Skip to main content

Companies

The Companies API includes several methods allowing the management of company accounts:

  • createCompany: adds a new company.

  • deleteCompany: deletes a company.

  • updateCompanyDetails: updates company information, such as name.

  • getCompanyDetails: retrieves the details of a company.

  • getCompanyDetailsByUser: retrieves the details of the company linked to the specified user account.

  • findCompaniesByName: retrieves all managed companies containing the specified string in their name.

  • suspendCompany: disables access to Control Center for all user accounts of a company.

  • activateCompany: activates a previously suspended company.

  • createCustomFieldDefinition: adds a new custom field definition.

  • updateCustomFieldDefinition: updates a custom field definition.

  • getCustomFieldsDefinitions: retrieves the custom fields definitions.

  • deleteCustomFieldDefinition: deletes a custom field definition.

API url: CONTROL_CENTER_APIs_ACCESS_URL/v1.0/jsonrpc/companies

createCompany

This method creates a customer or partner company account.

Parameters

Parameter

Type

Optional

Description

type

Number

No

The company type. Available values:

  • 0 for Partner companies,

  • 1 for Customer companies.

name

String

No

The company name. Must be unique.

parentId

String

Yes

The ID of the parent partner company.

address

String

Yes

The company's physical address.

country

String

Yes

The company's country of operation. The value must be in ISO 3166 format. Default value: N/A.

state

String

Yes

The company's country state of operation. The value must be in ISO 3166 format. Default value: N/A.

phone

String

Yes

The company's phone number.

industry

String

Yes

The industry the company operates in. Possible values:

  • 0 - UNDEFINED

  • 1 - AEROSPACE

  • 2 - AGRICULTURE

  • 3 - ARTS_ENTERTAINMENT

  • 4 - AUTOMOTIVE

  • 5 - BUSINESS_ASSOCIATIONS

  • 6 - CHEMICALS

  • 7 - COMMERCIAL_SERVICES

  • 8 - CONGLOMERATE

  • 9 - CONSTRUCTION

  • 10 - CONSULTING

  • 11 - CONTAINERS_PACKAGING:

  • 12 - DEFENSE

  • 13 - EDUCATION_RESEARCH

  • 14 - ENERGY

  • 15 - ENGINEERING

  • 16 - FINANCIAL_SERVICES

  • 17 - FOOD_BEVERAGES

  • 18 - GOVERNMENT

  • 19 - HEALTHCARE

  • 20 - HOSPITALITY_LEISURE

  • 21 - MANUFACTURING

  • 22 - MARINE

  • 23 - MEDIA

  • 24 - MINING

  • 25 - NON_PROFIT

  • 26 - OFFICES_OF_LAWYERS

  • 27 - PAPER_FOREST_PRODUCTS

  • 28 - RETAIL

  • 29 - SUPPORT_SERVICE_ACTIVITIES

  • 30 - TECHNOLOGY

  • 31 - TELECOMMUNICATIONS_SERVICES

  • 32 - TRANSPORTATION

  • 33 - UTILITIES

  • 34 - WHOLESALE

Default value: 0.

canBeManagedByAbove

Boolean

Yes

An option defining if the security of the new company can be managed by its Partner company. Available values: true or false. The default value is true.

enforce2FA

Boolean

Yes

An parameter that defines Two Factor Authentication (2FA) enforcement for all GravityZone user accounts in the company. The value is always true.

skip2FAPeriod

Number

Yes

The period, defined in days, for which the users of the company can have their devices exempted from providing a two-factor code at authentication. Available values: 0, 1, 3, 7, 14, 30, and 90.

accountEmail

String

Yes

The email for the new user account to be linked to the new company. If the parameter canBeManagedByAbove is set to false, the accountEmail parameter must be passed.

accountFullName

String

Yes

The full name of the new user account to be linked to the new company. This parameter is required when canBeManagedByAbove is set to false.

contactPerson

Object

Yes

Contains information regarding the company's designated contact person. The object contains the following fields:

  • fullName - the person's first and last name.

  • email - their business email address.

    Important

    This field is mandatory when the contactPerson parameter is included in the request.

  • phoneNumber, their business phone number.

  • companyRole, their position in the company.

accountTimezone

String

Yes

The timezone of the new user account to be linked to the new company. The default value is GMT (UTC).

accountLanguage

String

Yes

The user interface language for the new user account to be linked to the new company. The default value is en_US.

licenseSubscription

Object

Yes

An object containing the license details:

  • type, an integer representing the license subscription type. Possible values: 1 (trial), 2 (license), 3 (monthly subscription), 4 (monthly license trial), 5 (monthly subscription trial) or 6 (FRAT subscription).

  • licenseKey, a string representing a valid license key. This parameter is mandatory for the license subscription type 2 (licensed).

  • reservedSlots, an integer representing the number of seats ensured for the target company. Valid values are between 1 and the number of free seats of the parent Partner company. This parameter should be set when license subscription type has value 3 or 5 (inherited). If not specified, all license seats will be taken from the licenses pool shared with other companies.

