Replace Featured Active Directory Groups

Replace the featured active directory groups listed in your environment.

Synopsis

URI
/public_api/v1/featured_fields/replace_ad_groups/
HTTP Method
POST
Required License
Cortex XDR Pro per Endpoint or Cortex XDR Pro per TB

Description

Replace the featured active directory groups listed in your environment.
Running this API will delete all existing active directory groups.

Request Fields

The body of this request contains a JSON object with the following fields:
Field
Description
value
(
Required
) String value that defines the active directory name. Maximum length is 256 characters, must be formated as:
DOMAIN/GROUPNAME
comment
String that represents additional information regarding the featured alert field.
Request Example
curl -X POST https://api-{fqdn}/public_api/v1/featured_fields/replace_ad_groups/ \ -H "x-xdr-auth-id:{API_KEY_ID}" \ -H "Authorization:{API_KEY}" \ -H "Content-Type:application/json" \ -d '{ "request_data":{ "fields":[ { "value":"domain/administrators-group", "comment":"Administrators-group is a featured AD group" }, { "value":"domain/soc" } ] } }'

Success Response

Upon success, the HTTP response code is 200.
Field
Description
reply
JSON object containing the query result.
  • true
    —Active directory group successfully replaced.
Success Response Example
{ "reply": {true} }

Error Response

Upon error, the reply includes an HTTP response code, an error message, and additional information describing the error. The HTTP response code is one of the following:
Field
Description
400
Bad Request. Got an invalid JSON.
401
Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.
402
Unauthorized access. User does not have the required license type to run this API.
403
Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.
500
Internal server error. A unified status for API communication type errors.
Error Response Format
{"reply": {"err_code": STATUS_CODE, "err_msg": GENERAL_MESSAGE, "err_extra": EXTRA_DATA}}

Recommended For You