terminal

Developer API

For Enterprise Tier tenants, End Defend provides a powerful REST JSON API to automate policy enforcement and export Shadow IT telemetry into internal SIEMs (e.g., Splunk, Datadog).

Authentication Setup

All Enterprise endpoints require a valid JWT Access Token passed via the Authorization header. You must additionally supply your organizational X-Tenant header to resolve against your isolated schema.

curl -H "Authorization: Bearer <YOUR_TOKEN>" \
     -H "X-Tenant: acme-corp" \
     https://api.enddefend.com/monitoring/signals/

Core Endpoints

GET /monitoring/signals/

Retrieves paginated arrays of captured Shadow IT application accesses, AI Prompt interactions, and unsanctioned URL blocks.

POST /monitoring/policy-rules/

Programmatically inject new Global Allowlist or Blocklist URLs into the Corporate Policy Engine. Instantly propagated to active endpoint agents.

GET /monitoring/devices/

Export the live fleet status matrix, retrieving the online status, IP address, and total uptime of all deployed endpoints.