  • endSubscription, a String representing the UTC end date for the product subscription. This parameter can be set when license subscription type has the value 3 (monthly subscription). To unset endSubscription use empty string: ''.

  • autoRenewPeriod, an Integer representing license validity in months, after auto renewal. This parameter can be set when license subscription type has the value 3 (monthly subscription). The default value is 12, provided endSubscription is set. For no auto-renewal use 0.

  • manageExchange, a boolean specifying whether the company can use Security for Exchange or not. The default value is false. This parameter makes sense only when creating a company with license of type 3 or 5 (monthly inherited subscription). If omitted, the service will be unavailable.

  • minimumUsage, an Object containing types of licenses and the minimum number of slots which the company commits through legal agreement to use on a monthly basis. This parameter can only be set when license subscription type has the value 3 (monthly subscription).

    • endpointMonthlyUsage, the minimum number of endpoints that the client agreed to use from the main license.

  • assignedProductType, an integer representing the type of the product that the company will use. Possible values: 0 for Endpoint Security, 3 for Bitdefender EDR. The default value is 0. You can use this parameter only with the following types of licensing: 3 for monthly subscription, 5 for monthly subscription trial.

  • additionalProductTypes, an array of integers representing types of products. This parameter allows the Partner company being created to assign various products to their clients. Possible values of the array elements: 0 for Endpoint Security, 3 for Bitdefender EDR. If set, it must contain, at least the value of the assignedProductType. The default value is the same as for assignedProductType. You can use this parameter only with the following types of licensing: 3 for monthly subscription, 5 for monthly subscription trial.

  • assignedProtectionModel, a string representing the type of the protection model that the company will use.

    Possible values:

    • aLaCarte

    • mspSecure

    • mspSecurePlus

    • mspSecureExtra

    Default value: depends on the protection models made available by the partner company.

    You can only use this parameter if all the following conditions are met:

    • type = 3 (monthly subscription)

    • assignedProductType = 0 (Endpoint Security)

    Note

    The value assigned to this parameter will automatically assign one or more values to the additionalProtectionModels array.

    assignedProtectionModel

    Default value for additionalProtectionModels

    aLaCarte

    aLaCarte

    mspSecure

    mspSecure

    mspSecurePlus

    mspSecure,mspSecurePlus

    mspSecureExtra

    mspSecure,mspSecurePlus, mspSecureExtra

  • additionalProtectionModels, an array of strings representing types of protection models. This parameter allows the Partner company being created to assign additional protection models to their clients apart from the ones provided by the assignedProtectionModel object.

    Possible values:

    • aLaCarte

    • mspSecure

    • mspSecurePlus

    • mspSecureExtra

    Default value: depends on the value assigned to the assignedProtectionModel field.

    You can only use this parameter if one the following conditions are met:

    • assignedProductType = 3 (Bitdefender EDR), additionalProductType must include 0 (Endpoint Security), and type = 3 (monthly subscription).

    • assignedProductType = 0 (Endpoint Security), type = 3 (monthly security), and assignedProtectionModel is included in the request.

  • manageIntegrityMonitoring - a boolean specifying whether the company can use Integrity Monitoring service or not. The default value is false. This parameter makes sense only when creating a company with license of type 3 or 5 (monthly inherited subscription). If omitted, the service will be unavailable.

  • imDataRetention - an integer specifying the number of days the events will be stored for. This option is only returned if manageIntegrityMonitoring is set to true. Possible values: 0 (7 days retention), 1 (90 days retention), 2 (180 days retention), 3 (365 days retention). The default value is 0 (7 days retention). Companies with license type set to 5 (monthly subscription trial) can only have this option set to 0 (7 days retention).

  • ownUse, an object containing activation settings for the company's services and add-ons. This setting is only compatible with companies that have a license of type 3 or 5 (monthly inherited subscription).

    • manageXDRIdentityProviders, gives access to Sensors Management integration for Azure AD and Active Directory. Available values: true or false.

    • manageXDRProductivityApps, gives access to Sensors Management integration for Office 365. Available values: true or false.

    • manageXDRNetwork, gives access to Sensors Management integration for Network Sensor. Available values: true or false.

    • manageXDRCloudWorkloads, gives access to Sensors Management integration for AWS. Available values: true or false.

      Important

      To assign the true value to any of the parameters above, the manageEventCorrelator parameter or the manageEventCorrelator attribute under the ownuse parameter needs to be set to true.

      Note

      Assigning true to any of the manageXDRIdentityProviders, manageXDRProductivityApps, manageXDRNetwork or manageXDRCloudWorkloads settings will activate XDR. To deactivate XDR, set all of them to false.

    • manageRemoteEnginesScanning, optional, activates the Security for Virtualized Environments service for your company. Possible values: true or false. Default value: false.

      Note

      This setting can not be used if the manageRemoteEnginesScanning parameter outside of the ownUse object is present.

    • manageContainerProtection, optional. activates the Container Protection service for your company. Possible values: true or false.

      Important

      This setting can only be set to true if assignedProtectionModel has the aLaCarte value assigned.

      Note

      This setting can not be used if the manageContainerProtection parameter outside of the ownUse object is present.

