Secureworks GraphQL API
The Secureworks Taegis XDR API provides GraphQL-based programmatic access to the Taegis extended detection and response platform. The API supports alerts, investigations, endpoint assets, identities, threat intelligence, collectors, connectors, playbooks, and audit operations. Authentication uses OAuth2 client credentials flow with bearer token authorization. The platform is available across multiple regions in the US and EU, with each region served by a dedicated API endpoint.
Overview
Secureworks GraphQL API is a GraphQL API specification published by Secureworks on the APIs.io network.
The Secureworks Taegis XDR API provides GraphQL-based programmatic access to the Taegis extended detection and response platform. The API supports alerts, investigations, endpoint assets, identities, threat intelligence, collectors, connectors, playbooks, and audit operations. Authentication uses OAuth2 client credentials flow with bearer token authorization. The platform is available across multiple regions in the US and EU, with each region served by a dedicated API endpoint.
The GraphQL endpoint is available at https://api.ctpx.secureworks.com. documentation is published at https://docs.taegis.secureworks.com/apis/using_xdr_apis/.
The specification includes 2 reference links.
Tagged areas include Cybersecurity, XDR, Threat Detection, Security Operations, and Incident Response.
Endpoint
References
- Documentation https://docs.taegis.secureworks.com/apis/using_xdr_apis/
- Authentication https://docs.taegis.secureworks.com/apis/api_authenticate/