CYRISMA
LAST UPDATED: AUGUST 20, 2025
Overview
CYRISMA is an all-in-one, cloud-hosted cyber risk management platform created with the vision of reducing cybersecurity complexity and making high-quality security technology accessible to all businesses. It simplifies the process of identifying, assessing, and mitigating cyber risk, all while eliminating high licensing costs, long deployment times, and burdensome technologies.
D3 SOAR is providing REST operations to function with CYRISMA.
CYRISMA is available for use in:
Connection
To connect to CYRISMA from D3 SOAR, follow this part to collect the required information below:
Parameter | Description | Example |
Server URL | The server URL for the CYRISMA connection. | https://api.cyrisma.com |
API Key | The API Key you obtained from CYRISMA Support. | 407c********a598 |
API Secret | The API Secret you obtained from CYRISMA Support. | ZjNk********kOGQ |
Configuring CYRISMA to Work with D3 SOAR
The following need to be included:
Obtain initial credentials from CYRISMA Support. CYRISMA provides the API key (user name) and the API secret (password).
Change the API secret so that only authorized applications have API access.
Configuring D3 SOAR to Work with CYRISMA
Log in to D3 SOAR.
Find the CYRISMA integration.
Navigate to Configuration on the top header menu.
Click on the Integration icon on the left sidebar.
Type CYRISMA in the search box to find the integration, then click it to select it.
Click on the + Connection button on the right side of the Connections section. A new connection window will appear.
Configure the following fields to create a connection to CYRISMA.
Connection Name: The desired name for the connection.
Site: The site on which to use the integration connection. Use the drop-down menu to select the site. The Share to Internal Sites option enables all internal sites to use the connection. Selecting a specific site will only enable that site to use the connection.
Recipient site for events from connections Shared to Internal Sites: This field is displayed when Share to Internal Sites is selected for the Site field, allowing selection of the internal site for deploying the integration connection.
Agent Name (Optional): The proxy agent required to build the connection. Use the dropdown menu to select the proxy agent from a list of previously configured proxy agents.
Description (Optional): The description for the connection.
Tenant (Optional): When configuring the connection from a master tenant site, users can choose the specific tenant sites with which to share the connection. Once this setting is enabled, users can filter and select the desired tenant sites from the dropdowns to share the connection.
Configure User Permissions: Defines which users have access to the connection.
Active: The checkbox that enables the connection to be used when selected.
System: This section contains the parameters defined specifically for the integration. These parameters must be configured to create the integration connection.
1. Input the Server URL. The default value is https://api.cyrisma.com.
2. Input the API Key from the CYRISMA platform.
3. Input the API Secret.Enable Password Vault: An optional feature that allows users to take the stored credentials from their own password vault. Refer to the password vault connection guide if needed.
Connection Health Check: Periodically checks the connection status by scheduling the Test Connection command at the specified interval (in minutes). Available only for active connections, this feature also allows configuring email notifications for failed attempts.
Test the connection.
Click on the Test Connection button to verify credentials and connectivity. A success alert displays Passed with a green checkmark. If the connection fails, review the parameters and retry.
Click OK to close the alert window.
Click + Add to create and add the configured connection.
Commands
CYRISMA includes the following executable commands for users to set up schedules or create playbook workflows. With the Test Command function, users can execute these commands independently for playbook troubleshooting.
Authenticate Instances
Establishes authorization and enables 'reporting' endpoints. Whenever a new access token is generated via login, or regenerated due to token expiration, all instances must be re-authenticated using the latest session token. If the Instance ID is not provided, all available CYRISMA instances will be authenticated at once.
READER NOTE
Instance IDs is an optional parameter to run this command.
Run the Get All Structures command to obtain the Instance IDs. Instance IDs can be found in the raw data at $.Results[*].instance_id.
Input
Input Parameter | Required/Optional | Description | Example |
Instance IDs | Optional | The organization instance IDs to be authenticated. By default, all available CYRISMA instances will be authenticated at once. The instance ID can be obtained using the Get All Structures command. |
JSON
|
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Authenticate Instances failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Authenticate Instances failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Create User
Creates a new user under the specified organization.
READER NOTE
Instance IDs is an optional parameter to run this command.
Run the Get All Structures command to obtain the Instance IDs. Instance IDs can be found in the raw data at $.Results[*].instance_id.
Input
Input Parameter | Required/Optional | Description | Example |
Instance ID | Required | The instance ID of the organization in which the user is created. Users must be added only to instance IDs that are organizations. A user cannot be added to an instance ID that is a standard, trial, or consulting instance. The instance ID can be obtained using the Get All Structures command. | 36E6*****E9D2 |
User Email Address | Required | The user email address used for login. | donnyduck@emailemail.com |
First Name | Required | The first name of the user. | Donny |
Last Name | Required | The last name of the user. | Duck |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Create User failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Create User failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Create Webhook
Creates a webhook to ingest event data from specific instances. The callback URL, API key, and API secret can be obtained when configuring data ingestion with a webhook.