    • manageEventCorrelator, a boolean specifying whether the company can use Endpoint Detection and Response (EDR) or not. The default value is false. Setting this parameter to true will automatically set the manageSandboxAnalyzer and manageHyperDetect settings under the ownuse parameter to true.

      Note

      This setting can not be used if the manageEventCorrelator parameter outside of the ownUse object is present.

    • manageSandboxAnalyzer, a boolean specifying whether the company can use Sandbox Analyzer or not. The default value is false.

      Note

      This setting can not be used if the manageSandboxAnalyzer parameter outside of the ownUse object is present.

    • manageHyperDetect, a boolean specifying whether the company can use HyperDetect or not. The default value is false.

      Note

      This setting can not be used if the manageHyperDetect parameter outside of the ownUse object is present.

  • resell, an object containing your company's reselling settings for services and add-ons. This parameter makes sense only when creating a company with license of type 3 or 5 (monthly inherited subscription).

    • manageXDRResell - allows selling the eXtended Detection and Response service to your customers. Available values: true or false.

      Note

      If true, the manageXDRIdentityProviders, manageXDRProductivityApps, manageXDRNetwork and manageXDRCloudWorkloads will automatically be set as true for your managed companies.

    • manageRemoteEnginesScanningResell, optional, allows selling the Security for Virtualized Environments service to your customers. Possible values: true or false. Default value: false.

      Note

      This setting can not be used if the manageRemoteEnginesScanning parameter outside of the resell object is present.

    • manageContainerProtectionResell, optional, allows selling the Container Protection service to your customers. Possible values: true or false. Default value: false.

      Important

      This setting can only be set to true if the additionalProtectionModels parameter has the aLaCarte value assigned.

      Note

      This setting can not be used if the manageContainerProtection parameter outside of the ownUse object is present.

    • manageEventCorrelatorResell, optional, allows selling Endpoint Detection and Response (EDR) to your customers. Possible values: true or false. Default value: false. Setting this setting to true will automatically set the manageSandboxAnalyzerResell and manageHyperDetectResell settings under the resell parameter to true.

      Note

      This setting can not be used if the manageEventCorrelator parameter outside of the ownUse object is present.

    • manageSandboxAnalyzerResell, optional, allows selling Sandbox Analyzer to your customers. Possible values: true or false. Default value: false.

      Note

      This setting can not be used if the manageSandboxAnalyzer parameter outside of the ownUse object is present.

    • manageHyperDetectResell, optional, allows selling HyperDetect to your customers. The default value is false.

      Note

      This setting can not be used if the manageHyperDetect parameter outside of the ownUse object is present.

  • manageEncryption, a boolean specifying whether the company can use Full Disk Encryption or not. The default value is false. This parameter makes sense only when creating a company with license of type 3 or 5 (monthly inherited subscription). If omitted, the service will be unavailable.

  • manageRemoteEnginesScanning, a boolean specifying whether the company can use Security for Virtualized Environments or not. The default value is false. This parameter makes sense only when creating a company with license of type 3 or 5 (monthly inherited subscription). If omitted, the service will be unavailable.

    Note

    This parameter can not be used if any of the manageRemoteEnginesScanning and manageRemoteEnginesScanningResell settings under the ownUse and resell object exist.

  • manageHyperDetect, a boolean specifying whether the company can use HyperDetect or not. The default value is false. This parameter makes sense only when creating a company with license of type 3 or 5 (monthly inherited subscription). If omitted, the service will be unavailable.

    Note

    This parameter can not be used if any of the manageHyperDetect and manageHyperDetectResell settings under the ownUse and resell object parameters exist.

  • manageSandboxAnalyzer, a boolean specifying whether the company can use Sandbox Analyzer or not. The default value is false. This parameter makes sense only when creating a company with license of type 3 or 5 (monthly inherited subscription). If omitted, the service will be unavailable.

    Note

    This parameter can not be used if any of the manageSandboxAnalyzer and manageSandboxAnalyzerReell settings under the ownUse and resell object parameters exist.

  • managePatchManagement, a boolean specifying whether the company can use Patch Management or not. The default value is false. This parameter makes sense only when creating a company with license of type 3 or 5 (monthly inherited subscription). If omitted, the service will be unavailable.

  • manageEventCorrelator, a boolean specifying whether the company can use Endpoint Detection and Response (EDR) or not. The default value is false. This parameter makes sense only when creating a company with license of type 3 or 5 (monthly inherited subscription). EDR requires Sandbox Analyzer and HyperDetect to be enabled. Thus, setting this parameter to true will automatically set to true these two parameters: manageSandboxAnalyzer and manageHyperDetect. If the parameter is omitted, the service will not be available.

    Note

    This parameter can not be used if any of the manageEventCorrelator and manageEventCorrelatorResell settings under the ownUse and resell object parameters exist.

  • manageEmailSecurity, a boolean specifying whether the company can use Email Security service or not. The default value is false. This parameter makes sense only when creating a company with license of type 3 or 5 (monthly inherited subscription). If omitted, the service will be unavailable.

