prefix of urls above depend on which data center you belong to. Please log in to see the full url.
Headers
| apikey | Your apikey listed in your settings to retrieve the data | int |
Filters
Filters can be supplied either as URL parameters or headers.
| status | Only get request of a certain type (possible values: Pending, Denied, Approved, Quarantined) | int |
| startid | The starting ID you wish to receive. Can be used for incremental offload of data to your own system | int |
| take | Maximum number of resources to return. Default is 50 to preserve bandwidth, maximum is 1000. For queries with more than 1000 records, pagination is mandatory | int |
| last | Entries are retrieve in ascending order. Last returns the latest X number of entries in descending order. Maximum is 1000. Take and startid cannot be combined with last. | int |
| wantscandetails | Use this filter, if you wish to receive detailed lists of scan results. The default is to give you the overall result only | bit |
| reason | Can be passed when denying a request | string |
| deniedby | Can be passed when denying a request – this has to be an email address that matches a portal user, otherwise it will be ignored | string |
| approvedby | Can be passed when approving a request – this has to be an email address that matches a portal user, otherwise it will be ignored | string |
- Example url to get one pending request: /requests?status=pending&take=1&wantscandetails=1
- Pagination works by using the last id in the list and feeding it as startid in the next query
- To copy new data to your own system, we recommend to store the highest id (last entry in list) you have retrieved from a previous call and pass this number plus 1 as “startid”
Fields
| id | The unique ID of this entry. This ID can be used to query updated information on this entry by appending it to the url to request this resource only | int |
| traceNo | The trace number to find this entry in the portal auditlog | int |
| settingsName | The name of the matching subsettings or “Global” if no subsetting was matched | int |
| type | Type of request (possible values: Run As Admin, Admin Session, Server Session) | string |
| typeCode | 0 = Run As Admin, 1 = Admin Session, 2 = Server Session | int |
| status | Status of the request (possible values: Open, Running, Finished, Denied, Pending approval, Quarantined) | string |
| statusCode | 0 = Open, 1 = Running, 2 = Finished, 3 = Denied, 4 = Pending Approval, 5 = Quarantined | int |
| reason | Reason supplied by end user | string |
| approvedBy | Name of person that approved the request | string |
| deniedReason | Reason for denying the request supplied by an administrator | string |
| deniedBy | Name of person denying the request | string |
| requestTime | Time of a request by end user | datetime |
| startTime | Start time of running the application or starting a session | datetime |
| endTime | Time when the application or session finished | datetime |
| auditlogLink | Link to this request in the auditlog on www.adminbyrequest.com | string |
| user.account | The user account the end user used to log on to the computer | string |
| user.fullName | The full name of the user user | string |
| user.email | The user’s email address supplied on the request form | string |
| user.phone | The user’s phone number supplied on the request form | string |
| computer.name | The name of the computer executing the request | string |
| computer.platform | Operating system platform (possible values: Windows, Mac, Server) | string |
| computer.platformCode | 0 = Windows, 1 = Mac, 2 = Server, | int |
| computer.make | The vendor of the machine, as it appears in the inventory | string |
| computer.model | The model of the machine, as it appears in the inventory | string |
| application.file | The file name of the file executed using Run As Admin | string |
| application.name | The name of the application (description property of file) | string |
| application.vendor | The vendor of the application | string |
| application.version | The version of the file | string |
| application.sha256 | The checksum of the file | string |
| application.scanResult | Malware scan result (possible values: Clean, Malicious, Suspicious) | string |
| application.scanResultCode | 0 = Clean, 1 = Malicious, 2 = Suspicious | int |
| application.threat | Name of malware, if file is malicious or suspicious | string |
| application.virustotalLink | Link to the file (checksum) on virustotal.com | string |
| scanResults[].scanResult | Malware scan result (possible values: Clean, Malicious, Suspicious) | string |
| scanResults[].scanResultCode | 0 = Clean, 1 = Malicious, 2 = Suspicious | int |
| scanResults[].engine | Name of the antivirus engine with this result | string |
| scanResults[].thread | Name of malware, if file is malicious or suspicious | string |
Example successful request
[
{
“id”: 615669,
“traceNo”: “34376579”,
“settingsName”: “Global”,
“type”: “Run As Admin”,
“typeCode”: 0,
“status”: “Pending approval”,
“statusCode”: 4,
“reason”: “Need to update reader. It says out of date when trying to open PDF files from our supplier.”,
“approvedBy”: null,
“deniedReason”: null,
“deniedBy”: null,
“requestTime”: “2020-04-01T12:03:00”,
“auditLogLink”: “https://www.adminbyrequest.com/AuditLog?Page=AppElevations&ID=34376579&ShowFilter=false”,
“user”: {
“account”: “ACME\\PDH”,
“fullName”: “Paul David Hewson”,
“email”: “pdh@acme.com”,
“phone”: “555.345.6789”
},
“computer”: {
“name”: “W1005623”,
“platform”: “Windows”,
“platformCode”: 0,
“make”: “Dell Inc.”,
“model”: “XPS 15 9550”
},
“application”: {
“file”: “readerdc_uk_fb_crd_install.exe”,
“name”: “Adobe Download Manager”,
“vendor”: “Adobe Inc.”,
“version”: “2.0.0.495s”,
“sha256”: “9369FB712545F6B6FEC5FBF8B1DD228E57CA7899933BBE354B7C4351C8700C99”,
“scanResult”: “Clean”,
“scanResultCode”: 0,
“threat”: null,
“virustotalLink”: “https://www.virustotal.com/latest-scan/9369FB712545F6B6FEC5FBF8B1DD228E57CA7899933BBE354B7C4351C8700C99”,
“preapproved”: false
},
“scanResults”: [
{
“scanResult”: “Clean”,
“scanResultCode”: 0,
“engine”: “BitDefender”,
“threat”: null
},
{
“scanResult”: “Clean”,
“scanResultCode”: 0,
“engine”: “CrowdStrike”,
“threat”: null
},
{
“scanResult”: “Clean”,
“scanResultCode”: 0,
“engine”: “McAfee”,
“threat”: null
}
]
}
]
{
“id”: 615669,
“traceNo”: “34376579”,
“settingsName”: “Global”,
“type”: “Run As Admin”,
“typeCode”: 0,
“status”: “Pending approval”,
“statusCode”: 4,
“reason”: “Need to update reader. It says out of date when trying to open PDF files from our supplier.”,
“approvedBy”: null,
“deniedReason”: null,
“deniedBy”: null,
“requestTime”: “2020-04-01T12:03:00”,
“auditLogLink”: “https://www.adminbyrequest.com/AuditLog?Page=AppElevations&ID=34376579&ShowFilter=false”,
“user”: {
“account”: “ACME\\PDH”,
“fullName”: “Paul David Hewson”,
“email”: “pdh@acme.com”,
“phone”: “555.345.6789”
},
“computer”: {
“name”: “W1005623”,
“platform”: “Windows”,
“platformCode”: 0,
“make”: “Dell Inc.”,
“model”: “XPS 15 9550”
},
“application”: {
“file”: “readerdc_uk_fb_crd_install.exe”,
“name”: “Adobe Download Manager”,
“vendor”: “Adobe Inc.”,
“version”: “2.0.0.495s”,
“sha256”: “9369FB712545F6B6FEC5FBF8B1DD228E57CA7899933BBE354B7C4351C8700C99”,
“scanResult”: “Clean”,
“scanResultCode”: 0,
“threat”: null,
“virustotalLink”: “https://www.virustotal.com/latest-scan/9369FB712545F6B6FEC5FBF8B1DD228E57CA7899933BBE354B7C4351C8700C99”,
“preapproved”: false
},
“scanResults”: [
{
“scanResult”: “Clean”,
“scanResultCode”: 0,
“engine”: “BitDefender”,
“threat”: null
},
{
“scanResult”: “Clean”,
“scanResultCode”: 0,
“engine”: “CrowdStrike”,
“threat”: null
},
{
“scanResult”: “Clean”,
“scanResultCode”: 0,
“engine”: “McAfee”,
“threat”: null
}
]
}
]