READER NOTE
Instance IDs is a required parameter to run this command.
Run the Get All Structures command to obtain the Instance IDs. Instance IDs can be found in the raw data at $.Results[*].instance_id.
Input
Input Parameter | Required/Optional | Description | Example |
Callback URL | Required | The vSOC callback URL. | https://demo.d3security.com/poc/VSOC/api/Data/CyrismaWebhook/CreateEvents |
API Key | Required | The API key for the callback URL. | d3key |
API Secret | Required | The API secret for the callback URL. | 5jBE****ql95 |
Instance IDs | Required | The IDs of the instances from which the webhook data is pushed. The instance ID can be obtained using the Get All Structures command. |
JSON
|
Scan Types | Optional | The scan types. The available scan types are vulnerability, baseline, and data. By default, all three scan types will be returned. |
JSON
|
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Create Webhook failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Create Webhook failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Disable Users
Disables the specified users.
READER NOTE
User References is a required parameter to run this command.
Run the List Users command to obtain the User References. User References can be found in the raw data at $.Results[*].User_reference.
Input
Input Parameter | Required/Optional | Description | Example |
User References | Required | The user references for the users to be disabled. The user reference can be obtained using the List Users command. |
JSON
|
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Disable Users failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Disable Users failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Get All Structures
Retrieves the entire provisioned structure of organizations and instances within the CYRISMA platform.
Input
N/A
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get All Structures failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Get All Structures failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Get Data Scan Summary
Retrieves the data scan summary of the specified instance. This command authenticates the instance before retrieving the data scan summary.
READER NOTE
Instance ID is a required parameter to run this command.
Run the Get All Structures command to obtain the Instance ID. Instance IDs can be found in the raw data at $.Results[*].instance_id.
Input
Input Parameter | Required/Optional | Description | Example |
Instance ID | Required | The organization instance ID to retrieve the data scan summary. The instance ID can be obtained using the Get All Structures command. | 9A1B*****A95E |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Data Scan Summary failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Get Data Scan Summary failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Get Mitigation Plan Details
Retrieves the details of a specific mitigation plan in the specified instance.
READER NOTE
Instance ID and Plan ID are required parameters to run this command.
Run the Get All Structures command to obtain the Instance IDs. Instance IDs can be found in the raw data at $.Results[*].instance_id.
Run the List Mitigation Plans command to obtain the Instance IDs. Instance IDs can be found in the raw data at $.mitigationItems[*].mit_id.
Input
Input Parameter | Required/Optional | Description | Example |
Instance ID | Required | The organization instance ID to retrieve mitigation plan details. The instance ID can be obtained using the Get All Structures command. | 9A1B*****A95E |
Plan Type | Required | The mitigation plan type to retrieve details. | Vulnerability |
Plan ID | Required | The ID of the mitigation plan to retrieve details. The plan ID can be obtained using the List Mitigation Plans command. | 8 |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Mitigation Plan Details failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Get Mitigation Plan Details failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Get Partners
Retrieves the details of the specified partner instances.
READER NOTE
Instance IDs is a required parameter to run this command.
Run the Get All Structures command to obtain the Instance IDs. Instance IDs can be found in the raw data at $.Results[*].instance_id.
Input
Input Parameter | Required/Optional | Description | Example |
Instance IDs | Required | The organization instance IDs for the partners. The instance ID can be obtained using the Get All Structures command. |
JSON
|
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Partners failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Get Partners failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Get Secure Baseline Scan Information
Retrieves the secure baseline scan information of the specified instance. This command authenticates the instance before retrieving the secure baseline scan information.
READER NOTE
Instance ID is a required parameter to run this command.
Run the Get All Structures command to obtain the Instance IDs. Instance IDs can be found in the raw data at $.Results[*].instance_id.
Input
Input Parameter | Required/Optional | Description | Example |
Instance ID | Required | The organization instance ID to retrieve secure baseline scan information. The instance ID can be obtained using the Get All Structures command. | 9A1B*****A95E |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Secure Baseline Scan Information failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Get Secure Baseline Scan Information failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Get Users
Retrieves the details of the specified users.
READER NOTE
User References is a required parameter to run this command.
Run the List Users command to obtain the User References. User References can be found in the raw data at $.Results[*].User_reference.
Input
Input Parameter | Required/Optional | Description | Example |
User References | Required | The user references for the users. The user reference can be obtained using the List Users command. |
JSON
|
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Users failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Get Users failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Get Vulnerability CVE Details
Retrieves the vulnerability CVE details of the specified instance. This command authenticates the instance before retrieving the vulnerability CVE details information.
READER NOTE
Instance IDs is a required parameter to run this command.
Run the Get All Structures command to obtain the Instance IDs. Instance IDs can be found in the raw data at $.Results[*].instance_id.