  • manageMobileSecurity, a boolean specifying whether the company can use Mobile Security service or not. The default value is false. This parameter makes sense only when creating a company with license of type 3 or 5 (monthly inherited subscription). If omitted, the service will be unavailable.

  • manageContainerProtection, a boolean specifying whether the company can use Container Protection service or not. The default value is false. This parameter makes sense only when creating a company with license of type 3 or 5 (monthly inherited subscription). If omitted, the service will be unavailable. Value can not be true if assignedProtectionModel is set to mspSecure, mspSecurePlus or mspSecureExtra.

    Important

    This setting can only be set to true if assignedProtectionModel has the aLaCarte value assigned.

    Note

    This parameter can not be used if any of the manageContainerProtection and manageContainerProtectionResell settings under the ownUse and resell object parameters exist.

  • licensedServices, an object containing service settings for the company. This parameter makes sense only when creating a company with license of type 3. If omitted, the service will be unavailable.

    • mdrServiceOwnUse, an integer representing which MDR Service type is enabled for the company's own use. Possible values: 0 for Disabled, 1 for Foundations, 2 for Response (deprecated). Enabling this option will also enable EDR. If omitted, the service will be unavailable.

    • mdrServiceResell, a boolean specifying whether the company is allowed to resell MDR services (Foundations and Response) to the companies it creates. If omitted,reselling will be unavailable. This makes sense only for partner companies.

If not specified the company will be created with license subscription type 1, trial.

customFields

Object

Yes

An object containing the custom fields values for the company.

Return value

This method returns a String: the ID of the newly-created company.

Example

Request:

{
    "params": {
        "type": 0,
        "name": "Partner LTD",
        "parentId": "64babaafab366c53d20c83ca",
        "address": "Str Example No 1",
        "country": "US",
        "state": "US-CA",
        "phone": "0040740000000",
        "industry": 2,
        "canBeManagedByAbove": true,
        "enforce2FA": true,
        "skip2FAPeriod": 3,
        "accountEmail": "partner@example.com",
        "accountFullName": "Partner account",
        "contactPerson": {
            "fullName": "Stephen Johnson",
            "email": "stephen.johnson@example.email.com",
            "phoneNumber": "0040740000001",
            "companyRole": "Owner / President"
        },
        "licenseSubscription": {
            "type": 3,
            "reservedSlots": 120,
            "endSubscription": "2028-04-14",
            "autoRenewPeriod": 12,
            "manageExchange": false,
            "manageEncryption": false,
            "managePatchManagement": false,
            "manageIntegrityMonitoring": true,
            "imDataRetention": 2,
            "ownUse": {
                "manageXDRIdentityProviders": true,
                "manageXDRProductivityApps": true,
                "manageXDRNetwork": true,
                "manageXDRCloudWorkloads": true,
                "manageRemoteEnginesScanning": true,
                "manageContainerProtection": true,
                "manageHyperDetect": true,
                "manageSandboxAnalyzer": true,
                "manageEventCorrelator": true
            },
            "resell": {
                "manageXDRResell": true,
                "manageRemoteEnginesScanningResell": true,
                "manageContainerProtectionResell": true,
                "manageHyperDetectResell": true,
                "manageSandboxAnalyzerResell": true,
                "manageEventCorrelatorResell": true
            },
            "minimumUsage": {
                "endpointMonthlyUsage": 120
            },
            "assignedProductType": 0,
            "additionalProductTypes": [
                0
            ],
            "assignedProtectionModel": "aLaCarte",
            "additionalProtectionModels": [
                "aLaCarte",
                "mspSecure",
                "mspSecurePlus",
                "mspSecureExtra"
            ],
            "licensedServices": {
                "mdrServiceOwnUse": 1
            }
        },
        "customFields": {
            "referenceID": "004562",
            "vertical": "healthcare",
            "partner_type": "platinum",
            "security_level": "high",
            "payment_status": "goodstanding"
        }
    },
    "jsonrpc": "2.0",
    "method": "createCompany",
    "id": "e249c22c-0ada-4772-a9f1-ee1cbb322588"
}

Response:

{
    "id":"e249c22c-0ada-4772-a9f1-ee1cbb322588",
    "jsonrpc":"2.0",
    "result": "5493dcd2b1a43df00b7b23c6"
}

deleteCompany

This method deletes a company.

Parameters

Parameter

Type

Optional

Description

companyId

String

No

The ID of the company to be deleted.

Return value

This method does not return any value.

Example

Request:

  {
       "params": {
           "companyId": "54a295d8b1a43d7c4a7b23c6",
       },
       "jsonrpc": "2.0",
       "method": "deleteCompany",
       "id": "f5911ea2-9f14-4046-96eb-5fa24cca98f0"
  }

Response:

  {
      "id":"f5911ea2-9f14-4046-96eb-5fa24cca98f0",
      "jsonrpc":"2.0",
      "result": null
  }

updateCompanyDetails

This method updates the details of a company account.

Parameters

Parameter

Type

Optional

Description

id

String

Yes

The ID of the company to be updated. The default value is the ID of the company linked to the user who generated the API key.

type

Number

Yes

The company type. Available values:

  • 0 for Partner companies,

  • 1 for Customer companies.

If not set, the company type will not be changed.

name

String

Yes

The company's name. It must be unique. If not set, the company's name will not be changed.

address

String

Yes

The company's address. If not set, the company's address will not be changed.

phone

String

Yes

The company's phone number.

industry

String

Yes

The industry the company operates in. Possible values:

  • 0 - UNDEFINED

  • 1 - AEROSPACE

  • 2 - AGRICULTURE

  • 3 - ARTS_ENTERTAINMENT

  • 4 - AUTOMOTIVE

  • 5 - BUSINESS_ASSOCIATIONS

  • 6 - CHEMICALS

  • 7 - COMMERCIAL_SERVICES

  • 8 - CONGLOMERATE

  • 9 - CONSTRUCTION

  • 10 - CONSULTING

  • 11 - CONTAINERS_PACKAGING:

  • 12 - DEFENSE

  • 13 - EDUCATION_RESEARCH

  • 14 - ENERGY

  • 15 - ENGINEERING

  • 16 - FINANCIAL_SERVICES

  • 17 - FOOD_BEVERAGES

  • 18 - GOVERNMENT

  • 19 - HEALTHCARE

  • 20 - HOSPITALITY_LEISURE

  • 21 - MANUFACTURING

  • 22 - MARINE

  • 23 - MEDIA

  • 24 - MINING

  • 25 - NON_PROFIT

  • 26 - OFFICES_OF_LAWYERS

  • 27 - PAPER_FOREST_PRODUCTS

  • 28 - RETAIL

  • 29 - SUPPORT_SERVICE_ACTIVITIES

  • 30 - TECHNOLOGY

  • 31 - TELECOMMUNICATIONS_SERVICES

  • 32 - TRANSPORTATION

  • 33 - UTILITIES

  • 34 - WHOLESALE

Default value: 0.

country

String

Yes

The company's country of operation. The value must be in ISO 3166 format. Default value: N/A.

state

String

Yes

The company's country state of operation. The value must be in ISO 3166 format. Default value: N/A.

contactPerson

Object

Yes

Contains information regarding the company's designated contact person. The object contains the following fields:

  • fullName - the person's first and last name.

  • email - their business email address.

    Important

    This field is mandatory when the contactPerson parameter is included in the request.

  • phoneNumber, their business phone number.

  • companyRole, their position in the company.

phone

String

Yes

The company's phone number. If not set, the company's phone number will not be changed.

enforce2FA

Boolean

Yes

An parameter that defines Two Factor Authentication (2FA) enforcement for all GravityZone user accounts in the company. The value is always true.

skip2FAPeriod

Number

Yes

The period, defined in days, for which the users of the company can have their devices exempted from providing a two-factor code at authentication. Available values: 0, 1, 3, 7, 14, 30, and 90.

customFields

Object

Yes

An object containing the custom fields values for the company. To delete the custom fields, set it as an empty array.

Return value

This method does not return any value.

Example

Request:

  {
       "params": {
          "id" : "5493dcd2b1a43df00b7b23c6",
          "type": 0,
          "name": "Customer to Partner LTD",
          "address": "Str Example No 1",
          "phone": "0040740000001",
          "enforce2FA": true,
          "skip2FAPeriod": 3
          "customFields":{
              "referenceID":"004562",
              "vertical":"healthcare",
              "partner_type":"platinum",
              "security_level":"high",
              "payment_status":"goodstanding"
          }
       },
       "jsonrpc": "2.0",
       "method": "updateCompanyDetails",
       "id": "60357f0e-94da-463c-ba36-f50f2ef8c34f"
  }  
  {
       "params": {
          "name": "Example LTD",
          "address": "Str Example No 1",
          "phone": "0040740000001"
       },
       "jsonrpc": "2.0",
       "method": "updateCompanyDetails",
       "id": "60357f0e-94da-463c-ba36-f50f2ef8c34f"
  }

Response:

  {
      "id":"60357f0e-94da-463c-ba36-f50f2ef8c34f",
      "jsonrpc":"2.0",
      "result": null
  }

getCompanyDetails

This method retrieves the details of a company.

Parameters

Parameter

Type

Optional

Description

companyId

String

Yes

The company's ID. The default value is the ID of the company linked to the user who generated the API key.

Return value

This method returns an Object containing the details of the selected company:

  • type - the company type: 0 for Partner, 1 for Customer

  • name - the name of the company

  • id - the ID of the company

  • address - the address of the company

  • phone - the phone of the company

  • canBeManagedByAbove - the security management status for the company: true, if the security can be managed by parent companies

  • enforce2FA - a boolean specifying if the Two Factor Authentication (2FA) is enforced for user accounts belonging to the selected company

  • skip2FAPeriod - an integer specifying the duration, in days, that the users can be exempted from providing a two-factor authentication code at login

  • isSuspended - company account status: true, if the company is suspended

  • createdAt - a String representing the UTC date and time at which the company was created

  • country - a String representing the country code in ISO 3166 format. If the code is not specified, the String has the value N/A