Input
Input Parameter | Required/Optional | Description | Example |
Instance ID | Required | The organization instance ID to retrieve vulnerability CVE details. The instance ID can be obtained using the Get All Structures command. | 9A1B*****8A95E |
CVE ID | Optional | The individual CVE ID to retrieve details. By default, all CVEs on the specified instance will be returned. | CVE-2023-24895 |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Vulnerability CVE Details failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Get Vulnerability CVE Details failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Get Vulnerability Scan Information
Retrieves the vulnerability scan information of the specified instance. This command authenticates the instance before retrieving the vulnerability scan information.
READER NOTE
Instance ID is a required parameter to run this command.
Run the Get All Structures command to obtain the Instance IDs. Instance IDs can be found in the raw data at $.Results[*].instance_id.
Input
Input Parameter | Required/Optional | Description | Example |
Instance ID | Required | The organization instance ID to retrieve vulnerability scan information. The instance ID can be obtained using the Get All Structures command. | 9A1B*****A95E |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Vulnerability Scan Information failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Get Vulnerability Scan Information failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
List Agent Statuses
Retrieves the agent statuses of the specified instance.
READER NOTE
Instance ID is a required parameter to run this command.
Run the Get All Structures command to obtain the Instance IDs. Instance IDs can be found in the raw data at $.Results[*].instance_id.
Input
Input Parameter | Required/Optional | Description | Example |
Instance ID | Required | The organization instance ID to retrieve agent statuses. The instance ID can be obtained using the Get All Structures command. | 9A1B*****A95E |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | List Agent Statuses failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data List Agent Statuses failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
List Users
Retrieves the details of all users.
Input
N/A
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | List Users failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data List Users failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
List Mitigation Plans
Retrieves the mitigation plans of the specified instance.
READER NOTE
Instance ID is a required parameter to run this command.
Run the Get All Structures command to obtain the Instance ID. Instance IDs can be found in the raw data at $.Results[*].instance_id.
Input
Input Parameter | Required/Optional | Description | Example |
Instance ID | Required | The organization instance ID to retrieve mitigation plans. The instance ID can be obtained using the Get All Structures command. | 9A1B*****A95E |
Plan Type | Optional | The mitigation plan type to retrieve details. Valid options are:
By default, mitigation plans of all three types will be returned. | Vulnerability |
Plan ID | Optional | The ID of the mitigation plan to retrieve details. By default, mitigation plans of the specified plan type, or all plan types if no plan type is specified, will be returned. If a plan ID is specified without a plan type, the plan ID will be omitted. | 8 |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | List Mitigation Plans failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data List Mitigation Plans failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
List Registered Webhooks
Retrieves the list of registered webhook callbacks in the specified instance.
READER NOTE
Instance ID is a required parameter to run this command.
Run the Get All Structures command to obtain the Instance ID. Instance IDs can be found in the raw data at $.Results[*].instance_id.
Input
Input Parameter | Required/Optional | Description | Example |
Instance ID | Required | The organization instance ID to retrieve registered webhook callbacks. The instance ID can be obtained using the Get All Structures command. | 9A1B*****A95E |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | List Registered Webhooks failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data List Registered Webhooks failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Reset Password
Resets the specified user's password. First-time API use must begin with a password reset. The original temporary password must be reset so that only authorized applications have access to the API. The new password is the API secret password and is returned only once. CYRISMA stores only an encrypted hash of this password for future login validation. The password itself cannot be recovered. The secret string corresponding to this API key must be recorded and stored securely. The new password is then used with the user name to generate future session tokens as required.
Input
Input Parameter | Required/Optional | Description | Example |
User Name (API Key) | Optional | The user name (API key) for which to reset the password (API secret). By default, the API key used in the connection page will be applied. If the user name is the same as the connection parameter API key and the password reset is successful, the API secret in the connection page will be automatically updated with the new password. | 407c*****a598 |
Password (API Secret) | Optional | The current password (API secret) to reset. By default, the API secret used in the connection page will be applied. | ZjNk********kOGQ |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Reset Password failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid Support account to call this API. |
Error Sample Data Reset Password failed. Status Code: 403. Message: You must have a valid Support account to call this API. |
Test Connection
Allows users to perform a health check on an integration connection. Users can schedule a periodic health check by selecting Connection Health Check when editing an integration connection.
Input
N/A
Output
Output Type | Description | Return Data Type |
Return Data | Indicates one of the possible command execution states: Successful or Failed. The Failed state can be triggered by any of the following errors: A connection issue with the integration The API returned an error message No response from the API More details about an error can be viewed in the Error tab. | String |
Error Handling
If the Return Data displays Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Test Connection failed. Failed to check the connector. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the CYRISMA portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You must have a valid support account to call this API. |
Error Sample Data Test Connection failed. Failed to check the connector. Status Code: 403. Message: You must have a valid Support account to call this API |