  • state - a String representing the country state code in ISO 3166 format. If the code is not specified, the String has the value N/A

  • industry - a String representing the industry the company operates in. It can have one of the following values:

    • 0 - UNDEFINED

    • 1 - AEROSPACE

    • 2 - AGRICULTURE

    • 3 - ARTS_ENTERTAINMENT

    • 4 - AUTOMOTIVE

    • 5 - BUSINESS_ASSOCIATIONS

    • 6 - CHEMICALS

    • 7 - COMMERCIAL_SERVICES

    • 8 - CONGLOMERATE

    • 9 - CONSTRUCTION

    • 10 - CONSULTING

    • 11 - CONTAINERS_PACKAGING:

    • 12 - DEFENSE

    • 13 - EDUCATION_RESEARCH

    • 14 - ENERGY

    • 15 - ENGINEERING

    • 16 - FINANCIAL_SERVICES

    • 17 - FOOD_BEVERAGES

    • 18 - GOVERNMENT

    • 19 - HEALTHCARE

    • 20 - HOSPITALITY_LEISURE

    • 21 - MANUFACTURING

    • 22 - MARINE

    • 23 - MEDIA

    • 24 - MINING

    • 25 - NON_PROFIT

    • 26 - OFFICES_OF_LAWYERS

    • 27 - PAPER_FOREST_PRODUCTS

    • 28 - RETAIL

    • 29 - SUPPORT_SERVICE_ACTIVITIES

    • 30 - TECHNOLOGY

    • 31 - TELECOMMUNICATIONS_SERVICES

    • 32 - TRANSPORTATION

    • 33 - UTILITIES

    • 34 - WHOLESALE

    Default value: 0.

  • contactPerson - an Object containing the details of the contact person:

    • fullName, their first name and surname

    • email, their business email address

    • phoneNumber, their business phone number

    • companyRole, their position in the company

    Note

    If any field under this object has a value, all fields will be returned, regardless if they have a value assigned or not.

  • riskScore - an Object containing the following information about the company's security risks:

    • value, the company's security risk score value in percentage. It is broken down into misconfigurations, app vulnerabilities, human risks, and adjusted by the health industry modifier

    • impact, the company's security risk impact (Low, Medium, High)

    • misconfigurations, the percentage of misconfigurations in the company's security risk score

    • appVulnerabilities, the percentage of app vulnerabilities in the company's security risk score

    • humanRisks, the percentage of human risks in the company's security risk score

    • industryModifier, dynamically adjusts your company score based on CVEs discovered in your environment that have already been exploited at industry level

  • customFields - an Object containing the custom fields values for the company:

    • custom field name 1, custom field value 1,

    • custom field name 2, custom field value 2

Example

Request:

  {
       "params": {
          "companyId" : "5493dcd2b1a43df00b7b23c6"
       },
       "jsonrpc": "2.0",
       "method": "getCompanyDetails",
       "id": "0df7568c-59c1-48e0-a31b-18d83e6d9810"
  }

Response:

  {
      "id":"0df7568c-59c1-48e0-a31b-18d83e6d9810",
      "jsonrpc":"2.0",
      "result": {
          "type": 1,
          "name": "Example LTD",
          "id": "54aeab40b1a43dc0467b23e9",
          "address": "Str Example No 1",
          "phone": "0040740000001",
          "canBeManagedByAbove": true,
          "enforce2FA": true,
          "skip2FAPeriod": 3
          "isSuspended": false,
          "createdAt": "2017-01-28T15:01:15",
          "country": "CA",
          "state": "CA-BC",
          "industry": 2,
          "contactPerson": {
              "fullName": "Stephen Jhonson",
              "email": "stephen.jhonsons@example.email.com",
              "phoneNumber": "0040740000001",
              "companyRole": "Owner / President"
          },
          "customFields": {
              "referenceID":"004562",
              "vertical":"healthcare",
              "partner_type":"platinum",
              "security_level":"high",
              "payment_status":"goodstanding"
           },
           "riskScore": {
                "value": "87%",
                "impact": "High",
                "misconfigurations": "70%",
                "appVulnerabilities": "11%",
                "humanRisks": "19%",
                "industryModifier": "6%"
           }
      }
  }

getCompanyDetailsByUser

This method retrieves the details of a company linked to an account identified through the given username.

Parameters

Parameter

Type

Optional

Description

username

String

No

The username linked to the searched company.

password

String

Yes

The password of the specified username. This parameter is required only when the searched company is not in the target companies of the user who makes the API call.

Return value

This method returns an Object containing the details of the searched company:

  • type - a Number that shows the company type: 0 for Partner, 1 for Customer

  • name - a String representing the name of the company

  • id - a String that shows the company ID in GravityZone

  • address - a String showing the physical address of the company premises

  • phone - a String that informs of the contact phone of the company

  • canBeManagedByAbove - a Boolean representing the security management rights over the company. It has the value true if the Bitdefender Partner manages the security for the searched company. Otherwise, it is false

  • enforce2FA - a Boolean specifying if the Two Factor Authentication (2FA) is enforced for user accounts belonging to the searched company

  • skip2FAPeriod - an integer specifying the duration, in days, that the users can be exempted from providing a two-factor authentication code at login

  • isSuspended - a Boolean informing of the company account status. It has the value true if the company account is suspended

  • createdAt - a String representing the UTC date and time at which the company was created

  • country - a String representing the country code in ISO 3166 format. If the code is not specified, the String has the value N/A

  • state - a String representing the country state code in ISO 3166 format. If the code is not specified, the String has the value N/A

  • contactPerson - an Object containing the details of the contact person:

    • fullName, their first name and surname

    • email, their business email address

    • phoneNumber, their business phone number

    • companyRole, their position in the company

  • customFields - an Object containing the set of custom fields configured for the searched company, together with their associated values

Example

Request:

  {
       "params": {
           "username": "partner@bitdefender.com",
           "password": "password"
       },
       "jsonrpc": "2.0",
       "method": "getCompanyDetailsByUser",
       "id": "6435c228-73b0-4e72-9a2a-8716cc58c883"
  }

Response:

  {
      "id":"6435c228-73b0-4e72-9a2a-8716cc58c883",
      "jsonrpc":"2.0",
      "result": {
          "type": 0,
          "name": "Test partner",
          "id": "550ac840b1a43da64d7b23c6",
          "address": "Str Example No 1",
          "phone": "0040740000001",
          "canBeManagedByAbove": true,
          "enforce2FA": true,
          "skip2FAPeriod": 1
          "isSuspended": false,
          "createdAt": "2017-01-28T15:01:15",
          "country": "CA",
          "state": "CA-BC",
          "contactPerson": {
              "fullName": "Stephen Jhonson",
              "email": "stephen.jhonsons@example.email.com",
              "phoneNumber": "0040740000001",
              "companyRole": "Owner / President"
          },
          "customFields":{
              "referenceID":"004562",
              "vertical":"healthcare",
              "partner_type":"platinum",
              "security_level":"high",
              "payment_status":"goodstanding"
          }
      }
  }

findCompaniesByName

This method searches for all managed companies containing the specified string in their name.

Parameters

Parameter

Type

Optional

Description

nameFilter

String

No

The string to be searched in the company name. Use the asterisk symbol (*) in front of the keyword to search its appearance anywhere in the name. If omitted, only results where the name starts with the keyword will be returned.

Return value

This method returns an Array containing company objects whose names contain the given search criteria. The size of the returned array is limited to 25 entries. Each entry in the array has the following structure:

  • type - the company type: 0 for Partner, 1 for Customer

  • name - the name of the company

  • id - the ID of the company

  • address - the address of the company

  • phone - the phone of the company

  • canBeManagedByAbove - the security management status for the company: true, if the security can be managed by parent companies

  • enforce2FA - a boolean specifying if the Two Factor Authentication (2FA) is enforced for user accounts belonging to the selected company

  • skip2FAPeriod - an integer specifying the duration, in days, that the users can be exempted from providing a two-factor authentication code at login

  • isSuspended - company account status: true, if the company is suspended

  • createdAt - a String representing the UTC date and time at which the company was created

  • country - a String representing the country code in ISO 3166 format. If the code is not specified, the String has the value N/A

  • state - a String representing the country state code in ISO 3166 format. If the code is not specified, the String has the value N/A

  • contactPerson - an Object containing the details of the contact person:

    • fullName, their first name and surname

    • email, their business email address

    • phoneNumber, their business phone number

    • companyRole, their position in the company

  • customFields - an Object containing the custom fields values for the company:

    • custom field name 1, custom field value 1,

    • custom field name 2, custom field value 2

Example

Request:

  {
       "params": {
           "nameFilter": "Test"
       },
       "jsonrpc": "2.0",
       "method": "findCompaniesByName",
       "id": "ae037403-7947-4f2b-b0b2-af190a8b44eb"
  }

Response:

  {
      "id":"ae037403-7947-4f2b-b0b2-af190a8b44eb",
      "jsonrpc":"2.0",
      "result": [{
          "type": 1,
          "name": "Test customer",
          "id": "55191c7ab1a43d1f107b23c7",
          "address": "Str Example No 1",
          "phone": "0040740000001",
          "canBeManagedByAbove": true,
          "enforce2FA": true,
          "skip2FAPeriod": 1
          "isSuspended": false,
          "createdAt": "2017-01-28T15:01:15",
          "country": "CA",
          "state": "CA-BC",
          "contactPerson": {
              "fullName": "Stephen Jhonson",
              "email": "stephen.jhonsons@example.email.com",
              "phoneNumber": "0040740000001",
              "companyRole": "Owner / President"
          },
          "customFields":{
              "referenceID":"004562",
              "vertical":"healthcare",
              "partner_type":"platinum",
              "security_level":"high",
              "payment_status":"goodstanding"
          }
      },
       {
          "type": 0,
          "name": "Test partner",
          "id": "55191c5fb1a43da8107b23c6",
          "address": "Str Example No 2",
          "phone": "0040740000002",
          "canBeManagedByAbove": true,
          "enforce2FA": false,
          "isSuspended": false,
          "createdAt": "2017-01-28T15:01:15",
          "country": "CA",
          "state": "CA-BC",
          "country": "CA",
          "state": "CA-BC",
          "contactPerson": {
              "fullName": "Stephen Jhonson",
              "email": "stephen.jhonsons@example.email.com",
              "phoneNumber": "0040740000001",
              "companyRole": "Owner / President"
          },
          "customFields":{
              "referenceID":"004562",
              "vertical":"healthcare",
              "partner_type":"platinum",
              "security_level":"high",
              "payment_status":"goodstanding"
          }
      }]
  }

suspendCompany

This method suspends an active company account, with the following implications:

Parameters

Parameter

Type

Optional

Description

companyId

String

No

The ID of the company to be suspended.

recursive

Boolean

No

True if sub-companies should be suspended as well.

Return value

This method does not return any value.

Example

Request:

  {
       "params": {
          "companyId" : "5493dcd2b1a43df00b7b23c6",
          "recursive" : false
       },
       "jsonrpc": "2.0",
       "method": "suspendCompany",
       "id": "8f6748b9-d201-4b63-b17f-4ecbebce24a9"
  }

Response:

  {
      "id":"8f6748b9-d201-4b63-b17f-4ecbebce24a9",
      "jsonrpc":"2.0",
      "result": null
  }

activateCompany

This method activates a suspended company.

Parameters

Parameter

Type

Optional

Description

companyId

String

No

The ID of the company to be activated.

recursive

Boolean

No

rue if sub-companies should be activated as well

Return value

This method does not return any value.

Example

Request:

  {
       "params": {
          "companyId" : "5493dcd2b1a43df00b7b23c6",
          "recursive" : false
       },
       "jsonrpc": "2.0",
       "method": "activateCompany",
       "id": "c67860e2-36cc-43bd-bc0f-f1061c180b52"
  }

Response:

  {
      "id":"c67860e2-36cc-43bd-bc0f-f1061c180b52",
      "jsonrpc":"2.0",
      "result": null
  }

createCustomFieldDefinition

This method creates a custom field definition.

Parameters

Parameter

Type

Optional

Description

name

String

No

The name of the custom field.

Return value

This method returns a String: the ID of the newly-created custom field.

Example

Request:

  {
       "params": {
           "name": "referenceID"
       },
       "jsonrpc": "2.0",
       "method": "createCustomFieldDefinition",
       "id": "e249c22c-0ada-4772-a9f1-ee1cbb322588"
  }

Response:

  {
      "id":"e249c22c-0ada-4772-a9f1-ee1cbb322588",
      "jsonrpc":"2.0",
      "result": "5493dcd2b1a43df00b7b23c6"
  }

updateCustomFieldDefinition

This method updates a custom field definition.

Parameters

Parameter

Type

Optional

Description

id

String

No

The ID of the custom field

name

String

No

Custom field name

Return value

This method does not return any value.

Example

Request:

  {
       "params": {
           "id": "5518f5f3b1a43d357e7b23c6",
           "name": "referenceID",
       },
       "jsonrpc": "2.0",
       "method": "updateCustomFieldDefinition",
       "id": "e249c22c-0ada-4772-a9f1-ee1cbb322588"
  }

Response:

  {
      "id":"e249c22c-0ada-4772-a9f1-ee1cbb322588",
      "jsonrpc":"2.0",
      "result": null
  }

getCustomFieldsDefinitions

This method retrieves the custom fields definitions.

Parameters

No input parameters are required.

Return value

This method returns an Object containing a list of the custom fields definitions with the following structure:

  • id - the ID of the custom field

  • name - the name of the custom field

Example

Request:

  {
       "params": {
       },
       "jsonrpc": "2.0",
       "method": "getCustomFieldsDefinitions",
       "id": "6435c228-73b0-4e72-9a2a-8716cc58c883"
  }

Response:

  {
      "id":"6435c228-73b0-4e72-9a2a-8716cc58c883",
      "jsonrpc":"2.0",
      "result": [
            {
               "name": "referenceID",
               "id": "5d8800330ea1de72721f9922"
            },
            {
               "name": "vertical",
               "id": "5d91f4350ea1de6353701f62"
            },
            {
               "name": "partner_type",
               "id": "5d91f2a90ea1de37ee1153f2"
            },
            {
               "name": "security_level",
               "id": "5d91f70b0ea1de67a438aba2"
            }
       ]
  }

deleteCustomFieldDefinition

This method deletes a custom field definition.

Parameters

Parameter

Type

Optional

Description

id

String

No

The ID of the custom field to be deleted

Return value

This method does not return any value.

Example

Request:

  {
       "params": {
           "id": "54a295d8b1a43d7c4a7b23c6",
       },
       "jsonrpc": "2.0",
       "method": "deleteCustomFieldDefinition",
       "id": "f5911ea2-9f14-4046-96eb-5fa24cca98f0"
  }

Response:

  {
      "id":"f5911ea2-9f14-4046-96eb-5fa24cca98f0",
      "jsonrpc":"2.0",
      "result": null
  }
In this section: