Cato Networks GraphQL API Reference
Support
Terms of Service
Refer to: Support Policy for Cato API
API Endpoints and Schema
Refer to: What is the Cato API
GraphQL Introspection Query
Use the GraphQL Introspection system to learn more about queries and types with the Cato API schema.
For more information, see the GraphQL Documentation.
API Labeling
EA: These APIs are part of Cato's EA program, if you’re interested in joining, please contact us at ea@catonetworks.com
Rollout: We are gradually rolling out these APIs, and they will be available to all accounts after a few weeks.
Beta: These APIs are fully operational but may undergo schema changes, including potential breaking changes, with limited advance notice—possibly as short as two weeks.
Queries
accountBySubdomain
Response
Returns [AccountDataPayload!]
Arguments
| Name | Description |
|---|---|
accountID - ID!
|
|
subdomains - [String!]!
|
a list of required subdomains |
Example
Query
query accountBySubdomain($accountID:ID!, $subdomains:[String!]!) {
accountBySubdomain(accountID:$accountID, subdomains:$subdomains) {
id
subdomain
}
}
Variables
{"accountID": "123", "subdomains": ["company"]}
Response
{"data": {"accountBySubdomain": [{"id": "123", "subdomain": "company"}]}}
accountMetrics
Description
The accountMetrics query helps you analyze the state and quality of the connections of sites and SDP users to the Cato Cloud. This data is for the traffic inside the DTLS tunnel between the site and the Cato Cloud. accountMetrics shows historical metrics, statics, and analytics for the account.
Response
Returns an AccountMetrics
Arguments
| Name | Description |
|---|---|
accountID - ID
|
Unique Identifier of Account. |
timeFrame - TimeFrame!
|
The time frame for the data that the query returns. The argument is in the format type.time value. This argument is mandatory. |
groupInterfaces - Boolean
|
When the boolean argument groupInterfaces is set to true, then the data for all the interfaces are aggregated to a single interface. |
groupDevices - Boolean
|
When the boolean argument groupDevices is set to true, then the analytics for all the Sockets (usually two in high availability) are aggregated as one result. For the best results for aggregated Sockets, we recommend that there is consistent names and functionality (for example Destination) for the links on both Sockets. |
Example
Query
query accountMetrics(
$accountID:ID!,
$timeFrame:TimeFrame!,
$groupInterfaces: Boolean,
$groupDevices: Boolean,
$siteIDs: [ID!]
) {
accountMetrics(
accountID:$accountID,
timeFrame: $timeFrame,
groupInterfaces: $groupInterfaces,
groupDevices: $groupDevices
) {
id
from
to
sites(siteIDs:$siteIDs) {
id
metrics {
bytesUpstream
bytesDownstream
}
interfaces {
name
metrics {
bytesUpstream
bytesDownstream
}
}
}
}
}
Variables
{
"accountID": "123",
"timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}",
"groupInterfaces": false,
"groupDevices": true,
"siteIDs": ["456", "789"]
}
Response
{
"data": {
"accountMetrics": {
"id": "123",
"from": "2023-02-28T00:00:00Z",
"to": "2023-02-28T23:59:59Z",
"sites": [
{
"id": "456",
"metrics": {"bytesUpstream": 122324400, "bytesDownstream": 8354720},
"interfaces": [
{
"name": "WAN 01",
"metrics": {
"bytesUpstream": 122324400,
"bytesDownstream": 8354720
}
}
]
},
{
"id": "789",
"metrics": {"bytesUpstream": 100254955, "bytesDownstream": 3907080},
"interfaces": [
{
"name": "WAN 01",
"metrics": {
"bytesUpstream": 100254955,
"bytesDownstream": 3907080
}
}
]
}
]
}
}
}
accountRoles
Response
Returns an AccountRolesResult!
Arguments
| Name | Description |
|---|---|
accountID - ID!
|
|
accountType - AccountType
|
Example
Query
query accountRoles($accountID:ID!){
accountRoles(accountID: $accountID) {
items {
name
isPredefined
}
total
}
}
Variables
{"accountID": "123"}
Response
{
"data": {
"accountRoles": {
"items": [
{"name": "Editor", "isPredefined": true},
{"name": "Viewer", "isPredefined": true},
{"name": "Network admin", "isPredefined": true},
{"name": "Security Admin", "isPredefined": true},
{"name": "Access Admin", "isPredefined": true}
],
"total": 5
}
}
}
accountSnapshot
Description
Current snapshot-based metrics that show near real‑time data for the account. Provides analytics that are similar to the Topology page for the account.
Response
Returns an AccountSnapshot
Arguments
| Name | Description |
|---|---|
accountID - ID
|
Unique Identifier of Account. |
Example
Query
query accountSnapshot($accountID:ID!) {
accountSnapshot(accountID:$accountID) {
sites {
connectivityStatus
haStatus{
readiness
wanConnectivity
keepalive
socketVersion
}
operationalStatus
lastConnected
connectedSince
devices {
connected
version
}
}
users {
connectivityStatus
connectedInOffice
name
deviceName
}
timestamp
}
}
Variables
{"accountID": "123"}
Response
{
"data": {
"accountSnapshot": {
"sites": [
{
"connectivityStatus": "connected",
"haStatus": {
"readiness": "ready",
"wanConnectivity": "ok",
"keepalive": "ok",
"socketVersion": "ok"
},
"operationalStatus": "active",
"lastConnected": "2023-02-28T13:21:05Z",
"connectedSince": "2023-02-27T15:10:06Z",
"devices": [
{"connected": true, "version": "17.0.16303"},
{"connected": true, "version": "17.0.16303"}
]
},
{
"connectivityStatus": "disconnected",
"haStatus": null,
"operationalStatus": "active",
"lastConnected": "2020-03-11T13:43:40Z",
"connectedSince": null,
"devices": [{"connected": false, "version": ""}]
}
],
"users": [
{
"connectivityStatus": "connected",
"connectedInOffice": false,
"name": "Employee Domywork",
"deviceName": "Employee’s MacBook Pro"
},
{
"connectivityStatus": "connected",
"connectedInOffice": false,
"name": "Alice Bobs",
"deviceName": "Alice’s MacBook Pro"
}
],
"timestamp": "2023-02-28T13:22:21Z"
}
}
}
admin
Response
Returns a GetAdminPayload
Example
Query
query admin($accountId:ID!, $adminID:ID!) {
admin(accountId:$accountId, adminID:$adminID) {
id
firstName
lastName
email
creationDate
mfaEnabled
managedRoles {
role {
name
}
}
}
}
Variables
{"accountId": "123", "adminID": "456"}
Response
{
"data": {
"admin": {
"id": "456",
"firstName": "Name",
"lastName": "Surname",
"email": "name.surname@company.org",
"creationDate": "Dec 27, 2020 9:30:34 AM",
"mfaEnabled": false,
"managedRoles": [{"role": {"name": "Viewer"}}]
}
}
}
admins
Response
Returns an AdminsResult
Example
Query
query admins($accountId:ID!, $limit: Int) {
admins(accountID:$accountId, limit: $limit) {
items {
id
email
managedRoles {
role {
name
}
}
}
total
}
}
Variables
{"accountId": "123", "limit": 2}
Response
{
"data": {
"admins": {
"items": [
{
"id": "1",
"email": "editor@company.org",
"managedRoles": [{"role": {"name": "Editor"}}]
},
{
"id": "2",
"email": "viewer@company.org",
"managedRoles": [{"role": {"name": "Viewer"}}]
}
],
"total": 3
}
}
}
appStats
Description
BETA
Response
Returns an AppStats
Arguments
| Name | Description |
|---|---|
accountID - ID!
|
Account ID |
timeFrame - TimeFrame!
|
|
measures - [Measure]
|
|
dimensions - [Dimension]
|
|
filters - [AppStatsFilter!]
|
|
postAggFilters - [AppStatsPostAggFilter!]
|
|
sort - [AppStatsSort!]
|
Example
Query
query appStats(
$accountID:ID!,
$timeFrame:TimeFrame!,
$measures: [Measure],
$dimensions:[Dimension],
$sort:[AppStatsSort!],
$limit:Int,
$from:Int,
) {
appStats(
accountID: $accountID,
timeFrame: $timeFrame,
measures: $measures,
dimensions:$dimensions,
sort:$sort,
) {
from
to
records(limit:$limit, from:$from){
fieldsMap
fieldsUnitTypes
}
}
}
Variables
{
"accountID": "123",
"timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}",
"dimensions": [{"fieldName": "application_id"}],
"sort": [{"fieldName": "traffic", "order": "desc"}],
"measures": [
{"fieldName": "traffic", "aggType": "sum"},
{"fieldName": "application", "aggType": "any"}
],
"limit": 5,
"from": 0
}
Response
{
"data": {
"appStats": {
"from": "2023-02-28T00:00:00Z",
"to": "2023-03-01T00:00:00Z",
"records": [
{
"fieldsMap": {
"application_id": "zoom",
"application": "Zoom",
"traffic": "95138282696"
},
"fieldsUnitTypes": ["none", "none", "bytes"]
},
{
"fieldsMap": {
"application_id": "udp",
"application": "UDP",
"traffic": "45401221439"
},
"fieldsUnitTypes": ["none", "none", "bytes"]
},
{
"fieldsMap": {
"application_id": "Tech",
"application": "Technological apps",
"traffic": "13982474567"
},
"fieldsUnitTypes": ["none", "none", "bytes"]
},
{
"fieldsMap": {
"application_id": "AppleSoftwareupdate",
"application": "Apple software update",
"traffic": "11624258191"
},
"fieldsUnitTypes": ["none", "none", "bytes"]
}
]
}
}
}
appStatsTimeSeries
Description
BETA
Response
Returns an AppStatsTimeSeries
Arguments
| Name | Description |
|---|---|
accountID - ID!
|
Account ID |
timeFrame - TimeFrame!
|
|
measures - [Measure]
|
|
dimensions - [Dimension]
|
|
filters - [AppStatsFilter!]
|
Example
Query
query appStatsTimeSeries(
$accountID:ID!,
$timeFrame:TimeFrame!,
$measures: [Measure],
$buckets:Int!
) {
appStatsTimeSeries(
accountID:$accountID,
timeFrame:$timeFrame,
measures: $measures
) {
from
to
granularity
timeseries(buckets:$buckets) {
label
data
key {
measureFieldName
}
}
}
}
Variables
{
"accountID": "123",
"timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}",
"measures": [
{"fieldName": "upstream", "aggType": "sum"},
{"fieldName": "downstream", "aggType": "sum"}
],
"buckets": 5
}
Response
{
"data": {
"appStatsTimeSeries": {
"from": "2023-02-28T00:00:00Z",
"to": "2023-03-01T00:00:00Z",
"granularity": 14400,
"timeseries": [
{
"label": "sum(upstream)",
"data": [
[1677542400000, 77192],
[1677556800000, 742410],
[1677571200000, 5335372],
[1677585600000, 2239509],
[1677600000000, 0],
[1677614400000, 0]
],
"key": {"measureFieldName": "upstream"}
},
{
"label": "sum(downstream)",
"data": [
[1677542400000, 209763],
[1677556800000, 1713925],
[1677571200000, 7719290],
[1677585600000, 2573650],
[1677600000000, 0],
[1677614400000, 0]
],
"key": {"measureFieldName": "downstream"}
}
]
}
}
}
auditFeed
Description
Audit Feed for account changes
Response
Returns an AuditFeed
Arguments
| Name | Description |
|---|---|
accountIDs - [ID!]
|
List of Unique Account Identifiers. |
timeFrame - TimeFrame!
|
|
filters - [AuditFieldFilterInput!]
|
|
marker - String
|
Marker to use to get results from |
Example
Query
query auditFeed($accountID:ID!, $timeFrame: TimeFrame!){
auditFeed(accountIDs:[$accountID], timeFrame:$timeFrame) {
from
to
fetchedCount
accounts {
id
records{
admin {
name
}
object {
name
}
time
fields {
name
value {
... on Entity {
name
id
type
}
... on StringValue {
string
}
... on DateValue {
date
}
}
}
}
}
}
}
Variables
{"accountID": "123", "timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}"}
Response
{
"data": {
"auditFeed": {
"from": "2023-02-28T00:00:00Z",
"to": "2023-02-28T23:59:59Z",
"fetchedCount": 1,
"accounts": [
{
"id": "123",
"records": [
{
"time": "2023-02-28T08:48:21Z",
"fields": [
{
"name": "admin",
"value": {
"name": "admin@company.org",
"id": "456",
"type": "admin",
"__typename": "Entity"
}
},
{
"name": "change.Before.description",
"value": {
"string": "Description before change",
"__typename": "StringValue"
}
},
{
"name": "change.After.description",
"value": {
"string": "Description after change",
"__typename": "StringValue"
}
},
{
"name": "model_name",
"value": {"string": "Site name", "__typename": "StringValue"}
},
{
"name": "module",
"value": {
"string": "Configuration",
"__typename": "StringValue"
}
},
{
"name": "change_type",
"value": {"string": "MODIFIED", "__typename": "StringValue"}
},
{
"name": "creation_date",
"value": {
"string": "1677574090000",
"__typename": "DateValue"
}
},
{
"name": "model_type",
"value": {"string": "Site", "__typename": "StringValue"}
},
{
"name": "admin_id",
"value": {"string": "456", "__typename": "StringValue"}
},
{
"name": "insertion_date",
"value": {
"date": "2023-02-28T08:48:21Z",
"__typename": "DateValue"
}
},
{
"name": "account_id",
"value": {"string": "123", "__typename": "StringValue"}
}
]
}
]
}
]
}
}
}
entityLookup
Description
Lookup entities with a specific type, potentially filtered and paged
Response
Returns an EntityLookupResult!
Arguments
| Name | Description |
|---|---|
accountID - ID!
|
The account ID (or 0 for non-authenticated requests) |
type - EntityType!
|
Type of entity to lookup for |
limit - Int
|
Sets the maximum number of items to retrieve Default |
from - Int
|
Sets the offset number of items (for paging) Default |
parent - EntityInput
|
Return items under a parent entity (can be site, vpn user, etc), used to filter for networks that belong to a specific site for example |
search - String
|
Adds additional search parameters for the lookup. Available options: country lookup: "removeExcluded" to return only allowed countries countryState lookup: country code ("US", "CN", etc) to get country's states Default |
entityIDs - [ID!]
|
Adds additional search criteria to fetch by the selected list of entity IDs. This option is not universally available, and may not be applicable specific Entity types. If used on non applicable entity type, an error will be generated. |
sort - [SortInput]
|
Adds additional sort criteria(s) for the lookup. This option is not universally available, and may not be applicable specific Entity types. |
filters - [LookupFilterInput]
|
Custom filters for entityLookup |
helperFields - [String!]
|
Additional helper fields |
Example
Query
query entityLookup($accountID:ID!, $limit:Int, $type:EntityType!) {
entityLookup(accountID: $accountID, type:$type, limit: $limit) {
items {
entity{
id
name
}
}
total
}
}
Variables
{"accountID": "123", "limit": 2, "type": "site"}
Response
{
"data": {
"entityLookup": {
"items": [
{"entity": {"id": "45040", "name": "azure_test"}},
{"entity": {"id": "75791", "name": "esx_test"}}
],
"total": 5
}
}
}
events
Response
Returns an Events
Arguments
| Name | Description |
|---|---|
accountID - ID!
|
Account ID |
timeFrame - TimeFrame!
|
|
measures - [EventsMeasure]
|
|
dimensions - [EventsDimension]
|
|
filters - [EventsFilter!]
|
|
postAggFilters - [EventsPostAggFilter!]
|
|
sort - [EventsSort!]
|
Example
Query
query events($accountID:ID!, $timeFrame:TimeFrame!, ) {
events(accountID: $accountID, timeFrame:$timeFrame, measures: {fieldName: event_count, aggType: sum}) {
records {
flatFields
fieldsMap
}
}
}
Variables
{"accountID": "123", "timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}"}
Response
{
"data": {
"events": {
"records": [
{
"flatFields": [["event_count", "2"]],
"fieldsMap": {"event_count": "2"}
}
]
}
}
}
eventsFeed
Description
Retrieve events from the account event queue. Use this query to fetch security, connectivity, system, routing, detection, and socket management events for one or more accounts. The API reads events sequentially from the queue and returns them in batches.
Typical usage is to call eventsFeed without a marker. The API returns the current queue position in the marker field. This initial request may not return any event records.
Subsequent requests should call eventsFeed using the marker returned in the previous response to retrieve events. Continue using the marker returned in each response to read events sequentially from the queue.
Response
Returns an EventsFeedData
Arguments
| Name | Description |
|---|---|
accountIDs - [ID!]
|
List of unique account identifiers whose events should be returned. |
filters - [EventFeedFieldFilterInput!]
|
Filters used to limit the returned events. Supported filter fields include event_type and event_sub_type. When filters are applied, the backend scans the event queue until matching events are found or a search limit is reached. The marker returned represents the queue position where the scan stopped. |
marker - String
|
Queue position marker. If omitted or empty, the API returns the current position in the event queue and may not return any event records. Use the marker returned in the previous response to fetch the next batch of events. Each response returns a new marker representing the next position in the queue. Continue using the returned marker in subsequent requests to read events sequentially. The queue retains events for approximately three days. Always use the returned marker as-is and do not attempt to parse or modify it. When filters are used, the marker represents the position where the backend stopped scanning the queue and may not correspond to the last event returned in the response. |
Example
Query
query eventsFeed(
$accountIDs: [ID!],
$filters: [EventFeedFieldFilterInput!]
) {
eventsFeed(
accountIDs: $accountIDs,
filters: $filters,
) {
marker
fetchedCount
accounts {
id
errorString
records {
fieldsMap
}
}
}
}
Variables
{
"accountIDs": [123],
"filters": [
{
"fieldName": "event_type",
"operator": "is_not",
"values": ["Sockets Management"]
},
{
"fieldName": "event_sub_type",
"operator": "is",
"values": ["Disconnected"]
}
]
}
Response
{
"data": {
"eventsFeed": {
"marker": "W3siVG9waWMiOiIxODIiLCJQYXJ0aXRpb24iOjAsIk9mZnNldCI6MzIxNTM4fV0=",
"fetchedCount": 1,
"accounts": [
{
"id": "123",
"errorString": "",
"records": [
{
"fieldsMap": {
"ISP_name": "IP Addresses Are Assigned Statically",
"account_id": "123",
"client_version": "8.0.4127",
"event_count": "1",
"event_sub_type": "Disconnected",
"event_type": "Connectivity",
"event_id": "7r0c7xUYIf",
"link_type": "Cato",
"pop_name": "Amsterdam",
"socket_interface": "WAN1",
"src_country": "Israel",
"src_country_code": "IL",
"src_is_site_or_vpn": "Site",
"src_isp_ip": "1.2.3.4",
"src_site": "native-range",
"time": "1677170467000",
"tunnel_protocol": "DTLS"
}
}
]
}
]
}
}
}
eventsTimeSeries
Response
Returns an EventsTimeSeries
Arguments
| Name | Description |
|---|---|
accountID - ID!
|
Account ID |
timeFrame - TimeFrame!
|
|
measures - [EventsMeasure]
|
|
dimensions - [EventsDimension]
|
|
filters - [EventsFilter!]
|
Example
Query
query eventsTimeSeries(
$accountID: ID!,
$filters: [EventsFilter!],
$timeFrame: TimeFrame!,
$measures: [EventsMeasure],
$buckets: Int!
) {
eventsTimeSeries(
accountID: $accountID,
filters: $filters,
timeFrame:$timeFrame,
measures: $measures
) {
id
from
to
granularity
timeseries(buckets:$buckets) {
label
data
}
}
}
Variables
{
"accountID": "4125",
"timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}",
"measures": [{"fieldName": "event_count", "aggType": "sum"}],
"buckets": 4
}
Response
{
"data": {
"eventsTimeSeries": {
"id": "4125",
"from": "2023-02-28T00:00:00Z",
"to": "2023-03-01T00:00:00Z",
"granularity": 21600,
"timeseries": [
{
"label": "sum(event_count)",
"data": [
[1677542400000, 5],
[1677564000000, 2],
[1677585600000, 0],
[1677607200000, 5]
]
}
]
}
}
}
servicePrincipalAdmin
Response
Returns a GetServicePrincipalAdminPayload
Example
Query
query servicePrincipalAdmin($accountId:ID!, $adminID:ID!) {
servicePrincipalAdmin(accountId:$accountId, adminID:$adminID) {
id
name
email
creationDate
managedRoles {
role {
name
}
}
}
}
Variables
{"accountId": "123", "adminID": "456"}
Response
{
"data": {
"servicePrincipalAdmin": {
"id": "456",
"name": "Service Principal",
"email": "service.principal@company.org",
"creationDate": "Dec 27, 2020 9:30:34 AM",
"managedRoles": [{"role": {"name": "Viewer"}}]
}
}
}
socketPortMetrics
Description
Provides historical metrics for physical and logical interfaces on Cato Sockets. This API enables detailed monitoring of LAN, WAN, Tunnel, Bypass, and Off-Cloud traffic, including throughput, bandwidth usage, and cellular signal quality.
Response
Returns a SocketPortMetrics
Arguments
| Name | Description |
|---|---|
accountID - ID!
|
Account ID |
timeFrame - TimeFrame!
|
|
measures - [SocketPortMetricsMeasure]
|
|
dimensions - [SocketPortMetricsDimension]
|
|
filters - [SocketPortMetricsFilter!]
|
|
postAggFilters - [SocketPortMetricsPostAggFilter!]
|
|
sort - [SocketPortMetricsSort!]
|
Example
Query
query socketPortMetrics(
$accountID:ID!,
$timeFrame:TimeFrame!,
$measures: [SocketPortMetricsMeasure],
$dimensions:[SocketPortMetricsDimension],
$sort:[SocketPortMetricsSort!],
$limit:Int,
$from:Int,
) {
socketPortMetrics(
accountID: $accountID,
timeFrame: $timeFrame,
measures: $measures,
dimensions:$dimensions,
sort:$sort,
) {
from
to
records(limit:$limit, from:$from){
fieldsMap
fieldsUnitTypes
}
}
}
Variables
{
"accountID": "123",
"timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}",
"dimensions": [{"fieldName": "site_id"}],
"sort": [{"fieldName": "throughput_upstream", "order": "desc"}],
"measures": [
{"fieldName": "throughput_upstream", "aggType": "max"},
{"fieldName": "throughput_downstream", "aggType": "max"}
],
"limit": 5,
"from": 0
}
Response
{
"data": {
"appStats": {
"from": "2023-02-28T00:00:00Z",
"to": "2023-03-01T00:00:00Z",
"records": [
{
"fieldsMap": {
"site_id": "1",
"throughput_upstream": "40",
"throughput_downstream": "20"
},
"fieldsUnitTypes": ["number", "bytes", "bytes"]
},
{
"fieldsMap": {
"site_id": "2",
"throughput_upstream": "40",
"throughput_downstream": "20"
},
"fieldsUnitTypes": ["number", "bytes", "bytes"]
},
{
"fieldsMap": {
"site_id": "3",
"throughput_upstream": "50",
"throughput_downstream": "30"
},
"fieldsUnitTypes": ["number", "bytes", "bytes"]
},
{
"fieldsMap": {
"site_id": "4",
"throughput_upstream": "40",
"throughput_downstream": "20"
},
"fieldsUnitTypes": ["number", "bytes", "bytes"]
}
]
}
}
}
socketPortMetricsTimeSeries
Description
Provides historical time series metrics for physical and logical interfaces on Cato Sockets. This API enables detailed monitoring of LAN, WAN, Tunnel, Bypass, and Off-Cloud traffic, including throughput, bandwidth usage, and cellular signal quality.
Response
Returns a SocketPortMetricsTimeSeries
Arguments
| Name | Description |
|---|---|
accountID - ID!
|
Account ID |
timeFrame - TimeFrame!
|
|
measures - [SocketPortMetricsMeasure]
|
|
dimensions - [SocketPortMetricsDimension]
|
|
filters - [SocketPortMetricsFilter!]
|
Example
Query
query socketPortMetricsTimeSeries(
$accountID:ID!,
$timeFrame:TimeFrame!,
$measures: [SocketPortMetricsMeasure],
$buckets:Int!
) {
socketPortMetricsTimeSeries(
accountID:$accountID,
timeFrame:$timeFrame,
measures: $measures
) {
from
to
granularity
timeseries(buckets:$buckets) {
label
data
key {
measureFieldName
}
}
}
}
Variables
{
"accountID": "123",
"timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}",
"measures": [
{"fieldName": "throughput_upstream", "aggType": "sum"},
{"fieldName": "throughput_downstream", "aggType": "sum"}
],
"buckets": 5
}
Response
{
"data": {
"appStatsTimeSeries": {
"from": "2023-02-28T00:00:00Z",
"to": "2023-03-01T00:00:00Z",
"granularity": 14400,
"timeseries": [
{
"label": "sum(throughput_upstream)",
"data": [
[1677542400000, 77192],
[1677556800000, 742410],
[1677571200000, 5335372],
[1677585600000, 2239509],
[1677600000000, 0],
[1677614400000, 0]
],
"key": {"measureFieldName": "throughput_upstream"}
},
{
"label": "sum(throughput_downstream)",
"data": [
[1677542400000, 209763],
[1677556800000, 1713925],
[1677571200000, 7719290],
[1677585600000, 2573650],
[1677600000000, 0],
[1677614400000, 0]
],
"key": {"measureFieldName": "throughput_downstream"}
}
]
}
}
}
subDomains
Description
The subdomain query helps you retrieve the URL of an account. The usage of this query supports 3 different scenarios:
- Regular account - Return only 1 subdomain relating to the regular account
- Reseller account - Return all subdomains including the reseller account subdomain
- Reseller account - Return only the reseller account subdomain
Response
Returns [SubDomain!]!
Example
Query
query subDomains($accountID:ID!, $managedAccount:Boolean) {
subDomains(accountID:$accountID, managedAccount:$managedAccount) {
accountId
accountName
accountType
subDomain
}
}
Variables
{"accountID": "123", "managedAccount": true}
Response
{
"data": {
"subDomains": [
{
"accountId": "123",
"accountName": "Gamma LLC",
"accountType": "Reseller",
"subDomain": "subdomain3"
},
{
"accountId": "1235",
"accountName": "Delta Inc.",
"accountType": "Regular",
"subDomain": "subdomain4"
}
]
}
}
AccessPrivateApplicationQueries
Description
Retrieve a single private application by ID or name
Response
Returns a PrivateApplication
Arguments
| Name | Description |
|---|---|
input - PrivateApplicationRefInput!
|
Example
Query
query PrivateApplication($accountId: ID!) {
privateApplication(accountId: $accountId) {
privateApplication(input: {
by: NAME
input: "Internal HR Portal"
}) {
id
name
description
creationTime
internalAppAddress
probingEnabled
published
allowIcmpProtocol
publishedAppDomain {
id
publishedAppDomain
catoIp
connectorGroupName
}
privateAppProbing {
id
type
interval
faultThresholdDown
}
protocolPorts {
protocol
port
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"privateApplication": {
"privateApplication": {
"id": "5001",
"name": "Internal HR Portal",
"description": "Internal HR management application",
"creationTime": "2026-04-28T10:00:00.000",
"internalAppAddress": "hr.internal.corp",
"probingEnabled": true,
"published": false,
"allowIcmpProtocol": true,
"publishedAppDomain": null,
"privateAppProbing": {
"id": "6001",
"type": "TCP",
"interval": 30,
"faultThresholdDown": 3
},
"protocolPorts": [{"protocol": "TCP", "port": [443, 8443]}]
}
}
}
}
Description
List of private applications with optional filtering and paging
Response
Returns a PrivateApplicationListPayload
Arguments
| Name | Description |
|---|---|
input - PrivateApplicationListInput
|
Example
Query
query PrivateApplicationList($accountId: ID!) {
privateApplication(accountId: $accountId) {
privateApplicationList(input: {
filter: {
freeText: [
{
search: "HR"
}
]
}
paging: {
limit: 10
from: 0
}
}) {
applications {
id
name
description
internalAppAddress
published
protocolPorts {
protocol
port
}
}
pageInfo {
total
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"privateApplication": {
"privateApplicationList": {
"applications": [
{
"id": "5001",
"name": "Internal HR Portal",
"description": "Internal HR management application",
"internalAppAddress": "hr.internal.corp",
"published": false,
"protocolPorts": [{"protocol": "TCP", "port": [443, 8443]}]
}
],
"pageInfo": {"total": 1}
}
}
}
}
AccountManagementQueries
account
Description
Read the account information
Response
Returns an AccountInfo
Example
Query
query getAccount($accountId:ID!) {
accountManagement(accountId: $accountId) {
account {
description
id
name
tenancy
timeZone
type
audit {
createdBy
createdTime
}
}
}
}
Variables
{"accountId": "456"}
Response
{
"data": {
"accountManagement": {
"account": {
"description": "account description",
"id": "456",
"name": "name",
"tenancy": "SINGLE_TENANT",
"timeZone": "Australia/ACT",
"type": "CUSTOMER",
"audit": {
"createdBy": "main@admin.com",
"createdTime": "2024-08-14T09:34:24Z"
}
}
}
}
}
AntiMalwareFileHashPolicyQueries
policy
Beta
Response
Returns an AntiMalwareFileHashPolicy!
Arguments
| Name | Description |
|---|---|
input - AntiMalwareFileHashPolicyInput
|
Example
Query
query AntiMalwareFileHash($accountId: ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
policy {
enabled
rules {
properties
rule {
id
index
name
fileName
expirationDate
action
sha256
}
}
sections {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"antiMalwareFileHash": {
"policy": {
"enabled": true,
"rules": [
{
"properties": [],
"rule": {
"id": "rule-id-1",
"index": 0,
"name": "Block Malicious File",
"fileName": "malware.exe",
"expirationDate": "2025-12-31T23:59:59Z",
"action": "BLOCK",
"sha256": "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
}
}
],
"sections": [
{
"properties": [],
"section": {"id": "section-id-1", "name": "Default Section"}
}
]
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query AntiMalwareFileHash($accountId: ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"antiMalwareFileHash": {
"revisions": {
"revision": [
{"name": "Test Revision", "changes": 0},
{"name": "Initial Revision", "changes": 2}
]
}
}
}
}
}
AppTenantRestrictionPolicyQueries
policy
Beta
Response
Returns an AppTenantRestrictionPolicy!
Arguments
| Name | Description |
|---|---|
input - AppTenantRestrictionPolicyInput
|
Example
Query
query AppTenantRestriction($accountId: ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
policy {
enabled
rules {
properties
rule {
id
index
name
}
}
sections {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"appTenantRestriction": {
"policy": {
"enabled": false,
"rules": [
{
"properties": [],
"rule": {
"id": "5e38909c-d5f4-4132-98eb-7efd28ca5ca5",
"index": 1,
"name": "App Tenant Restriction Rule 1"
}
}
],
"sections": [
{
"properties": [],
"section": {
"id": "0f61ccb5-1912-4bc0-ade6-06fc684b561f",
"name": "Section 1"
}
}
]
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query AppTenantRestriction($accountId: ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"appTenantRestriction": {
"revisions": {
"revision": [
{"name": "Test Revision", "changes": 0},
{"name": "Test Revision", "changes": 0},
{"name": "Test Revision", "changes": 0},
{"name": "Test Revision", "changes": 0},
{"name": "Test Revision", "changes": 0}
]
}
}
}
}
}
ApplicationControlPolicyQueries
policy
Beta
Response
Returns an ApplicationControlPolicy!
Arguments
| Name | Description |
|---|---|
input - ApplicationControlPolicyInput
|
Example
Query
query ApplicationControl($accountId: ID!) {
policy(accountId: $accountId) {
applicationControl {
policy {
enabled
rules {
properties
rule {
id
index
name
}
}
sections {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"applicationControl": {
"policy": {
"enabled": false,
"rules": [
{
"properties": [],
"rule": {
"id": "2131672",
"index": 1,
"name": "Block uploading credit card numbers"
}
},
{
"properties": [],
"rule": {
"id": "2131673",
"index": 2,
"name": "Microsoft - Only allow the tenant catonetworks.com"
}
},
{
"properties": [],
"rule": {
"id": "2131674",
"index": 3,
"name": "Microsoft - Monitor logins for external Microsoft tenants (click rule to read Description)"
}
},
{
"properties": [],
"rule": {
"id": "2131675",
"index": 4,
"name": "OneDrive - Only allow the catonetworks.com tenant"
}
},
{
"properties": [],
"rule": {
"id": "2131676",
"index": 5,
"name": "OneDrive - Monitor logins for external OneDrive tenants (click rule to read Description)"
}
},
{
"properties": [],
"rule": {
"id": "2131677",
"index": 6,
"name": "OneDrive - Monitor personal OneDrive tenants"
}
},
{
"properties": [],
"rule": {
"id": "2131678",
"index": 7,
"name": "Gmail - Monitor Gmail attachments"
}
},
{
"properties": [],
"rule": {
"id": "2131679",
"index": 8,
"name": "Monitor online storage apps: risk higher than 3, or no ISO"
}
},
{
"properties": [],
"rule": {
"id": "2131680",
"index": 9,
"name": "Twitter/X - Block posts with the string “samplekeyword”"
}
},
{
"properties": [],
"rule": {
"id": "2131681",
"index": 10,
"name": "Twitter/X - Monitor posts with long words (more than 8 characters)"
}
},
{
"properties": [],
"rule": {
"id": "2131682",
"index": 11,
"name": "Twitter/X - Monitor all posts"
}
},
{
"properties": [],
"rule": {
"id": "2131683",
"index": 12,
"name": "OpenAI - Restrict logins for allowed users and tenants"
}
},
{
"properties": [],
"rule": {
"id": "2131684",
"index": 13,
"name": "Open AI - Monitor logins for external tenant (click rule to read Description)"
}
},
{
"properties": [],
"rule": {
"id": "2131685",
"index": 14,
"name": "OpenAI - Monitor third-party logins"
}
},
{
"properties": [],
"rule": {
"id": "2131686",
"index": 15,
"name": "Google Drive - Restrict view to allowed folders"
}
},
{
"properties": [],
"rule": {
"id": "2131687",
"index": 16,
"name": "Google Drive - Monitor non-allowed folders (click rule to read Description)"
}
},
{
"properties": [],
"rule": {
"id": "2131688",
"index": 17,
"name": "Test sensitivity labels - edit MIP labels before enabling"
}
},
{
"properties": [],
"rule": {
"id": "2131689",
"index": 18,
"name": "Sanctioned apps - Allow upload without monitoring"
}
},
{
"properties": [],
"rule": {
"id": "2131690",
"index": 19,
"name": "Non-sanctioned apps - Monitor uploads"
}
},
{
"properties": [],
"rule": {
"id": "2131691",
"index": 20,
"name": "Log Any Cloud Application Granular Activities"
}
}
],
"sections": []
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query ApplicationControl($accountId: ID!) {
policy(accountId: $accountId) {
applicationControl {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"applicationControl": {
"revisions": {"revision": [{"name": "Test Revision", "changes": 0}]}
}
}
}
}
CatalogQueries
catalogApplication
Beta
Response
Returns a CatalogApplication
Arguments
| Name | Description |
|---|---|
input - ApplicationRefInput!
|
Example
Query
query ($accountId: ID!, $refInput: ApplicationRefInput!) {
catalogs(accountId: $accountId) {
catalogApplication(input: $refInput) {
__typename
id
name
descriptionSummary
description
category {
id
name
}
securityAttributes {
mfa
encryptionAtRest
auditTrail
rbac
rememberPassword
sso
trustedCertificate
tlsEnforcement
httpSecurityHeaders
}
ipoStatus
website
originCountry {
id
name
}
region
city
risk
numOfEmployees
capability
activity {
id
name
}
type
sanctioned
recentlyAdded
standardPorts {
port
protocol
}
}
}
}
Variables
{"accountId": "123456", "refInput": {"by": "ID", "input": "Facebook"}}
Response
{
"data": {
"catalogs": {
"catalogApplication": {
"__typename": "CatalogApplication",
"id": "Facebook",
"name": "Facebook",
"descriptionSummary": "Facebook is an online social networking service that enables its users to connect with friends and family.",
"description": "Facebook is an online social networking service that allows its users to connect with friends and family as well as make new connections.",
"category": [{"id": "social", "name": "Social"}],
"securityAttributes": {
"mfa": "SUPPORTED",
"encryptionAtRest": "SUPPORTED",
"auditTrail": "SUPPORTED",
"rbac": "SUPPORTED",
"rememberPassword": "SUPPORTED",
"sso": "SUPPORTED",
"trustedCertificate": "SUPPORTED",
"tlsEnforcement": "SUPPORTED",
"httpSecurityHeaders": "SUPPORTED"
},
"ipoStatus": "IPO",
"website": "http://www.facebook.com",
"originCountry": {"id": "US", "name": "United States"},
"region": "California",
"city": "Menlo Park",
"risk": 3,
"numOfEmployees": "BETWEEN_10001_MAX",
"capability": ["APP_CONTROL_INLINE"],
"activity": [
{"id": "facebook_upload_post", "name": "Post"},
{"id": "facebook_comment", "name": "Comment"},
{"id": "facebook_login", "name": "Login"},
{"id": "full_path_url", "name": "Full Path URL"}
],
"type": "CLOUD_APPLICATION",
"sanctioned": false,
"recentlyAdded": false,
"standardPorts": [{"port": [443], "protocol": "TCP"}]
}
}
}
}
catalogApplicationList
Beta
Response
Returns a CatalogApplicationListPayload
Arguments
| Name | Description |
|---|---|
input - CatalogApplicationListInput!
|
Example
Query
query ($accountId: ID!, $input: CatalogApplicationListInput!) {
catalogs(accountId: $accountId) {
catalogApplicationList(input: $input) {
pageInfo {
total
}
application {
__typename
id
name
descriptionSummary
description
category {
id
name
}
complianceAttributes {
iso27001
sox
hippa
soc1
soc2
soc3
isae3402
pciDss
}
securityAttributes {
mfa
encryptionAtRest
auditTrail
rbac
rememberPassword
sso
trustedCertificate
tlsEnforcement
httpSecurityHeaders
}
ipoStatus
website
originCountry {
id
name
}
region
city
risk
numOfEmployees
capability
activity {
id
name
}
type
sanctioned
recentlyAdded
standardPorts {
port
protocol
}
}
}
}
}
Variables
{
"accountId": "123456",
"input": {
"sort": {"name": {"direction": "ASC", "priority": 1}},
"filter": [{"freeText": {"search": "Facebook"}}],
"paging": {"limit": 1}
}
}
Response
{
"data": {
"catalogs": {
"catalogApplicationList": {
"pageInfo": {"total": 1},
"application": [
{
"__typename": "CatalogApplication",
"id": "Facebook",
"name": "Facebook",
"descriptionSummary": "Facebook is an online social networking service that enables its users to connect with friends and family.",
"description": "Facebook is an online social networking service that allows its users to connect with friends and family as well as make new connections.It provides its users with the ability to create a profile, update information, add images, send friend requests, and accept requests from other users. Its features include status update, photo tagging and sharing, and more. Facebooks profile structure includes a timeline, information related to the user, images of the user, images added by friends of the user, notes, pages, groups, and more. It enables its users to create pages related to entertainment, sports, business, finance, preferences, hobbies, culture, religion, causes, organizations, and a number of other categories. It also enables its users to join or create groups related to a vast number of categories.With millions of more users, [Friendster] attempted to acquire the company for $10 million in mid-2004. Facebook turned down the offer and subsequently received $12.7 million in funding from [Accel Partners] at a valuation of around $100 million. Facebook continued to grow opening up to high school students in September 2005 and adding a photo-sharing feature the next month. The next spring, Facebook received $25 million in funding from [Greylock Partners] and [Meritech Capital] as well as previous investors [Accel Partners] and [Peter Thiel]. The pre-money valuation for this deal was about $525 million. Facebook subsequently opened up to work networks eventually amassing over 20,000 work networks. Finally, in September 2006, Facebook was opened to anyone with an email address.Facebook continued to receive funding most notably in January 2011 receiving $1.5 billion and valuing the company at $50 billion. A year later in February 2012, Facebook announced that it was filing for its long-anticipated initial public offering. The company went public on May 18, 2012 opening in [NASDAQ] with shares trading at $42.05.Facebook announced positive numbers in February 2012 upon filing for its IPO. As of July 2013 over 1.15 billion users have logged into Facebook every month and 669 million users daily. Mobile users now make up half of Facebooks user base with 819 million monthly actives. Facebook is one of the most trafficked sites in the United States. Additionally, Facebook is the top photo-sharing site with 250 million photos uploaded per day.The company has a strategic partnership with AXA Group to develop marketing and commercial collaboration in the digital, social, and mobile sphere.Facebook is currently the owner of many applications and services such as Pagemodo Pagebuilder, [RSS Graffiti], Huddle, and more. It is the worlds largest social network with over 1.32 billion monthly active users.Facebook was founded by Mark Zuckerberg in Menlo Park, California in 2004.",
"category": [{"id": "social", "name": "Social"}],
"complianceAttributes": {
"iso27001": "SUPPORTED",
"sox": "SUPPORTED",
"hippa": "SUPPORTED",
"soc1": "SUPPORTED",
"soc2": "SUPPORTED",
"soc3": "SUPPORTED",
"isae3402": "SUPPORTED",
"pciDss": "SUPPORTED"
},
"securityAttributes": {
"mfa": "SUPPORTED",
"encryptionAtRest": "SUPPORTED",
"auditTrail": "SUPPORTED",
"rbac": "SUPPORTED",
"rememberPassword": "SUPPORTED",
"sso": "SUPPORTED",
"trustedCertificate": "SUPPORTED",
"tlsEnforcement": "SUPPORTED",
"httpSecurityHeaders": "SUPPORTED"
},
"ipoStatus": "IPO",
"website": "http://www.facebook.com",
"originCountry": {"id": "US", "name": "United States"},
"region": "California",
"city": "Menlo Park",
"risk": 3,
"numOfEmployees": "BETWEEN_10001_MAX",
"logo": null,
"capability": ["APP_CONTROL_INLINE"],
"activity": [
{"id": "facebook_upload_post", "name": "Post"},
{"id": "facebook_comment", "name": "Comment"},
{"id": "facebook_login", "name": "Login"},
{"id": "full_path_url", "name": "Full Path URL"}
],
"type": "CLOUD_APPLICATION",
"sanctioned": false,
"recentlyAdded": false,
"standardPorts": [{"port": [443], "protocol": "TCP"}]
}
]
}
}
}
}
contentTypeGroupList
Beta
Response
Arguments
| Name | Description |
|---|---|
input - CatalogApplicationContentTypeGroupListInput!
|
Example
Query
query ContentTypeGroups($accountId: ID!, $input: CatalogApplicationContentTypeGroupListInput!) {
catalogs(accountId: $accountId) {
contentTypeGroupList(input: $input) {
pageInfo {
total
}
contentTypeGroup {
id
name
contentType {
id
name
}
}
}
}
}
Variables
{
"accountId": "123456",
"input": {
"sort": {"name": {"direction": "ASC", "priority": 1}},
"filter": [
{"name": {"in": ["Binaries", "disk"]}},
{"contentType": {"id": {"eq": "cab"}}, "id": {"eq": "archive"}}
],
"paging": {"limit": 20}
}
}
Response
{
"data": {
"catalogs": {
"contentTypeGroupList": {
"pageInfo": {"total": 2},
"contentTypeGroup": [
{
"id": "archive",
"name": "Archives",
"contentType": [{"id": "cab", "name": "Windows CABinet"}]
},
{
"id": "bin",
"name": "Binaries",
"contentType": [
{"id": "bin", "name": "Binary files"},
{"id": "elf-dump", "name": "ELF core dump"},
{"id": "elf-obj", "name": "ELF object file"},
{"id": "mat", "name": "MATLAB MAT file"}
]
}
]
}
}
}
}
ClientConnectivityPolicyQueries
policy
Beta
Response
Returns a ClientConnectivityPolicy!
Arguments
| Name | Description |
|---|---|
input - ClientConnectivityPolicyInput
|
Example
Query
query ClientConnectivityPolicy($accountId: ID!) {
policy(accountId: $accountId) {
clientConnectivity {
policy {
enabled
rules {
properties
rule {
id
index
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"clientConnectivity": {
"policy": {
"enabled": false,
"rules": [
{
"properties": [],
"rule": {
"id": "9ed03ea7-6c46-43b4-8edf-5e1f0a8897da",
"index": 1,
"name": "Updated rule name"
}
}
]
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query ClientConnectivityPolicy($accountId: ID!) {
policy(accountId: $accountId) {
clientConnectivity {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"clientConnectivity": {
"revisions": {
"revision": [
{"name": "Test Revision", "changes": 0},
{"name": "Test Revision", "changes": 0}
]
}
}
}
}
}
ConnectivitySnapshotsQueries
Description
Returns ZTNA app connector group snapshots
Response
Returns a ZtnaAppConnectorGroupSnapshotPayload
Arguments
| Name | Description |
|---|---|
input - ZtnaAppConnectorGroupSnapshotInput!
|
Example
Query
query ztnaAppConnectorGroupSnapshot($accountId: ID!, $input: ZtnaAppConnectorGroupSnapshotInput!) {
connectivitySnapshots(accountId: $accountId) {
ztnaAppConnectorGroupSnapshot(input: $input) {
items {
groupName
totalConnectors
privateAppCount
connectivityStatus {
connectivityStatus
total
}
privateApps {
id
name
}
connectors {
id
name
privateAppCount
connectivity {
status
popLocation {
id
name
}
}
}
}
pageInfo {
total
}
}
}
}
Variables
{
"accountId": "11039",
"input": {
"filter": {"groupName": [{"eq": "Finance Connectors"}]},
"paging": {"limit": 10, "from": 0}
}
}
Response
{
"data": {
"connectivitySnapshots": {
"ztnaAppConnectorGroupSnapshot": {
"items": [
{
"groupName": "Finance Connectors",
"totalConnectors": 2,
"privateAppCount": 3,
"connectivityStatus": [
{"connectivityStatus": "CONNECTED", "total": 1},
{"connectivityStatus": "DISCONNECTED", "total": 1}
],
"privateApps": [
{"id": "3001", "name": "finance-erp"},
{"id": "3002", "name": "finance-crm"},
{"id": "3003", "name": "finance-payroll"}
],
"connectors": [
{
"id": "2001",
"name": "finance-connector-us-east",
"privateAppCount": 3,
"connectivity": {
"status": "CONNECTED",
"popLocation": {"id": "101", "name": "New York City"}
}
},
{
"id": "2002",
"name": "finance-connector-eu-west",
"privateAppCount": 3,
"connectivity": {"status": "DISCONNECTED", "popLocation": null}
}
]
}
],
"pageInfo": {"total": 1}
}
}
}
}
Description
Returns ZTNA app connector snapshots
Response
Returns a ZtnaAppConnectorSnapshotPayload
Arguments
| Name | Description |
|---|---|
input - ZtnaAppConnectorSnapshotInput!
|
Example
Query
query ztnaAppConnectorSnapshot($accountId: ID!, $input: ZtnaAppConnectorSnapshotInput!) {
connectivitySnapshots(accountId: $accountId) {
ztnaAppConnectorSnapshot(input: $input) {
items {
id
name
privateAppCount
info {
createdAt
groupName
type
location {
cityName
countryCode
countryName
}
}
connectivity {
status
firstConnected
lastConnected
popLocation {
id
name
}
}
device {
id
info {
model
serialNumber
socketId
isRegistered
version
}
connectivity {
platform
serialNumber
version
}
interface {
id
interfaceType
connectivity {
status
lanIp
dnsServer
}
}
}
privateApp {
id
name
connectivity {
probingStatus
routingStatus
}
}
}
pageInfo {
total
}
}
}
}
Variables
{
"accountId": "11039",
"input": {
"filter": {"groupName": [{"eq": "Finance Connectors"}]},
"sort": {"name": {"direction": "ASC", "priority": 1}},
"paging": {"limit": 1, "from": 0}
}
}
Response
{
"data": {
"connectivitySnapshots": {
"ztnaAppConnectorSnapshot": {
"items": [
{
"id": "2001",
"name": "finance-connector-us-east",
"privateAppCount": 2,
"info": {
"createdAt": "2026-03-12T09:15:00.000Z",
"groupName": "Finance Connectors",
"type": "PHYSICAL",
"location": {
"cityName": "New York",
"countryCode": "US",
"countryName": "United States"
}
},
"connectivity": {
"status": "CONNECTED",
"firstConnected": "2026-03-12T09:20:00.000Z",
"lastConnected": "2026-04-06T08:40:12.000Z",
"popLocation": {"id": "101", "name": "New York City"}
},
"device": {
"id": "device-2001",
"info": {
"model": "X1600",
"serialNumber": "X1600-ABC12345",
"socketId": "socket-2001",
"isRegistered": true,
"version": "15.0.12031"
},
"connectivity": {
"platform": "X1600",
"serialNumber": "X1600-ABC12345",
"version": "15.0.12031"
},
"interface": [
{
"id": "LAN1",
"interfaceType": "LAN",
"connectivity": {
"status": "connected",
"lanIp": "10.10.0.5",
"dnsServer": ["8.8.8.8", "1.1.1.1"]
}
}
]
},
"privateApp": [
{
"id": "3001",
"name": "finance-erp",
"connectivity": {"probingStatus": "UP", "routingStatus": "UP"}
},
{
"id": "3002",
"name": "finance-crm",
"connectivity": {
"probingStatus": "DOWN",
"routingStatus": "DOWN"
}
}
]
}
],
"pageInfo": {"total": 1}
}
}
}
}
Description
Returns summary metrics for ZTNA app connector snapshots
Response
Returns a ZtnaAppConnectorSnapshotSummaryPayload
Arguments
| Name | Description |
|---|---|
input - ZtnaAppConnectorSnapshotSummaryInput!
|
Example
Query
query ztnaAppConnectorSnapshotSummary($accountId: ID!, $input: ZtnaAppConnectorSnapshotSummaryInput!) {
connectivitySnapshots(accountId: $accountId) {
ztnaAppConnectorSnapshotSummary(input: $input) {
connectivityStatus {
connectivityStatus
total
}
socketPlatform {
platform
total
}
socketModel {
model
total
}
version {
version
total
}
assignment {
assigned
total
}
total
}
}
}
Variables
{
"accountId": "11039",
"input": {"filter": {"connectivityStatus": [{"eq": "CONNECTED"}]}}
}
Response
{
"data": {
"connectivitySnapshots": {
"ztnaAppConnectorSnapshotSummary": {
"connectivityStatus": [
{"connectivityStatus": "CONNECTED", "total": 3},
{"connectivityStatus": "DISCONNECTED", "total": 1}
],
"socketPlatform": [
{"platform": "X1600", "total": 2},
{"platform": "AWS1500", "total": 2}
],
"socketModel": [
{"model": "AWS", "total": 2},
{"model": "X1600", "total": 2}
],
"version": [
{"version": "15.0.12031", "total": 3},
{"version": "15.0.11802", "total": 1}
],
"assignment": {"assigned": 1, "total": 2},
"total": 4
}
}
}
}
ContainerQueries
list
Beta
Response
Returns a ContainerSearchPayload!
Arguments
| Name | Description |
|---|---|
input - ContainerSearchInput!
|
Example
Query
query listContainers($accountId:ID!, $input:ContainerSearchInput!) {
container(accountId: $accountId) {
list(input: $input) {
containers {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"refs": [{"by": "NAME", "input": "Some Container"}],
"types": ["FQDN"]
}
}
Response
{
"data": {
"container": {
"list": {
"containers": [
{
"__typename": "FqdnContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
]
}
}
}
}
FqdnContainerQueries
downloadFile
Beta
Response
Returns a DownloadFqdnContainerFilePayload!
Arguments
| Name | Description |
|---|---|
input - DownloadFqdnContainerFileInput!
|
Example
Query
query downloadFqdnFile($accountId:ID!, $input:DownloadFqdnContainerFileInput!) {
container(accountId: $accountId) {
fqdn {
downloadFile(input: $input) {
id
name
encodedFile
}
}
}
}
Variables
{"accountId": 12345, "input": {"by": "NAME", "input": "Some Container"}}
Response
{
"data": {
"container": {
"fqdn": {
"downloadFile": {
"id": "1234567890",
"name": "Some Container",
"encodedFile": "MTkwLjIwLjI0LjM2LTE5MC4yMC4yNC4yMzYKMjAuMTAuMTMuMjcKMTgzLjEzLjU0LjIzNA=="
}
}
}
}
}
search
Beta
Response
Returns a FqdnContainerSearchPayload!
Arguments
| Name | Description |
|---|---|
input - FqdnContainerSearchInput!
|
Example
Query
query searchIpContainer($accountId:ID!, $input:FqdnContainerSearchInput!) {
container(accountId: $accountId) {
fqdn {
search(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {"ref": {"by": "NAME", "input": "Some Container"}}
}
Response
{
"data": {
"container": {
"fqdn": {
"search": {
"container": {
"__typename": "FqdnContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
searchFqdn
Beta
Response
Returns a FqdnContainerSearchFqdnPayload!
Arguments
| Name | Description |
|---|---|
input - FqdnContainerSearchFqdnInput!
|
Example
Query
query searchIpInContainer($accountId:ID!, $input:FqdnContainerSearchFqdnInput!) {
container(accountId: $accountId) {
fqdn {
searchFqdn(input: $input) {
containers {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{"accountId": 12345, "input": {"fqdn": "google.com"}}
Response
{
"data": {
"container": {
"fqdn": {
"searchFqdn": {
"containers": [
{
"__typename": "FqdnContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
]
}
}
}
}
}
testFromURL
Beta
Response
Returns a TestContainerFromUrlPayload!
Arguments
| Name | Description |
|---|---|
input - TestContainerFromUrlInput!
|
Example
Query
query testFqdnContainerFromURL($accountId:ID!, $input:TestContainerFromUrlInput!) {
container(accountId: $accountId) {
fqdn {
testFromURL(input: $input) {
sizeValid
topValid
sizeInvalid
topInvalid
}
}
}
}
Variables
{
"accountId": 12345,
"input": {"url": "https://example.com/fqdns.csv", "fileType": "CSV"}
}
Response
{
"data": {
"container": {
"fqdn": {
"testFromURL": {
"sizeValid": 95,
"topValid": ["example.com", "google.com", "github.com"],
"sizeInvalid": 5,
"topInvalid": ["invalid..fqdn", "not-a-valid-fqdn-"]
}
}
}
}
}
IpAddressRangeContainerQueries
downloadFile
Beta
Response
Arguments
| Name | Description |
|---|---|
input - DownloadIpAddressRangeContainerFileInput!
|
Example
Query
query downloadIpAddressNameFile($accountId:ID!, $input:DownloadIpAddressRangeContainerFileInput!) {
container(accountId: $accountId) {
ipAddressRange {
downloadFile(input: $input) {
id
name
encodedFile
}
}
}
}
Variables
{"accountId": 12345, "input": {"by": "NAME", "input": "Some Container"}}
Response
{
"data": {
"container": {
"ipAddressRange": {
"downloadFile": {
"id": "1234567890",
"name": "Some Container",
"encodedFile": "ZXhhbXBsZS5jb20KZ29vZ2xlLmNvbQphbWF6b20uY29t"
}
}
}
}
}
search
Beta
Response
Returns an IpAddressRangeContainerSearchPayload!
Arguments
| Name | Description |
|---|---|
input - IpAddressRangeContainerSearchInput!
|
Example
Query
query searchIpContainer($accountId:ID!, $input:IpAddressRangeContainerSearchInput!) {
container(accountId: $accountId) {
ipAddressRange {
search(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {"ref": {"by": "NAME", "input": "Some Container"}}
}
Response
{
"data": {
"container": {
"ipAddressRange": {
"search": {
"container": {
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
searchIpAddressRange
Beta
Response
Returns an IpAddressRangeContainerSearchIpAddressRangePayload!
Arguments
| Name | Description |
|---|---|
input - IpAddressRangeContainerSearchIpAddressRangeInput!
|
Example
Query
query searchIpInContainer($accountId:ID!, $input:IpAddressRangeContainerSearchIpAddressRangeInput!) {
container(accountId: $accountId) {
ipAddressRange {
searchIpAddressRange(input: $input) {
containers {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {"ipAddressRange": {"from": "190.20.24.36", "to": "190.20.24.236"}}
}
Response
{
"data": {
"container": {
"ipAddressRange": {
"searchIpAddressRange": {
"containers": [
{
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
]
}
}
}
}
}
testFromURL
Beta
Response
Returns a TestContainerFromUrlPayload!
Arguments
| Name | Description |
|---|---|
input - TestContainerFromUrlInput!
|
Example
Query
query testIpAddressRangeContainerFromURL($accountId:ID!, $input:TestContainerFromUrlInput!) {
container(accountId: $accountId) {
ipAddressRange {
testFromURL(input: $input) {
sizeValid
topValid
sizeInvalid
topInvalid
}
}
}
}
Variables
{
"accountId": 12345,
"input": {"url": "https://example.com/ip-ranges.csv", "fileType": "CSV"}
}
Response
{
"data": {
"container": {
"ipAddressRange": {
"testFromURL": {
"sizeValid": 95,
"topValid": [
"192.168.1.1-192.168.1.10",
"10.0.0.0-10.0.0.255",
"172.16.0.0-172.16.255.255"
],
"sizeInvalid": 5,
"topInvalid": [
"invalid-ip-range",
"999.999.999.999-1000.1000.1000.1000"
]
}
}
}
}
}
CustomAppDataQueries
Response
Returns a CustomApplication
Arguments
| Name | Description |
|---|---|
input - CustomApplicationRefInput!
|
Example
Query
query ($accountId: ID!, $refInput: CustomApplicationRefInput!) {
customAppData(accountId: $accountId) {
customApplication(input: $refInput) {
__typename
id
name
description
category {
id
name
}
criteria {
protocol
port
portRange {
from
to
}
destination {
domain
fqdn
destinationIp {
ip
subnet
ipRange {
from
to
}
}
}
}
}
}
}
Variables
{"accountId": "123456", "refInput": {"by": "ID", "input": "custom-app-id-123"}}
Response
{
"data": {
"customAppData": {
"customApplication": {
"__typename": "CustomApplication",
"id": "custom-app-id-123",
"name": "My Custom App",
"description": "A sample custom app for testing.",
"category": [{"id": "security", "name": "Security"}],
"criteria": [
{
"protocol": "TCP",
"port": [443],
"portRange": [{"from": 100, "to": 200}],
"destination": {
"domain": ["example.com"],
"fqdn": ["api.example.com"],
"destinationIp": {
"ip": ["192.168.1.1"],
"subnet": ["192.168.1.0/24"],
"ipRange": [{"from": "192.168.1.1", "to": "192.168.1.100"}]
}
}
}
]
}
}
}
}
Response
Returns a CustomApplicationListPayload
Arguments
| Name | Description |
|---|---|
input - CustomApplicationListInput!
|
Example
Query
query ($accountId: ID!, $input: CustomApplicationListInput!) {
customAppData(accountId: $accountId) {
customApplicationList(input: $input) {
items {
id
name
description
category {
id
name
}
criteria {
protocol
port
portRange {
from
to
}
destination {
domain
fqdn
destinationIp {
ip
subnet
ipRange {
from
to
}
}
}
}
}
paging {
total
}
}
}
}
Variables
{
"accountId": "123456",
"input": {"filter": [], "sort": {}, "paging": {"limit": 10}}
}
Response
{
"data": {
"customAppData": {
"customApplicationList": {
"items": [
{
"id": "custom-app-id-123",
"name": "My Custom App",
"description": "A sample custom app for testing",
"category": [{"id": "security", "name": "Security"}],
"criteria": [
{
"protocol": "TCP",
"port": [443],
"portRange": [{"from": 100, "to": 200}],
"destination": {
"domain": ["example.com"],
"fqdn": ["api.example.com"],
"destinationIp": {
"ip": ["192.168.1.1"],
"subnet": ["192.168.1.0/24"],
"ipRange": [{"from": "192.168.1.1", "to": "192.168.1.100"}]
}
}
}
]
}
],
"paging": {"total": 1}
}
}
}
}
DevicesQueries
attributesCatalog
Beta
Response
Returns a DeviceAttributesCatalogQueries!
Example
Query
query DeviceAttributesCatalog(
$accountId: ID!,
$categorySort: SortOrderInput,
$typeInput: DeviceAttributeCatalogInput,
$osInput: DeviceAttributeCatalogInput,
$modelInput: DeviceAttributeCatalogInput,
$manufacturerInput: DeviceAttributeCatalogInput
) {
devices(accountId: $accountId) {
attributesCatalog {
category(sort: $categorySort) {
items
pageInfo {
total
}
}
type(input: $typeInput) {
items
pageInfo {
total
}
}
os(input: $osInput) {
items
pageInfo {
total
}
}
model(input: $modelInput) {
items
pageInfo {
total
}
}
manufacturer(input: $manufacturerInput) {
items
pageInfo {
total
}
}
}
}
}
Variables
{
"accountId": "1",
"categorySort": {"direction": "ASC"},
"typeInput": {"sort": {"direction": "ASC"}, "paging": {"limit": 100000}},
"modelInput": {"sort": {"direction": "ASC"}, "paging": {"limit": 100000}},
"osInput": {"sort": {"direction": "ASC"}, "paging": {"limit": 100000}},
"manufacturerInput": {
"sort": {"direction": "ASC"},
"paging": {"limit": 100000}
}
}
Response
{
"data": {
"devices": {
"attributesCatalog": {
"category": {
"items": ["IoT", "Mobile", "Networking", "OT", "PC", "Server"],
"pageInfo": {"total": 6}
},
"type": {
"items": [
"Desktop",
"Laptop",
"SD-WAN",
"Virtual Machine",
"Workstation"
],
"pageInfo": {"total": 5}
},
"os": {
"items": ["Linux", "Windows", "Windows Workstation", "macOS"],
"pageInfo": {"total": 4}
},
"model": {
"items": [
"",
"X1500",
"vSocket AWS",
"vSocket Azure",
"vSocket ESX",
"vSocket GCP"
],
"pageInfo": {"total": 6}
},
"manufacturer": {
"items": ["Apple", "Cato Networks", "Dell", "Microsoft", "VMware"],
"pageInfo": {"total": 5}
}
}
}
}
}
csvExport
Beta
Response
Returns an ExportJobResponse!
Arguments
| Name | Description |
|---|---|
input - DeviceCsvExportInput
|
Example
Query
query RequestExport($accountId: ID!) {
devices(accountId: $accountId) {
csvExport {
jobId
message
}
}
}
Variables
{"accountId": "11097"}
Response
{
"data": {
"devices": {
"csvExport": {
"jobId": "export-job-12345",
"message": "CSV export job started successfully"
}
}
}
}
csvExportStatus
Beta
Response
Returns an ExportStatusResponse!
Arguments
| Name | Description |
|---|---|
jobId - ID!
|
Example
Query
query GetExportStatus($accountId: ID!, $jobId: ID!) {
devices(accountId: $accountId) {
csvExportStatus(jobId: $jobId) {
jobId
status
progress
message
downloadUrl
expiresAt
}
}
}
Variables
{"accountId": "11097", "jobId": "62514d9c-de95-4e6b-a06d-36bca0f6f1e4"}
Response
{
"data": {
"devices": {
"csvExportStatus": {
"jobId": "62514d9c-de95-4e6b-a06d-36bca0f6f1e4",
"status": "COMPLETED",
"progress": 100,
"message": "Export completed successfully",
"downloadUrl": "https://api.example.com/downloads/devices-export-12345.csv",
"expiresAt": "2023-06-10T15:00:00Z"
}
}
}
}
list
Beta
Response
Returns a DevicesPayload
Arguments
| Name | Description |
|---|---|
input - DeviceV2Input
|
Example
Query
query DevicesTable(
$accountId: ID!
$filter: [DeviceV2FilterInput!]!
$sort: DeviceSortInput!
$paging: PagingInput!
) {
devices(accountId: $accountId) {
list(input: { filter: $filter, sort: $sort, paging: $paging }) {
device {
...DeviceInfo
__typename
}
paging {
total
__typename
}
__typename
}
__typename
}
}
fragment DeviceInfo on DeviceV2 {
id
category
lastSeen
firstSeen
name
ip
site {
id
name
__typename
}
os {
product
version
vendor
__typename
}
nic {
macAddress
__typename
}
hw {
type
manufacturer
model
__typename
}
networkInfo {
__typename
... on SiteNetworkSubnetRef {
name
__typename
}
... on GlobalRangeRef {
name
__typename
}
}
user {
name
__typename
}
__typename
}
Variables
{
"accountId": "000000",
"paging": {"from": 0, "limit": 25},
"filter": [
{
"lastSeen": [
{"between": ["2025-08-30T08:08:47.032Z", "2025-09-01T08:08:47.032Z"]}
]
}
],
"sort": {}
}
Response
{
"data": {
"devices": {
"__typename": "DevicesQueries",
"list": {
"device": [
{
"id": "dev000000000000000000001",
"category": "PC",
"lastSeen": "2025-09-01T07:53:32.000Z",
"firstSeen": "2025-08-05T08:15:53.000Z",
"name": "User-001-LM-IL",
"ip": "10.0.1.1",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:01:01",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000002",
"category": "PC",
"lastSeen": "2025-09-01T07:53:32.000Z",
"firstSeen": "2025-07-24T11:04:47.000Z",
"name": "User-002-LM-IL",
"ip": "10.0.1.2",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:01:02",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000003",
"category": "PC",
"lastSeen": "2025-09-01T07:53:29.000Z",
"firstSeen": "2025-07-23T14:00:46.000Z",
"name": "User-003-LM-IL",
"ip": "10.0.1.3",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:01:03",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000004",
"category": "PC",
"lastSeen": "2025-09-01T07:53:29.000Z",
"firstSeen": "2025-08-05T07:51:57.000Z",
"name": "User-004-LM-CZ",
"ip": "10.0.2.4",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:02:04",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000005",
"category": "PC",
"lastSeen": "2025-09-01T07:53:20.000Z",
"firstSeen": "2025-07-23T13:38:49.000Z",
"name": "User-005-LM-CZ",
"ip": "10.0.2.5",
"site": null,
"os": {
"product": "macOS",
"version": "15.6",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:02:05",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000006",
"category": "PC",
"lastSeen": "2025-09-01T07:52:39.000Z",
"firstSeen": "2025-07-23T13:59:36.000Z",
"name": "User-006-LM-IL",
"ip": "10.0.3.6",
"site": null,
"os": {
"product": "macOS",
"version": "14.7.7",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:03:06",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000007",
"category": "PC",
"lastSeen": "2025-09-01T07:52:39.000Z",
"firstSeen": "2025-08-18T14:43:09.000Z",
"name": "User-007-LM-IL",
"ip": "10.0.3.7",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:03:07",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000008",
"category": "PC",
"lastSeen": "2025-09-01T07:52:35.000Z",
"firstSeen": "2025-07-24T09:47:49.000Z",
"name": "User-008-LM-IL",
"ip": "10.0.3.8",
"site": null,
"os": {
"product": "macOS",
"version": "14.7.8",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:03:08",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000009",
"category": "PC",
"lastSeen": "2025-09-01T07:52:35.000Z",
"firstSeen": "2025-07-25T12:49:50.000Z",
"name": "User-009-LM-UA",
"ip": "10.0.3.9",
"site": null,
"os": {
"product": "macOS",
"version": "14.7.7",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:03:09",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000010",
"category": "PC",
"lastSeen": "2025-09-01T07:52:33.000Z",
"firstSeen": "2025-07-24T07:38:12.000Z",
"name": "User-010-LM-IL",
"ip": "10.0.4.10",
"site": null,
"os": {
"product": "macOS",
"version": "15.6",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:04:10",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000011",
"category": "PC",
"lastSeen": "2025-09-01T07:51:16.000Z",
"firstSeen": "2025-08-05T08:00:13.000Z",
"name": "User-011-LM-IL",
"ip": "10.0.4.11",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:04:11",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000012",
"category": "PC",
"lastSeen": "2025-09-01T07:51:16.000Z",
"firstSeen": "2025-07-25T05:56:36.000Z",
"name": "User-012-LM-JP",
"ip": "10.0.4.12",
"site": null,
"os": {
"product": "macOS",
"version": "14.7.8",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:04:12",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000013",
"category": "PC",
"lastSeen": "2025-09-01T07:50:42.000Z",
"firstSeen": "2025-07-24T08:00:31.000Z",
"name": "User-013-LM-IL",
"ip": "10.0.5.13",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:05:13",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000014",
"category": "PC",
"lastSeen": "2025-09-01T07:50:41.000Z",
"firstSeen": "2025-07-27T07:19:33.000Z",
"name": "User-014-LM-IL",
"ip": "10.0.5.14",
"site": null,
"os": {
"product": "macOS",
"version": "15.6",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:05:14",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000015",
"category": "PC",
"lastSeen": "2025-09-01T07:50:16.000Z",
"firstSeen": "2025-07-24T07:22:25.000Z",
"name": "User-015-LM-IL",
"ip": "10.0.5.15",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:05:15",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000016",
"category": "PC",
"lastSeen": "2025-09-01T07:50:06.000Z",
"firstSeen": "2025-07-24T11:22:08.000Z",
"name": "User-016-LM-IL",
"ip": "10.0.6.16",
"site": null,
"os": {
"product": "macOS",
"version": "14.7.8",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:06:16",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000017",
"category": "PC",
"lastSeen": "2025-09-01T07:49:52.000Z",
"firstSeen": "2025-07-24T07:38:40.000Z",
"name": "User-017-LM-IL",
"ip": "10.0.6.17",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:06:17",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000018",
"category": "PC",
"lastSeen": "2025-09-01T07:48:51.000Z",
"firstSeen": "2025-07-24T12:34:20.000Z",
"name": "User-018-LM-IL",
"ip": "10.0.6.18",
"site": null,
"os": {
"product": "macOS",
"version": "15.6",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:06:18",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000019",
"category": "PC",
"lastSeen": "2025-09-01T07:47:53.000Z",
"firstSeen": "2025-07-27T13:47:18.000Z",
"name": "User-019-LM-IL",
"ip": "10.0.7.19",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:07:19",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000020",
"category": "PC",
"lastSeen": "2025-09-01T07:47:48.000Z",
"firstSeen": "2025-07-24T07:35:50.000Z",
"name": "User-020-LM-IL",
"ip": "10.0.7.20",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:07:20",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000021",
"category": "PC",
"lastSeen": "2025-09-01T07:46:56.000Z",
"firstSeen": "2025-07-24T07:31:12.000Z",
"name": "User-021-LM-IL",
"ip": "10.0.7.21",
"site": null,
"os": {
"product": "macOS",
"version": "14.7.8",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:07:21",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000022",
"category": "PC",
"lastSeen": "2025-09-01T07:46:48.000Z",
"firstSeen": "2025-07-24T13:43:54.000Z",
"name": "User-022-LM-IL",
"ip": "10.0.8.22",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:08:22",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000023",
"category": "PC",
"lastSeen": "2025-09-01T07:46:45.000Z",
"firstSeen": "2025-07-27T12:57:17.000Z",
"name": "User-023-LM-IL",
"ip": "10.0.8.23",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:08:23",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000024",
"category": "PC",
"lastSeen": "2025-09-01T07:46:42.000Z",
"firstSeen": "2025-07-24T13:43:54.000Z",
"name": "User-024-LM-IL",
"ip": "10.0.8.24",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:08:24",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
},
{
"id": "dev000000000000000000025",
"category": "PC",
"lastSeen": "2025-09-01T07:46:42.000Z",
"firstSeen": "2025-07-23T14:55:25.000Z",
"name": "User-025-LM-IL",
"ip": "10.0.8.25",
"site": null,
"os": {
"product": "macOS",
"version": "15.6.1",
"vendor": null,
"__typename": "DeviceOs"
},
"nic": {
"macAddress": "XX:XX:XX:XX:08:25",
"__typename": "DeviceNic"
},
"hw": {
"type": "Laptop",
"manufacturer": "Apple",
"model": "MacBook Pro",
"__typename": "DeviceHw"
},
"networkInfo": null,
"user": null,
"__typename": "DeviceV2"
}
],
"paging": {"total": 529, "__typename": "PageInfo"},
"__typename": "DevicesPayload"
}
}
}
}
DynamicIpAllocationPolicyQueries
policy
Beta
Response
Returns a DynamicIpAllocationPolicy!
Arguments
| Name | Description |
|---|---|
input - DynamicIpAllocationPolicyInput
|
Example
Query
query DynamicIpAllocation($accountId: ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
policy {
enabled
rules {
properties
rule {
id
index
name
range {
globalIpRange{
id
name
}
}
}
}
sections {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {
"policy": {
"enabled": false,
"rules": [
{
"properties": [],
"rule": {
"id": "3c345055-4f14-48dc-ab8c-5b5db9d778fc",
"index": 1,
"name": "Rule2",
"range": {
"globalIpRange": {"id": "1927109", "name": "12.22.17.0/24"}
}
}
},
{
"properties": [],
"rule": {
"id": "eb2d4d79-0149-4839-a5c4-fc167211dbe6",
"index": 2,
"name": "Rule1",
"range": {
"globalIpRange": {"id": "1927108", "name": "12.22.16.0/24"}
}
}
},
{
"properties": [],
"rule": {
"id": "2c25bae8-f787-4098-b3c2-6057e5fe8537",
"index": 3,
"name": "Updated rule name",
"range": {
"globalIpRange": {"id": "1927110", "name": "12.22.18.0/24"}
}
}
}
],
"sections": [
{
"properties": [],
"section": {
"id": "54a367d6-75da-4399-bc03-65170ea97d3f",
"name": "Updated section new to the new name"
}
},
{
"properties": [],
"section": {
"id": "83e54a6a-9998-4fcf-b1a1-5313e52cc5f0",
"name": "New section2"
}
},
{
"properties": [],
"section": {
"id": "0495cf5e-1598-4f34-8c01-94970620c68f",
"name": "New section 2"
}
}
]
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query DynamicIpAllocation($accountId: ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {
"revisions": {"revision": [{"name": "Test Revision", "changes": 0}]}
}
}
}
}
EnterpriseDirectoryQueries
locationList
Beta
Description
Retrieve the account location items
Response
Returns an EnterpriseDirectoryLocationListPayload
Arguments
| Name | Description |
|---|---|
input - EnterpriseDirectoryLocationListInput
|
Example
Query
query getEDLocations($accountID:ID!, $input: EnterpriseDirectoryLocationListInput!) {
enterpriseDirectory(accountId:$accountID) {
locationList( input: $input ) {
items {
id
name
type
description
archived
account {
id
}
details{
companyName
postalAddress{
cityName
country {
name
id
}
street
stateName
zipCode
addressValidated
}
vatId
contact{
name
phone
email
}
}
}
pageInfo{
total
}
}
}
}
Variables
{
"accountID": "123456",
"input": {
"filter": {"countryCode": [{"in": ["FR"]}]},
"sort": {"name": {"direction": "ASC", "priority": 0}},
"paging": {"limit": 1, "from": 0}
}
}
Response
{
"data": {
"enterpriseDirectory": {
"locationList": {
"items": [
{
"id": "312be4ca-2b21-4144-99e4-8a0c43dd6cee",
"account": {"id": "123456", "name": ""},
"name": "test",
"type": "BRANCH",
"description": "test",
"archived": false,
"details": {
"companyName": "Angelina",
"postalAddress": {
"cityName": "Paris",
"street": "226 rue de rivoli",
"country": {"id": "fr", "name": "france"},
"stateName": "",
"zipCode": "75009",
"addressValidated": "VALID"
},
"vatId": "",
"contact": {
"name": "Angelina",
"phone": "55422348",
"email": "Angelina@gmail.com"
}
}
}
],
"pageInfo": {"total": 10}
}
}
}
}
ExternalAccessQueries
incomingAccessRequestList
Beta
Description
List account access requests for managed accounts.
Response
Returns an IncomingAccessRequestListPayload
Arguments
| Name | Description |
|---|---|
input - IncomingAccessRequestListInput
|
Example
Query
query incomingAccessRequestList($accountId: ID!, $input: IncomingAccessRequestListInput!) {
externalAccess(accountId: $accountId) {
incomingAccessRequestList(input: $input) {
items {
id
activeDate
expirationDate
note
partner {
id
name
}
reason
requestedDate
status
permissions {
permissions {
action
resource
}
}
isAppliedOnAllFullyManagedAccounts
}
paging {
total
}
}
}
}
Variables
{
"accountId": "123456",
"input": {
"paging": {"limit": 10, "from": 0},
"filter": {"status": {"eq": "PENDING"}},
"sort": {"requestedDate": {"direction": "DESC"}}
}
}
Response
{
"data": {
"externalAccess": {
"incomingAccessRequestList": {
"items": [
{
"id": "175519",
"activeDate": "2025-02-04T06:44:52.000Z",
"expirationDate": "2027-02-04T06:44:51.894Z",
"note": "",
"partner": {"id": "1", "name": "Cato"},
"reason": "",
"requestedDate": "2025-02-04T06:44:52.000Z",
"status": "ACTIVE",
"permissions": {
"permissions": [{"action": "EDIT", "resource": "NetworkRules"}]
},
"isAppliedOnAllFullyManagedAccounts": false
}
],
"paging": {"total": 1}
}
}
}
}
partnerAccessRequestList
Beta
Description
List account access requests for partners.
Response
Returns a PartnerAccessRequestListPayload
Arguments
| Name | Description |
|---|---|
input - PartnerAccessRequestListInput
|
Example
Query
query partnerAccessRequestList($accountId: ID!, $input: PartnerAccessRequestListInput!) {
externalAccess(accountId: $accountId) {
partnerAccessRequestList(input: $input) {
items {
id
partner {
id
name
}
requestedDate
expirationDate
status
reason
partnerNote
account {
id
name
}
admins {
id
name
}
roles {
id
name
}
activeDate
groups {
id
name
}
isAppliedOnAllFullyManagedAccounts
}
paging {
total
}
}
}
}
Variables
{
"accountId": "123456",
"input": {
"paging": {"limit": 10, "from": 0},
"filter": {"status": {"eq": "ACTIVE"}},
"sort": {"requestedDate": {"direction": "DESC"}}
}
}
Response
{
"data": {
"externalAccess": {
"partnerAccessRequestList": {
"items": [
{
"id": "67b4435d3810833e71967008",
"partner": {"id": "123456", "name": "PartnerLevel1"},
"requestedDate": "2025-02-18T08:22:51.222Z",
"expirationDate": "2125-02-18T08:22:51.216Z",
"status": "ACTIVE",
"reason": "Partner (Reseller) access",
"partnerNote": null,
"account": {"id": "225067", "name": "PartnerLevel3"},
"admins": [
{"id": "93593", "name": "a a"},
{"id": "94767", "name": "a b"}
],
"roles": [{"id": "24", "name": "Reseller Editor"}],
"activeDate": "2025-02-18T08:22:53.231Z",
"groups": [],
"isAppliedOnAllFullyManagedAccounts": false
}
],
"paging": {"total": 1}
}
}
}
}
GroupsQueries
group
Beta
Description
Get a specific group configuration. The group can be identified by ID or name.
Response
Returns a Group
Arguments
| Name | Description |
|---|---|
input - GroupRefInput!
|
Example
Query
query Group($accountId: ID!, $groupRefInput: GroupRefInput!, $groupMembersListInput: GroupMembersListInput!) {
groups(accountId: $accountId) {
group(input: $groupRefInput) {
id
name
description
membersCount
members(input: $groupMembersListInput) {
items {
id
name
type
}
paging {
total
}
}
membersCountPerType {
type
membersCount
}
}
}
}
Variables
{
"accountId": 12345,
"groupRefInput": {"by": "NAME", "input": "group-1"},
"groupMembersListInput": {"paging": {"limit": 10}}
}
Response
{
"data": {
"groups": {
"group": {
"id": "12345",
"name": "group-1",
"description": "group of sites and hosts",
"membersCount": 2,
"members": {
"items": [
{"id": "67890", "name": "site-1", "type": "SITE"},
{"id": "67891", "name": "host-1", "type": "HOST"}
],
"paging": {"total": 2}
},
"membersCountPerType": [
{"type": "HOST", "membersCount": 1},
{"type": "SITE", "membersCount": 1}
]
}
}
}
}
groupList
Beta
Description
Get a list of groups, with optional filters and sorting. This query only returns basic information for each group (e.g. name, ID). To view full configuration details, including members, use the group query for each result.
Response
Returns a GroupListPayload
Arguments
| Name | Description |
|---|---|
input - GroupListInput
|
Default |
Example
Query
query Group($accountId: ID!, $groupListInput: GroupListInput) {
groups(accountId: $accountId) {
groupList(input: $groupListInput) {
items {
id
name
description
membersCount
membersCountPerType {
type
membersCount
}
audit {
updatedTime
}
},
paging {
total
}
}
}
}
Variables
{
"accountId": 12345,
"groupListInput": {"sort": {"audit": {"updatedTime": {"direction": "DESC"}}}}
}
Response
{
"data": {
"groups": {
"items": [
{
"id": "12345",
"name": "group-1",
"description": "group of sites and hosts",
"membersCount": 2,
"membersCountPerType": [
{"type": "HOST", "membersCount": 1},
{"type": "SITE", "membersCount": 1}
],
"audit": {"updatedTime": "2023-10-01T12:00:00Z"}
}
],
"paging": {"total": 1}
}
}
}
whereUsed
Beta
Description
Check which policies use the group.
Response
Returns a GroupWhereUsedPayload
Arguments
| Name | Description |
|---|---|
input - GroupRefInput!
|
Example
Query
query GroupWhereUsed($accountID: ID!, $input: GroupRefInput!) {
groups(accountId: $accountID) {
whereUsed(input: $input) {
used
invalidMemberTypes {
type
scope {
type
field
}
}
}
}
}
Variables
{"accountID": "12345", "input": {"input": "ABC12345"}}
Response
{
"data": {
"groups": {
"whereUsed": {
"used": true,
"invalidMemberTypes": [],
"usage": [{"type": "internetFirewall", "field": ["source"]}]
}
}
}
}
HardwareManagementQueries
socketInventory
Beta
Description
Retrieve the account socket inventory
Response
Returns a SocketInventoryPayload!
Arguments
| Name | Description |
|---|---|
input - SocketInventoryInput
|
Example
Query
query socketInventory($accountId: ID!, $input: SocketInventoryInput!) {
hardwareManagement(accountId: $accountId) {
socketInventory(input: $input) {
items {
id
status
serialNumber
socketMac
socketVersion
site {
id
name
}
account {
id
name
}
shippingDate
socketType
trackingUrl
trackingNumber
shippingCompany
deliverySiteName
description
hardwareVersion
}
pageInfo {
total
}
}
}
}
Variables
{
"accountId": "123456",
"input": {
"paging": {"limit": 25, "from": 0},
"filter": {"freeText": {"search": "search"}},
"sort": {"deliverySiteName": {"direction": "ASC"}}
}
}
Response
{
"data": {
"hardwareManagement": {
"socketInventory": {
"items": [
{
"id": "111111",
"status": "DELIVERED",
"serialNumber": "987654321",
"socketMac": "00-B0-D0-63-C2-26",
"socketVersion": "13.0.11395",
"site": {"id": "010101", "name": "exampleSite"},
"account": {"id": "123456", "name": "exampleAccount"},
"shippingDate": "2024-05-22T08:36:58Z",
"socketType": "X1500",
"trackingUrl": "https://fedex.com/1111111",
"trackingNumber": "1111111",
"shippingCompany": "fedex",
"deliverySiteName": "exampleWarehouse",
"description": "example description",
"hardwareVersion": "X1500"
},
{
"id": "2222222",
"status": "SHIPPED",
"serialNumber": "123456789",
"socketMac": "00-B0-D0-63-C2-27",
"socketVersion": "13.0.11395",
"site": {"id": "0202", "name": "exampleSite2"},
"account": {"id": "123456", "name": "exampleAccount"},
"shippingDate": "2024-05-22T08:36:58Z",
"socketType": "X1700",
"trackingUrl": "https://ups.com/2222222",
"trackingNumber": "2222222",
"shippingCompany": "ups",
"deliverySiteName": "exampleWarehouse2",
"description": "example description 2",
"hardwareVersion": "X1500"
}
],
"pageInfo": {"total": 2}
}
}
}
}
Description
Retrieve socket inventory distribution grouped by type and hardware version
Response
Returns a SocketInventoryDistributionPayload!
Arguments
| Name | Description |
|---|---|
input - SocketInventoryDistributionInput
|
Example
Query
query socketInventoryDistribution($accountId: ID!, $input: SocketInventoryDistributionInput) {
hardwareManagement(accountId: $accountId) {
socketInventoryDistribution(input: $input) {
items {
socketType
hardwareVersion
count
}
}
}
}
Variables
{
"accountId": "123456",
"input": {
"filter": {
"orderType": ["REFRESH"],
"status": ["ORDERED"],
"freeText": {"search": "x1700"}
}
}
}
Response
{
"data": {
"hardwareManagement": {
"socketInventoryDistribution": {
"items": [
{"socketType": "X1700", "hardwareVersion": "X1700B", "count": 12},
{"socketType": "X1500", "hardwareVersion": null, "count": 5}
]
}
}
}
}
HardwareQueries
countHardwareByStatus
Beta
Description
Count of hardware items by shipping status
Response
Returns a StatusCount
Example
Query
query hardware($accountID:ID!) {
hardware(accountId:$accountID) {
countHardwareByStatus{
PENDING_INFO
CONFIRM_SHIPPING
IN_TRANSIT
DELIVERED
}
}
}
Variables
{"accountID": "26361"}
Response
{
"data": {
"hardware": {
"__typename": "HardwareQueries",
"countHardwareByStatus": {
"PENDING_INFO": 205,
"CONFIRM_SHIPPING": 5,
"IN_TRANSIT": 0,
"DELIVERED": 43,
"__typename": "StatusCount"
}
}
}
}
hardware
Beta
Description
Retrieve the account hardware items
Response
Returns a HardwarePayload
Arguments
| Name | Description |
|---|---|
input - HardwareSearchInput
|
Example
Query
query hardware($accountID:ID!, $input: HardwareSearchInput!) {
hardware(accountId:$accountID) {
hardware( input: $input ) {
items {
id
account {
id
}
shippingDetail{
cityName
countryName
street
powerCable
zipCode
}
validation{
addressValidationStatus
}
}
pageInfo{
total
}
}
}
}
Variables
{
"accountID": "26361",
"input": {
"filter": {"countryName": [{"in": ["France"]}], "product": []},
"sort": {"licenseStartDate": {"direction": "ASC", "priority": 0}}
}
}
Response
{
"data": {
"hardware": {
"hardware": {
"items": [
{
"id": "4179d060-ea44-4c9d-a175-958c2b19d971",
"account": {
"id": "10036494",
"name": "",
"__typename": "AccountRef"
},
"siteCountryName": "Netherlands",
"siteSFId": "a4O08000002SvzB",
"sfId": "a1a0800000z14aQAAQ",
"licenseId": "LIC-BW-7717-000021",
"quoteId": "quote1",
"licenseStartDate": "2023-08-01",
"productType": "Socket",
"serialNumber": "2305100839",
"model": "Cato Socket X1500 (HA)",
"lastModified": "2024-11-21T10:37:21.647Z",
"shippingTracking": {
"trackingNumber": "GE958808541NL",
"trackingUrl": "<a href=\"https://www.tnt.com/express/en_nl/site/shipping-tools/tracking.html?searchType=con&cons=GE958808541NL\" target=\"_blank\">Track HW-045393</a>",
"shippingStatus": "PENDING_INFO",
"shippingDate": "2023-08-10",
"__typename": "ShippingTracking"
},
"shippingDetail": {
"companyName": "",
"street": "",
"cityName": "",
"countryName": "",
"stateName": "",
"zipCode": "",
"incoterms": "",
"instruction": "",
"vatId": "",
"contact": {
"name": "",
"phone": "",
"email": "",
"__typename": "ContactDetails"
},
"comment": "",
"powerCable": "C14",
"__typename": "ShippingDetails"
},
"validation": {
"completed": false,
"incompleteReason": "Missing company name",
"addressValidationStatus": "NA",
"__typename": "HardwareValidation"
},
"__typename": "Hardware"
},
{
"id": "775c6827-b3c1-4921-880b-7c59ed6e0154",
"account": {
"id": "10036494",
"name": "",
"__typename": "AccountRef"
},
"siteCountryName": "Belgium",
"siteSFId": "a4O08000002Svzq",
"sfId": "a1a0800000z14ajAAA",
"licenseId": "LIC-BW-7717-000001",
"quoteId": "quote1",
"licenseStartDate": "2023-11-01",
"productType": "Socket",
"serialNumber": "2324100210",
"model": "Cato Socket X1700 (Main)",
"lastModified": "2024-11-21T10:37:21.750Z",
"shippingTracking": {
"trackingNumber": "10273779",
"trackingUrl": "",
"shippingStatus": "PENDING_INFO",
"shippingDate": "2023-10-31",
"__typename": "ShippingTracking"
},
"shippingDetail": {
"companyName": "",
"street": "",
"cityName": "",
"countryName": "",
"stateName": "",
"zipCode": "",
"incoterms": "",
"instruction": "",
"vatId": "",
"contact": {
"name": "",
"phone": "",
"email": "",
"__typename": "ContactDetails"
},
"comment": "",
"powerCable": "C14",
"__typename": "ShippingDetails"
},
"validation": {
"completed": false,
"incompleteReason": "Missing company name",
"addressValidationStatus": "NA",
"__typename": "HardwareValidation"
},
"__typename": "Hardware"
}
],
"pageInfo": {"total": 10}
}
}
}
}
InternetFirewallPolicyQueries
policy
Beta
Response
Returns an InternetFirewallPolicy!
Arguments
| Name | Description |
|---|---|
input - InternetFirewallPolicyInput
|
Example
Query
query InternetFirewall($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
policy {
enabled
rules {
properties
rule {
id
index
name
}
}
sections {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {
"policy": {
"enabled": false,
"rules": [
{
"properties": ["SYSTEM"],
"rule": {
"id": "f99c880a-7474-42a7-9da1-828c2d93abe6",
"index": 1,
"name": "Block any P2P"
}
},
{
"properties": [],
"rule": {
"id": "8df22e9d-c5c2-417e-a282-7c9908bfc1f4",
"index": 2,
"name": "Default Block Tor, SMB, SMTP"
}
},
{
"properties": [],
"rule": {
"id": "d42482ef-cbf2-494d-9343-5dc6ca30f815",
"index": 3,
"name": "Default Block for Categories"
}
},
{
"properties": [],
"rule": {
"id": "5d04747f-b31f-4d7c-8c02-831f07df80b8",
"index": 4,
"name": "Default prompt for Categories"
}
}
],
"sections": [
{
"properties": [],
"section": {
"id": "9ab458a3-a263-4ef7-ad6a-86de3cee7822",
"name": "Updated section name"
}
}
]
}
}
}
}
}
policyList
Beta
Description
Provides a list of all policies of Internet Firewall with filtering, pagination and sorting capabilities
Response
Returns an InternetFirewallPolicyListPayload!
Arguments
| Name | Description |
|---|---|
input - InternetFirewallPolicyListInput!
|
Default |
Example
Query
query internetFirewallPolicyByIds($accountId: ID!, $limit: Int!, $filter: InternetFirewallPolicyListFilterInput) {
policy(accountId: $accountId) {
internetFirewall {
policyList(input: {paging: {limit: $limit}, filter: $filter}) {
items {
id
name
description
enabled
policyLevel
}
paging {
total
}
}
}
}
}
Variables
{
"accountId": 12345,
"limit": 1,
"filter": {"id": {"in": ["f07a3670-88ed-48e6-8a31-6f9047e9f584"]}}
}
Response
{
"data": {
"policy": {
"internetFirewall": {
"policyList": {
"items": [
{
"id": "f07a3670-88ed-48e6-8a31-6f9047e9f584",
"name": "Main",
"description": "",
"enabled": true,
"policyLevel": "MAIN"
}
],
"paging": {"total": 1}
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query InternetFirewall($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {
"revisions": {"revision": [{"name": "Test Revision", "changes": 0}]}
}
}
}
}
LicensingQueries
licensingInfo
Beta
Description
BETA
Response
Returns a LicensingInfo
Example
Query
query licensingInfo($accountId: ID!) {
licensing(accountId: $accountId) {
licensingInfo {
atp {
sku
}
dem {
sku
total
__typename
}
casb {
sku
plan
status
expirationDate
__typename
}
dataLake {
sku
total
dpaVersion
__typename
}
pooledBandwidth {
sku
plan
status
expirationDate
startDate
total
siteLicenseGroup
siteLicenseType
allocatedBandwidth
sites {
site {
id
name
}
allocatedBandwidth
}
__typename
}
site {
sku
plan
status
expirationDate
startDate
total
siteLicenseGroup
siteLicenseType
site {
id
name
}
__typename
}
globalLicenseAllocations {
publicIps {
total
allocated
available
__typename
}
ztnaUsers {
total
allocated
available
__typename
}
}
}
}
}
Variables
{"accountId": "123"}
Response
{
"data": {
"licensing": {
"licensingInfo": {
"atp": [],
"dem": [{"sku": "CATO_DEM", "total": 10, "__typename": "DemLicense"}],
"casb": [
{
"sku": "CATO_CASB",
"plan": "COMMERCIAL",
"status": "ACTIVE",
"expirationDate": "2026-02-02T00:00:00.000Z",
"__typename": "CasbLicense"
}
],
"dataLake": [
{
"sku": "CATO_DATALAKE_3M",
"total": 1,
"dpaVersion": "DPA_2023_01",
"__typename": "DataLakeLicense"
}
],
"pooledBandwidth": [
{
"sku": "CATO_PB",
"plan": "COMMERCIAL",
"status": "ACTIVE",
"expirationDate": "2024-07-04T00:00:00.000Z",
"startDate": "2024-03-31T00:00:00.000Z",
"total": 250,
"siteLicenseGroup": "GROUP_2",
"siteLicenseType": "SASE",
"allocatedBandwidth": 50,
"sites": [
{
"site": {"id": "456", "name": "Tokyo"},
"allocatedBandwidth": 20
},
{
"site": {"id": "789", "name": "Sydney"},
"allocatedBandwidth": 30
}
],
"__typename": "PooledBandwidthLicense"
}
],
"site": [
{
"sku": "CATO_SITE",
"plan": "COMMERCIAL",
"status": "ACTIVE",
"expirationDate": "2025-04-30T00:00:00.000Z",
"startDate": "2024-04-24T21:00:00.000Z",
"total": 100,
"siteLicenseGroup": "GROUP_1",
"siteLicenseType": "SASE",
"site": {"id": "123", "name": "London"},
"__typename": "SiteLicense"
}
],
"globalLicenseAllocations": {
"publicIps": {
"total": 3,
"allocated": 0,
"available": 3,
"__typename": "PublicIpsLicenseAllocations"
},
"ztnaUsers": {
"total": 65,
"allocated": 5,
"available": 60,
"__typename": "ZtnaUsersLicenseAllocations"
}
}
}
}
}
}
NotificationSubscriptionQueries
mailingList
Description
Retrieves details of a specific Mailing List
Response
Returns a MailingList
Arguments
| Name | Description |
|---|---|
input - MailingListRefInput!
|
Example
Query
query NotificationMailingList($accountId: ID!) {
notification(accountId: $accountId) {
mailingList(input: {
by: ID
input: "example-id"
}) {
id
name
type
address
admin {
id
}
audit {
updatedTime
updatedBy {
name
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"mailingList": {
"id": "example-id",
"name": "Security Team",
"type": "SPECIFIC_EMAILS",
"address": ["security-lead@example.com", "soc-analyst@example.com"],
"admin": [{"id": "example-id"}],
"audit": {
"updatedBy": {"__typename": "AdminRef", "name": "admin@example.com"},
"updatedTime": "2025-01-15T10:30:00Z"
}
}
}
}
}
mailingListList
Description
Retrieves all Mailing Lists available in the account.
Response
Returns a MailingListListPayload!
Example
Query
query NotificationMailingListList($accountId: ID!) {
notification(accountId: $accountId) {
mailingListList {
items {
id
name
type
address
admin {
id
}
audit {
updatedTime
updatedBy {
name
}
}
}
paging {
total
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"mailingListList": {
"items": [
{
"id": "example-id",
"name": "Security Team",
"type": "SPECIFIC_EMAILS",
"address": ["security-lead@example.com", "soc-analyst@example.com"],
"admin": [{"id": "example-id"}],
"audit": {
"updatedBy": {
"__typename": "AdminRef",
"name": "admin@example.com"
},
"updatedTime": "2025-01-15T10:30:00Z"
}
},
{
"id": "example-id",
"name": "Network Operations",
"type": "SPECIFIC_EMAILS",
"address": ["noc@example.com"],
"admin": [],
"audit": {
"updatedBy": {
"__typename": "AdminRef",
"name": "admin@example.com"
},
"updatedTime": "2025-03-10T08:00:00Z"
}
}
],
"paging": {"total": 2}
}
}
}
}
subscriptionGroup
Description
Retrieves details of a specific Subscription Group for the account. Subscription Groups combine Mailing Lists and integrations (including webhooks) for sending notifications.
Response
Returns a SubscriptionGroup
Arguments
| Name | Description |
|---|---|
input - SubscriptionGroupRefInput!
|
Example
Query
query NotificationSubscriptionGroup($accountId: ID!) {
notification(accountId: $accountId) {
subscriptionGroup(input: {
by: ID
input: "example-id"
}) {
id
name
mailingList {
id
name
type
address
}
integration {
webhookList {
id
name
enabled
url
requestMethod
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"subscriptionGroup": {
"id": "example-id",
"name": "Critical Alerts",
"mailingList": [
{
"id": "example-id",
"name": "Security Team",
"type": "SPECIFIC_EMAILS",
"address": ["security-lead@example.com", "soc-analyst@example.com"]
}
],
"integration": {
"webhookList": [
{
"id": "example-id",
"name": "Slack Security Channel",
"enabled": true,
"url": "https://hooks.slack.com/services/example",
"requestMethod": "POST"
}
]
}
}
}
}
}
subscriptionGroupList
Description
Retrieves list of Subscription Groups for the account. Subscription Groups combine Mailing Lists and integrations (including webhooks) for sending notifications
Response
Returns a SubscriptionGroupListPayload!
Example
Query
query NotificationSubscriptionGroupList($accountId: ID!) {
notification(accountId: $accountId) {
subscriptionGroupList {
items {
id
name
mailingList {
id
name
}
integration {
webhookList {
id
name
enabled
url
}
}
}
paging {
total
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"subscriptionGroupList": {
"items": [
{
"id": "example-id",
"name": "Critical Alerts",
"mailingList": [{"id": "example-id", "name": "Security Team"}],
"integration": {
"webhookList": [
{
"id": "example-id",
"name": "Slack Security Channel",
"enabled": true,
"url": "https://hooks.slack.com/services/example"
}
]
}
},
{
"id": "example-id",
"name": "Network Notifications",
"mailingList": [{"id": "example-id", "name": "Network Operations"}],
"integration": {"webhookList": []}
}
],
"paging": {"total": 2}
}
}
}
}
IntegrationQueries
referenceBodyTemplate
Description
Retrieves specific webhook reference body template.
Response
Returns a WebhookReferenceBodyTemplate
Arguments
| Name | Description |
|---|---|
input - WebhookTemplateRefInput!
|
Example
Query
query NotificationReferenceBodyTemplate($accountId: ID!) {
notification(accountId: $accountId) {
integration {
referenceBodyTemplate(input: {
by: NAME
input: "ServiceNow - Create Incident"
}) {
id
name
bodyTemplate
url
requestMethod
header {
name
value
}
responseMapping {
key
value
}
webhookRelationType
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"integration": {
"referenceBodyTemplate": {
"id": "example-id",
"name": "ServiceNow - Create Incident",
"bodyTemplate": "{\"short_description\": \"$alertTypeName\", \"description\": \"$alertMessage\", \"urgency\": \"1\"}",
"url": "https://instance.service-now.com/api/now/table/incident",
"requestMethod": "POST",
"header": [{"name": "Content-Type", "value": "application/json"}],
"responseMapping": [
{"key": "correlationId", "value": "result.sys_id"}
],
"webhookRelationType": "CREATE"
}
}
}
}
}
referenceBodyTemplateList
Description
Retrieves all available webhook reference body templates.
Response
Returns a WebhookReferenceBodyTemplateListPayload!
Example
Query
query NotificationReferenceBodyTemplateList($accountId: ID!) {
notification(accountId: $accountId) {
integration {
referenceBodyTemplateList {
items {
id
name
bodyTemplate
url
requestMethod
header {
name
value
}
responseMapping {
key
value
}
webhookRelationType
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"integration": {
"referenceBodyTemplateList": {
"items": [
{
"id": "example-id",
"name": "ServiceNow - Create Incident",
"bodyTemplate": "{\"short_description\": \"$alertTypeName\", \"description\": \"$alertMessage\", \"urgency\": \"1\"}",
"url": "https://instance.service-now.com/api/now/table/incident",
"requestMethod": "POST",
"header": [{"name": "Content-Type", "value": "application/json"}],
"responseMapping": [
{"key": "correlationId", "value": "result.sys_id"}
],
"webhookRelationType": "CREATE"
},
{
"id": "example-id",
"name": "Slack - Post Message",
"bodyTemplate": "{\"text\": \"$alertTypeName: $alertMessage\"}",
"url": "https://hooks.slack.com/services/your/webhook/url",
"requestMethod": "POST",
"header": [],
"responseMapping": [],
"webhookRelationType": null
}
]
}
}
}
}
}
webhook
Description
Retrieves details of the specified webhook.
Response
Returns a Webhook
Arguments
| Name | Description |
|---|---|
input - WebhookIntegrationRefInput!
|
Example
Query
query NotificationWebhook($accountId: ID!) {
notification(accountId: $accountId) {
integration {
webhook(input: {
by: ID
input: "example-id"
}) {
id
name
enabled
url
requestMethod
header {
name
value
}
body
responseMapping {
key
value
}
relatedWebhookId
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"integration": {
"webhook": {
"id": "example-id",
"name": "Slack Security Channel",
"enabled": true,
"url": "https://hooks.slack.com/services/example",
"requestMethod": "POST",
"header": [{"name": "Content-Type", "value": "application/json"}],
"body": "{\"text\": \"$alertTypeName - $alertMessage\"}",
"responseMapping": [],
"relatedWebhookId": null
}
}
}
}
}
webhookFields
Description
Retrieves all available webhook integration available custom fields
Response
Returns a WebhookFieldsPayload
Example
Query
query NotificationWebhookFields($accountId: ID!) {
notification(accountId: $accountId) {
integration {
webhookFields {
bodyFields
urlFields
headerFields
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"integration": {
"webhookFields": {
"bodyFields": [
"$accountId",
"$accountName",
"$alertTypeName",
"$alertMessage",
"$alertTime",
"$alertSeverity",
"$correlationId"
],
"urlFields": ["$accountId", "$correlationId"],
"headerFields": ["$accountId", "$correlationId"]
}
}
}
}
}
webhookList
Description
Retrieves all webhooks configured on the account.
Response
Returns a WebhookListPayload!
Example
Query
query NotificationWebhookList($accountId: ID!) {
notification(accountId: $accountId) {
integration {
webhookList {
items {
id
name
enabled
url
requestMethod
header {
name
value
}
body
responseMapping {
key
value
}
relatedWebhookId
}
paging {
total
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"integration": {
"webhookList": {
"items": [
{
"id": "example-id",
"name": "Slack Security Channel",
"enabled": true,
"url": "https://hooks.slack.com/services/example",
"requestMethod": "POST",
"header": [{"name": "Content-Type", "value": "application/json"}],
"body": "{\"text\": \"$alertTypeName - $alertMessage\"}",
"responseMapping": [],
"relatedWebhookId": null
},
{
"id": "example-id",
"name": "ServiceNow Create Incident",
"enabled": true,
"url": "https://instance.service-now.com/api/now/table/incident",
"requestMethod": "POST",
"header": [],
"body": "{\"short_description\": \"$alertTypeName\", \"description\": \"$alertMessage\"}",
"responseMapping": [
{"key": "correlationId", "value": "result.sys_id"}
],
"relatedWebhookId": null
}
],
"paging": {"total": 2}
}
}
}
}
}
PopLocationQueries
allocatedIpList
Beta
Description
Returns a paginated list of allocated IP addresses for PoP locations, with optional filters.
Response
Returns a PopLocationAllocatedIpPayload
Arguments
| Name | Description |
|---|---|
input - PopLocationAllocatedIpInput
|
Example
Query
query allocatedIpList($accountId: ID!, $input: PopLocationAllocatedIpInput) {
popLocations(accountId: $accountId) {
allocatedIpList(input: $input) {
allocatedIp {
id
ip
description
allocationType
popLocation {
id
name
}
}
paging {
total
}
}
}
}
Variables
{"accountId": "123", "input": {"filter": {"allocationType": {"eq": "SYSTEM"}}}}
Response
{
"data": {
"popLocations": {
"allocatedIpList": {
"allocatedIp": [
{
"id": "1234",
"ip": "203.0.113.10",
"description": "primary London address",
"allocationType": "SYSTEM",
"popLocation": {"id": "456", "name": "London-1"}
},
{
"id": "allocated-ip-2",
"ip": "203.0.113.11",
"description": "Secondary London address",
"allocationType": "SYSTEM",
"popLocation": {"id": "456", "name": "London-1"}
}
],
"paging": {"total": 2}
}
}
}
}
popLocationList
Beta
Response
Returns a PopLocationPayload
Arguments
| Name | Description |
|---|---|
input - PopLocationFilterInput
|
Example
Query
query popLocationList($accountId: ID!, $input: PopLocationFilterInput) {
popLocations(accountId: $accountId) {
popLocationList(input: $input) {
items {
id
name
displayName
country {
id
name
}
isPrivate
cloudInterconnect {
taggingMethod
providerName
}
}
}
}
}
Variables
{
"accountId": "123",
"input": {"isPrivate": {"eq": false}, "primary": {"eq": true}}
}
Response
{
"data": {
"popLocations": {
"popLocationList": {
"items": [
{
"id": "456",
"name": "London-1",
"displayName": "London Primary",
"country": {"id": "GB", "name": "United Kingdom"},
"isPrivate": false,
"cloudInterconnect": [
{"taggingMethod": "DOT1Q", "providerName": "Equinix"},
{"taggingMethod": "QINQ", "providerName": "Equinix"}
]
},
{
"id": "lon2",
"name": "London-2",
"displayName": "London Secondary",
"country": {"id": "gb", "name": "United Kingdom"},
"isPrivate": false,
"cloudInterconnect": [
{"taggingMethod": "DOT1Q", "providerName": "Equinix"}
]
}
]
}
}
}
}
PrivateAccessPolicyQueries
policy
Beta
Response
Returns a PrivateAccessPolicy!
Arguments
| Name | Description |
|---|---|
input - PrivateAccessPolicyInput
|
Example
Query
query PrivateAccessPolicy($accountId: ID!) {
policy(accountId: $accountId) {
privateAccess {
policy {
enabled
rules {
properties
rule {
id
index
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"privateAccess": {
"policy": {
"enabled": true,
"rules": [
{
"properties": [],
"rule": {
"id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"index": 1,
"name": "Allow HR to Internal Portal"
}
}
]
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query PrivateAccessPolicy($accountId: ID!) {
policy(accountId: $accountId) {
privateAccess {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"privateAccess": {
"revisions": {"revision": [{"name": "Test Revision", "changes": 0}]}
}
}
}
}
RemotePortFwdPolicyQueries
policy
Beta
Response
Returns a RemotePortFwdPolicy!
Arguments
| Name | Description |
|---|---|
input - RemotePortFwdPolicyInput
|
Example
Query
query RemotePortFwdPolicy($accountId: ID!) {
policy(accountId: $accountId) {
remotePortFwd {
policy {
enabled
rules {
rule {
id
name
index
enabled
section {
id
name
}
description
forwardIcmp
externalIp {
id
name
}
externalPortRange {
from
to
}
internalIp
internalPortRange {
from
to
}
remoteIPs {
ip
ipRange {
from
to
}
subnet
globalIpRange {
id
name
}
}
restrictionType
}
}
sections {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"remotePortFwd": {
"policy": {
"enabled": false,
"rules": [
{
"rule": {
"id": "4b80b0ac-94ea-45b8-9ae0-20d6104607ce",
"name": "new rule",
"index": 1,
"enabled": true,
"section": {
"id": "d11f742a-7b5b-4483-8b1f-71035de5406f",
"name": "My Section"
},
"description": "",
"forwardIcmp": false,
"externalIp": {
"id": "26",
"name": "site_test_4 - 192.168.1.16"
},
"externalPortRange": {"from": 75, "to": 75},
"internalIp": "222.222.22.22",
"internalPortRange": {"from": 75, "to": 75},
"remoteIPs": {
"ip": ["192.168.1.1"],
"ipRange": [],
"subnet": [],
"globalIpRange": []
},
"restrictionType": "ALLOW_LIST"
}
}
],
"sections": [
{
"section": {
"id": "d11f742a-7b5b-4483-8b1f-71035de5406f",
"name": "My Section"
}
}
]
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query RemotePortFwd($accountId: ID!) {
policy(accountId: $accountId) {
remotePortFwd {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"remotePortFwd": {
"revisions": {
"revision": [
{"name": "Test Revision", "changes": 0},
{"name": "Test Revision", "changes": 0},
{"name": "Test Revision", "changes": 0}
]
}
}
}
}
}
SandboxQueries
Description
Get a list of sandbox reports
Response
Returns a SandboxReportsPayload!
Arguments
| Name | Description |
|---|---|
input - SandboxReportsInput!
|
Example
Query
query Sandbox($accountId: ID!, $input: SandboxReportsInput!) {
sandbox(accountId: $accountId) {
reports(input: $input) {
report {
fileName
fileHash
status
verdict
downloadUrl
creationDate
expirationDate
}
pageInfo {
total
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"filter": {"fileName": {"in": "eicar.zip"}},
"sort": {"reportCreateDate": {"direction": "DESC"}},
"paging": {"limit": 20, "from": 0}
}
}
Response
{
"data": {
"sandbox": {
"reports": {
"report": [
{
"fileName": "eicar.zip",
"fileHash": "FILE_HASH",
"status": "READY",
"verdict": "MALICIOUS",
"downloadUrl": "DOWNLOAD_URL",
"creationDate": "2025-01-12T12:41:30.241Z",
"expirationDate": "2025-02-11T12:42:20.132Z"
}
],
"pageInfo": {"total": 1}
}
}
}
}
SiteQueries
Description
Retrieves available socket versions for the specified platforms.
Response
Returns an AvailableVersionListPayload
Arguments
| Name | Description |
|---|---|
input - AvailableVersionListInput!
|
Example
Query
query site($accountId: ID!, $input: AvailableVersionListInput!) {
site(accountId: $accountId) {
availableVersionList(input: $input) {
items {
platform
versions
}
}
}
}
Variables
{"accountId": 123, "input": {"platforms": ["X1500", "X1500_BR2", "AZ1500"]}}
Response
{
"data": {
"site": {
"availableVersionList": {
"items": [
{"platform": "X1500", "versions": []},
{"platform": "AZ1500", "versions": ["23.0.19481", "22.0.19284"]},
{
"platform": "X1500_BR2",
"versions": ["23.0.19481", "19.0.33354", "16.0.15740", "15.0.15144"]
}
]
}
}
}
}
bgpPeer
Beta
Description
Retrieves details of a specific BGP peer by reference.
Response
Returns a BgpPeer
Arguments
| Name | Description |
|---|---|
input - BgpPeerRefInput!
|
Example
Query
query bgpPeer($accountId: ID!, $input: BgpPeerRefInput!) {
site(accountId: $accountId) {
bgpPeer(input: $input) {
site{
id
name
}
id
name
peerAsn
catoAsn
peerIp
catoIp
advertiseDefaultRoute
advertiseAllRoutes
advertiseSummaryRoutes
summaryRoute{
id
route
community{
from
to
}
}
defaultAction
performNat
md5AuthKey
metric
holdTime
keepaliveInterval
bfdEnabled
bfdSettings {
transmitInterval
receiveInterval
multiplier
}
tracking{
id
enabled
alertFrequency
subscriptionId
}
}
}
}
Variables
{"accountId": 123, "input": {"input": "example peer", "by": "NAME"}}
Response
{
"data": {
"site": {
"bgpPeer": {
"site": {"id": "456", "name": "test-accept"},
"id": "13373",
"name": "example peer",
"peerAsn": 1,
"catoAsn": 8,
"peerIp": "185.0.0.69",
"catoIp": "185.0.0.1",
"advertiseDefaultRoute": true,
"advertiseAllRoutes": false,
"advertiseSummaryRoutes": false,
"summaryRoute": [
{
"id": "3833",
"route": "1.6.5.0/25",
"community": [{"from": 1, "to": 2}, {"from": 1, "to": 3}]
}
],
"defaultAction": "ACCEPT",
"performNat": false,
"md5AuthKey": "2313123",
"metric": 100,
"holdTime": 60,
"keepaliveInterval": 20,
"bfdEnabled": false,
"bfdSettings": {
"transmitInterval": 1000,
"receiveInterval": 1000,
"multiplier": 5
},
"tracking": {
"id": "1692",
"enabled": true,
"alertFrequency": "DAILY",
"subscriptionId": "-100"
}
}
}
}
}
bgpPeerList
Beta
Description
Retrieves a list of all BGP peers associated with the specified site.
Response
Returns a BgpPeerListPayload
Arguments
| Name | Description |
|---|---|
input - BgpPeerListInput!
|
Example
Query
query bgpPeerList($accountId: ID!, $input: BgpPeerListInput!) {
site(accountId: $accountId) {
bgpPeerList(input: $input){
total
bgpPeer{
site{
id
name
}
id
name
peerAsn
catoAsn
peerIp
catoIp
advertiseDefaultRoute
advertiseAllRoutes
advertiseSummaryRoutes
summaryRoute{
id
route
community{
from
to
}
}
defaultAction
performNat
md5AuthKey
metric
holdTime
keepaliveInterval
bfdEnabled
bfdSettings {
transmitInterval
receiveInterval
multiplier
}
tracking{
id
enabled
alertFrequency
subscriptionId
}
}
}
}
}
Variables
{"accountId": 123, "input": {"site": {"by": "ID", "input": "456"}}}
Response
{
"data": {
"site": {
"bgpPeerList": {
"total": 1,
"bgpPeer": [
{
"site": {"id": "456", "name": "test-accept"},
"id": "13373",
"name": "example peer",
"peerAsn": 1,
"catoAsn": 8,
"peerIp": "185.0.0.69",
"catoIp": "185.0.0.1",
"advertiseDefaultRoute": true,
"advertiseAllRoutes": false,
"advertiseSummaryRoutes": false,
"summaryRoute": [
{
"id": "3833",
"route": "1.6.5.0/25",
"community": [{"from": 1, "to": 2}, {"from": 1, "to": 3}]
}
],
"defaultAction": "ACCEPT",
"performNat": false,
"md5AuthKey": "2313123",
"metric": 100,
"holdTime": 60,
"keepaliveInterval": 20,
"bfdEnabled": false,
"bfdSettings": {
"transmitInterval": 1000,
"receiveInterval": 1000,
"multiplier": 5
},
"tracking": {
"id": "1692",
"enabled": true,
"alertFrequency": "DAILY",
"subscriptionId": "-100"
}
}
]
}
}
}
}
cloudInterconnectConnectionConnectivity
Beta
Description
Check the L2 connectivity status of a cloud interconnect connection using ICMP.
Response
Returns a CloudInterconnectConnectionConnectivity
Arguments
| Name | Description |
|---|---|
input - CloudInterconnectConnectionConnectivityInput!
|
Example
Query
query cloudInterconnectConnectionConnectivity($accountId: ID!, $input: CloudInterconnectConnectionConnectivityInput!) {
site(accountId : $accountId){
cloudInterconnectConnectionConnectivity(input: $input) {
success
}
}
}
Variables
{"accountId": 128782, "input": {"id": "MzY2MzM0LVBSSU1BUlk="}}
Response
{
"data": {
"site": {"cloudInterconnectConnectionConnectivity": {"success": false}}
}
}
cloudInterconnectPhysicalConnection
Beta
Description
Get details of a physical connection at a cloud interconnect site.
Response
Returns a CloudInterconnectPhysicalConnection
Arguments
| Name | Description |
|---|---|
input - CloudInterconnectPhysicalConnectionInput!
|
Example
Query
query cloudInterconnectPhysicalConnection($accountId: ID!, $input: CloudInterconnectPhysicalConnectionInput!) {
site(accountId : $accountId){
cloudInterconnectPhysicalConnection(input: $input) {
site{
id
name
}
haRole
encapsulationMethod
subnet
privateCatoIp
privateSiteIp
upstreamBwLimit
downstreamBwLimit
popLocation{
id,
name
}
vlan
sVlan
cVlan
}
}
}
Variables
{"accountId": 128782, "input": {"id": "NDAwOTU3LVBSSU1BUlk="}}
Response
{
"data": {
"site": {
"cloudInterconnectPhysicalConnection": {
"site": {"id": "400957", "name": "cloud_interconnect_test_site"},
"haRole": "PRIMARY",
"encapsulationMethod": "DOT1Q",
"subnet": "200.0.2.0/24",
"privateCatoIp": "200.0.2.19",
"privateSiteIp": "200.0.2.20",
"upstreamBwLimit": 100,
"downstreamBwLimit": 100,
"popLocation": {
"id": "10000",
"name": "Exalt Socket Upgrade Simulator for TestCC2"
},
"vlan": 2713,
"sVlan": 0,
"cVlan": 0
}
}
}
}
cloudInterconnectPhysicalConnectionId
Beta
Description
Get the ID of a physical connection at a cloud interconnect site.
Response
Returns a CloudInterconnectPhysicalConnectionId
Arguments
| Name | Description |
|---|---|
input - CloudInterconnectPhysicalConnectionIdInput!
|
Example
Query
query cloudInterconnectPhysicalConnectionId($accountId: ID!, $input: CloudInterconnectPhysicalConnectionIdInput!) {
site(accountId : $accountId){
cloudInterconnectPhysicalConnectionId(input: $input) {
id
}
}
}
Variables
{
"accountId": 128782,
"input": {"site": {"by": "ID", "input": "400957"}, "haRole": "PRIMARY"}
}
Response
{
"data": {
"site": {
"cloudInterconnectPhysicalConnectionId": {"id": "NDAwOTU3LVBSSU1BUlk="}
}
}
}
retrieveUsedVlanIDs
Beta
Description
Retrieve the VLAN IDs that are already in use at a specific POP. This API is only applicable for reseller accounts with private POPs.
Response
Returns a RetrieveUsedVlanIDsPayload
Arguments
| Name | Description |
|---|---|
input - RetrieveUsedVlanIDsInput!
|
Example
Query
query retrieveUsedVlanIDs($accountId: ID!, $input: RetrieveUsedVlanIDsInput!) {
site(accountId: $accountId) {
retrieveUsedVlanIDs(input: $input) {
reservedDot1QVlans {
vlan
accountId
siteId
}
reservedQinQVlans {
qinqVlan {
sVlan
cVlan
}
accountId
siteId
}
ranges {
from
to
}
}
}
}
Variables
{
"accountId": 128782,
"input": {
"popLocation": {"by": "ID", "input": "10000"},
"serviceProviderName": "Example Provider",
"encapsulationMethod": "DOT1Q"
}
}
Response
{
"data": {
"site": {
"retrieveUsedVlanIDs": {
"reservedDot1QVlans": [
{"vlan": 100, "accountId": "128782", "siteId": "400957"},
{"vlan": 200, "accountId": "128782", "siteId": "400958"}
],
"reservedQinQVlans": [],
"ranges": [{"from": 2, "to": 4094}]
}
}
}
}
secondaryAwsVSocket
Beta
Description
Retrieves details of a specific secondary AWS vSocket.
Response
Returns a SecondaryAwsVSocket
Arguments
| Name | Description |
|---|---|
socketId - ID!
|
Example
Query
query secondaryAwsVSocket($accountId:ID!, $socketId: ID!){
site(accountId:$accountId) {
secondaryAwsVSocket(socketId: $socketId) {
site {
id
name
}
id
ipAddress
subnet
routeTableId
}
}
}
Variables
{"accountId": "143762", "socketId": 631159}
Response
{
"data": {
"site": {
"secondaryAwsVSocket": {
"site": {"id": "400376", "name": "aws"},
"id": "631159",
"ipAddress": "55.45.45.70",
"subnet": "55.45.45.0/24",
"routeTableId": "888"
}
}
}
}
secondaryAzureVSocket
Beta
Description
Retrieves details of a specific secondary Azure vSocket.
Response
Returns a SecondaryAzureVSocket
Arguments
| Name | Description |
|---|---|
socketId - ID!
|
Example
Query
query secondaryAzureVSocket($accountId:ID!, $socketId: ID!){
site(accountId:$accountId) {
secondaryAzureVSocket(socketId: $socketId) {
site {
id
name
}
id
interfaceIp
floatingIp
}
}
}
Variables
{"accountId": "5018", "socketId": 654376}
Response
{
"data": {
"site": {
"secondaryAzureVSocket": {
"site": {"id": "366082", "name": "azure"},
"id": "654376",
"interfaceIp": "122.0.0.55",
"floatingIp": "122.0.0.56"
}
}
}
}
Response
Returns a SecondaryGcpVSocketPayload
Arguments
| Name | Description |
|---|---|
input - SecondaryGcpVSocketInput!
|
Example
Query
query secondaryGcpVSocket($accountId: ID!, $input: SecondaryGcpVSocketInput!) {
site(accountId: $accountId) {
secondaryGcpVSocket(input: $input) {
socketInfo {
site {
id
name
}
id
interfaceIp
loadBalancerIp
}
}
}
}
Variables
{"accountId": "123", "input": {"id": "456"}}
Response
{
"data": {
"site": {
"secondaryGcpVSocket": {
"socketInfo": {
"site": {"id": "789", "name": "example site"},
"id": "456",
"interfaceIp": "10.0.0.1",
"loadBalancerIp": "10.0.0.2"
}
}
}
}
}
siteBackhauling
Beta
Description
Fetch backhauling configuration for a site.
Response
Returns a SiteBackhaulingPayload
Arguments
| Name | Description |
|---|---|
site - SiteRefInput!
|
Example
Query
query siteBackhauling($accountId: ID!, $site: SiteRefInput!) {
site(accountId: $accountId) {
siteBackhauling(site: $site) {
site {
id
name
}
useAsBackhaulingGW
destination
nextHopIP
preferredSocketPort
}
}
}
Variables
{"accountId": "123", "site": {"input": "456", "by": "ID"}}
Response
{
"data": {
"site": {
"siteBackhauling": {
"site": {"id": "456", "name": "example site"},
"useAsBackhaulingGW": true,
"destination": "LOCAL_GATEWAY_IP",
"nextHopIP": "192.168.0.1",
"preferredSocketPort": null
}
}
}
}
siteBgpStatus
Beta
Description
Provides the BGP status of the specified site, including session and route details.
Response
Returns a SiteBgpStatus
Arguments
| Name | Description |
|---|---|
input - SiteBgpStatusInput!
|
Example
Query
query siteBgpStatus($accountId: ID!, $input: SiteBgpStatusInput!) {
site(accountId: $accountId) {
siteBgpStatus(input: $input) {
status {
remoteIp
bgpSession
bfdSession
routesFromPeer
routesToPeer
rejectedRoutesFromPeer {
subnet
type
community{
from
to
}
rule
lastPublishAttempt
}
}
rawStatus
}
}
}
Variables
{"accountId": 123, "input": {"site": {"by": "ID", "input": "456"}}}
Response
{
"data": {
"site": {
"siteBgpStatus": {
"status": [
{
"remoteIp": "192.168.2.100",
"bgpSession": "Established via outgoing connection",
"bfdSession": null,
"routesFromPeer": ["172.16.32.0/24"],
"routesToPeer": [
"10.41.0.0/16",
"100.1.0.0/16",
"172.17.31.0/24",
"10.254.254.0/24",
"220.220.220.0/24",
"10.254.254.12/32",
"10.254.254.253/32",
"100.1.1.0/24",
"120.120.120.0/24",
"111.1.1.1/32",
"156.88.88.0/24",
"192.168.1.0/24",
"10.254.254.5/32",
"10.254.254.1/32",
"192.168.2.0/24"
],
"rejectedRoutesFromPeer": [
{
"subnet": "200.1.1.0/24",
"type": "IPv4",
"community": [{"from": 5555, "to": 5555}],
"rule": " ( ( bgp_range == 200.1.1.0/24 ) )",
"lastPublishAttempt": null
},
{
"subnet": "200.1.0.0/16",
"type": "IPv4",
"community": [{"from": 6666, "to": 6666}],
"rule": " ( ( bgp_communities ~= 436869642 ) )",
"lastPublishAttempt": null
}
]
}
],
"rawStatus": [
"{\"Exposed_On_Interface\":\"LAN1\",\"Exposed_With_IP\":\"192.168.2.1\",\"Peer\":{\"BGP_Session\":\"Established via outgoing connection\",\"BGP_peer_filter_rule\":{\"default_accept\":true,\"rules\":[{\"accept\":false,\"description\":\"\",\"expression\":{\"expression\":[],\"op\":\"BOOL_AND\",\"predicate\":[{\"field_name\":\"bgp_range\",\"op\":\"OP_EQ\",\"values\":[{\"str\":\"200.1.1.0/24\",\"type\":\"field_type_ip\"}]}]},\"id\":18258},{\"accept\":false,\"description\":\"\",\"expression\":{\"expression\":[],\"op\":\"BOOL_AND\",\"predicate\":[{\"field_name\":\"bgp_communities\",\"op\":\"OP_CONTAINS\",\"values\":[{\"num\":\"364058035\",\"type\":\"field_type_hostorder_uint64\"}]}]},\"id\":18259},{\"accept\":false,\"description\":\"\",\"expression\":{\"expression\":[],\"op\":\"BOOL_AND\",\"predicate\":[{\"field_name\":\"bgp_communities\",\"op\":\"OP_CONTAINS\",\"values\":[{\"num\":\"436869642\",\"type\":\"field_type_hostorder_uint64\"}]}]},\"id\":18260}]},\"Incoming_Connection\":{\"State\":\"Idle\",\"Transport\":\"Not set\"},\"Local_ASN\":\"65000\",\"Local_IP\":\"169.254.1.179\",\"Negotiated\":{\"Capabilities\":{\"as4\":\"0\",\"enhanced_route_refresh\":\"1\",\"graceful_restart_always_publish\":false,\"graceful_restart_enabled\":false,\"graceful_restart_present\":false,\"graceful_restart_timeout\":\"0\",\"multiprotocol_ext\":\"1\",\"route_refresh\":\"1\"},\"Hold_Time\":\"60\",\"Keepalive_Period\":\"20\"},\"Outgoing_Connection\":{\"State\":\"Established\",\"Transport\":\"169.254.1.179:43113-192.168.2.100:179\"},\"RIB_out\":[{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"10.254.254.253/32\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"10.254.254.0/24\"},{\"add_time\":\"1733132508 (02/12/24 09:41:48)\",\"blob\":{\"AS_Path offset\":\"4\",\"Communities count\":\"1\",\"Communities offset\":\"15\",\"Transitive Attributes\":[\"40\",\"01\",\"01\",\"00\",\"50\",\"02\",\"00\",\"04\",\"02\",\"01\",\"1d\",\"fd\",\"c0\",\"08\",\"04\",\"15\",\"b3\",\"00\",\"37\"],\"communities\":[\"5555:55\"]},\"last_update_time\":\"1733132508 (02/12/24 09:41:48)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"100.1.0.0/16\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"120.120.120.0/24\"},{\"add_time\":\"1733132508 (02/12/24 09:41:48)\",\"blob\":{\"AS_Path offset\":\"4\",\"Communities count\":\"0\",\"Communities offset\":\"0\",\"Transitive Attributes\":[\"40\",\"01\",\"01\",\"00\",\"50\",\"02\",\"00\",\"04\",\"02\",\"01\",\"1d\",\"fd\"]},\"last_update_time\":\"1733132508 (02/12/24 09:41:48)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"172.17.31.0/24\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"156.88.88.0/24\"},{\"add_time\":\"1733132508 (02/12/24 09:41:48)\",\"blob\":{\"AS_Path offset\":\"4\",\"Communities count\":\"1\",\"Communities offset\":\"15\",\"Transitive Attributes\":[\"40\",\"01\",\"01\",\"00\",\"50\",\"02\",\"00\",\"04\",\"02\",\"01\",\"1d\",\"fd\",\"c0\",\"08\",\"04\",\"08\",\"ae\",\"08\",\"ae\"],\"communities\":[\"2222:2222\"]},\"last_update_time\":\"1733132508 (02/12/24 09:41:48)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"100.1.1.0/24\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"220.220.220.0/24\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"192.168.2.0/24\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"10.41.0.0/16\"},{\"add_time\":\"1733132508 (02/12/24 09:41:48)\",\"blob\":{\"AS_Path offset\":\"4\",\"Communities count\":\"1\",\"Communities offset\":\"15\",\"Transitive Attributes\":[\"40\",\"01\",\"01\",\"00\",\"50\",\"02\",\"00\",\"04\",\"02\",\"01\",\"1d\",\"fd\",\"c0\",\"08\",\"04\",\"0d\",\"05\",\"0d\",\"05\"],\"communities\":[\"3333:3333\"]},\"last_update_time\":\"1733132508 (02/12/24 09:41:48)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"111.1.1.1/32\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"10.254.254.1/32\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"10.254.254.12/32\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"10.254.254.5/32\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"192.168.1.0/24\"}],\"Remote_ASN\":\"7678\",\"Remote_IP\":\"192.168.2.100\",\"Router_ID\":\"192.168.2.1\",\"Router_Weight\":\"100\"},\"accept_default_route\":false,\"advertise_cato\":true,\"advertise_default\":\"never\",\"advertise_summary\":false,\"bfd_peer\":{\"BFD_Session\":\"DOWN\",\"bfd_config\":{\"local_asn\":65000,\"local_ip_no\":\"169.254.1.179\",\"local_port_ho\":0,\"remote_asn\":7678,\"remote_ip_no\":\"192.168.2.100\"},\"bfd_session_info\":{\"active_mode\":false,\"auth_type\":0,\"desired_min_tx_interval_usec\":300000,\"detect_interval_usec\":0,\"detect_mult\":3,\"local_diag\":\"NO_DIAGNOSTIC\",\"my_discriminator\":1394721461,\"next_detect_timestamp_usec\":9223372036854776000,\"next_send_timestamp_usec\":9223372036854776000,\"poll_in_progress\":false,\"remote_demand_mode\":false,\"remote_detect_mult\":0,\"remote_diag\":\"NO_DIAGNOSTIC\",\"remote_discriminator\":0,\"remote_min_echo_interval_usec\":0,\"remote_min_rx_interval_usec\":0,\"remote_min_tx_interval_usec\":0,\"remote_state\":\"DOWN\",\"remote_tx_interval_usec\":0,\"required_min_echo_interval_usec\":0,\"required_min_rx_interval_usec\":300000,\"state\":\"DOWN\",\"tx_interval_usec\":0},\"bfd_timeline\":[{\"event\":{\"func\":\"bfd_peer_init\",\"line\":\"513\",\"msg\":\"initialized BFD session to 192.168.2.100. tx = 300000 usec, rx = 300000 usec, mult = 3 , mode is passive\"},\"time\":\"02/12/24 09:41:03.583\"}],\"enabled\":true},\"custom_ranges_advertise\":\"never\",\"interface_pcap_captured_packets\":\"0\",\"interface_pcap_enabled\":false,\"interface_port_id\":0,\"rejected_routes_from_neighbor\":[{\"Communities\":[\"5555:5555\"],\"Subnet\":\"200.1.1.0/24\",\"Type\":\"IPv4\",\"last_publish_attempt\":\"02/12/24 09:41:18.216\",\"rule\":\" ( ( bgp_range == 200.1.1.0/24 ) )\"},{\"Communities\":[\"6666:6666\"],\"Subnet\":\"200.1.0.0/16\",\"Type\":\"IPv4\",\"last_publish_attempt\":\"02/12/24 09:41:18.216\",\"rule\":\" ( ( bgp_communities ~= 436869642 ) )\"}],\"routes_count\":\"1\",\"routes_count_limit\":\"1024\",\"routes_count_limit_exceeded\":false,\"routes_from_neighbor\":[{\"Next_Hop\":\"192.168.2.100\",\"Range\":\"172.16.32.0-172.16.32.255\",\"Subnet\":\"172.16.32.0/24\"}],\"routes_to_neighbor\":[{\"Subnet\":\"10.41.0.0/16\"},{\"Subnet\":\"111.1.1.1/32\"},{\"Subnet\":\"100.1.0.0/16\"},{\"Subnet\":\"100.1.1.0/24\"},{\"Subnet\":\"172.17.31.0/24\"},{\"Subnet\":\"120.120.120.0/24\"},{\"Subnet\":\"192.168.1.0/24\"},{\"Subnet\":\"220.220.220.0/24\"},{\"Subnet\":\"192.168.2.0/24\"},{\"Subnet\":\"10.254.254.0/24\"},{\"Subnet\":\"10.254.254.12/32\"},{\"Subnet\":\"10.254.254.253/32\"},{\"Subnet\":\"10.254.254.5/32\"},{\"Subnet\":\"10.254.254.1/32\"},{\"Subnet\":\"156.88.88.0/24\"}]}"
]
}
}
}
}
siteGeneralDetails
Beta
Response
Returns a SiteGeneralDetailsPayload
Arguments
| Name | Description |
|---|---|
site - SiteRefInput!
|
Example
Query
query siteGeneralDetails($accountId: ID!, $site: SiteRefInput!) {
site(accountId: $accountId) {
siteGeneralDetails(site: $site) {
site {
id
name
}
siteType
description
siteLocation {
countryCode
stateCode
cityName
timezone
address
}
preferredPopLocation {
primary {
id
name
}
secondary {
id
name
}
preferredOnly
}
workingHours {
override
fromTimeMinuteOffset
toTimeMinuteOffset
workingDays
}
disableAclForSip
}
}
}
Variables
{"accountId": "123", "site": {"input": "456", "by": "ID"}}
Response
{
"data": {
"site": {
"siteGeneralDetails": {
"site": {"id": "456", "name": "example site"},
"siteType": "BRANCH",
"description": "222",
"siteLocation": {
"countryCode": "IL",
"stateCode": "",
"cityName": "Tel Aviv",
"timezone": "Asia/Jerusalem",
"address": "Iben Gabirol 123"
},
"preferredPopLocation": {
"primary": {"id": "1", "name": "example_location_1"},
"secondary": {"id": "2", "name": "example_location_2"},
"preferredOnly": true
},
"workingHours": {
"override": false,
"fromTimeMinuteOffset": 540,
"toTimeMinuteOffset": 1080,
"workingDays": [
"MONDAY",
"TUESDAY",
"WEDNESDAY",
"THURSDAY",
"FRIDAY"
]
},
"disableAclForSip": false
}
}
}
}
siteSocketConfiguration
Beta
Response
Returns a SiteSocketConfiguration
Arguments
| Name | Description |
|---|---|
input - SiteSocketConfigurationInput!
|
Example
Query
query siteSocketConfiguration($accountId: ID!, $input: SiteSocketConfigurationInput!) {
site(accountId: $accountId) {
siteSocketConfiguration(input: $input) {
primarySocketConfiguration {
description
}
secondarySocketConfiguration {
description
}
}
}
}
Variables
{"accountId": 8743, "input": {"site": {"by": "NAME", "input": "example"}}}
Response
{
"data": {
"site": {
"siteSocketConfiguration": {
"primarySocketConfiguration": {"description": "primary"},
"secondarySocketConfiguration": {"description": "srcondary"}
}
}
}
}
staticHost
Beta
Description
Retrieve a single static host configured on a site by its ID.
Response
Returns a StaticHostPayload
Arguments
| Name | Description |
|---|---|
site - SiteRefInput!
|
|
hostId - ID!
|
Example
Query
query staticHost($accountId: ID!, $site: SiteRefInput!, $hostId: ID!) {
site(accountId: $accountId) {
staticHost(site: $site, hostId: $hostId) {
host {
hostId
name
ip
macAddress
}
}
}
}
Variables
{"accountId": "123", "site": {"input": "456", "by": "ID"}, "hostId": "1001"}
Response
{
"data": {
"site": {
"staticHost": {
"host": {
"hostId": "1001",
"name": "print-server-01",
"ip": "10.0.1.50",
"macAddress": "AA:BB:CC:DD:EE:FF"
}
}
}
}
}
staticHostList
Beta
Description
Retrieve all static hosts configured on a site.
Response
Returns a StaticHostListPayload
Arguments
| Name | Description |
|---|---|
site - SiteRefInput!
|
Example
Query
query staticHostList($accountId: ID!, $site: SiteRefInput!) {
site(accountId: $accountId) {
staticHostList(site: $site) {
items {
hostId
name
ip
macAddress
}
}
}
}
Variables
{"accountId": "123", "site": {"input": "456", "by": "ID"}}
Response
{
"data": {
"site": {
"staticHostList": {
"items": [
{
"hostId": "1001",
"name": "print-server-01",
"ip": "10.0.1.50",
"macAddress": "AA:BB:CC:DD:EE:FF"
},
{
"hostId": "1002",
"name": "nas-storage",
"ip": "10.0.1.51",
"macAddress": null
}
]
}
}
}
}
Response
Returns a ValidWifiRadioSettingsPayload
Arguments
| Name | Description |
|---|---|
input - ValidWifiRadioSettingsInput!
|
Example
Query
query validWifiRadioSettings($accountId: ID!, $input: ValidWifiRadioSettingsInput!) {
site(accountId: $accountId) {
validWifiRadioSettings(input: $input) {
band24 {
standards
channelWidths
channels
}
band5 {
standards
channelWidths
channels
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"site": {"input": "456", "by": "ID"},
"band24": {
"standard": "IEEE80211AX",
"channelWidth": "MHZ_20",
"dfsEnabled": false
},
"band5": {
"standard": "IEEE80211AC",
"channelWidth": "MHZ_80",
"dfsEnabled": true
}
}
}
Response
{
"data": {
"site": {
"validWifiRadioSettings": {
"band24": {
"standards": ["AUTO", "IEEE80211N", "IEEE80211AX"],
"channelWidths": ["AUTO", "MHZ_20", "MHZ_40"],
"channels": [1, 6, 11]
},
"band5": {
"standards": ["AUTO", "IEEE80211AC", "IEEE80211AX"],
"channelWidths": ["AUTO", "MHZ_20", "MHZ_40", "MHZ_80"],
"channels": [36, 40, 44, 48]
}
}
}
}
}
Response
Returns a ValidWifiRadioSettingsPayload
Arguments
| Name | Description |
|---|---|
input - ValidWifiRadioSettingsByCountryInput!
|
Example
Query
query validWifiRadioSettingsByCountry($accountId: ID!, $input: ValidWifiRadioSettingsByCountryInput!) {
site(accountId: $accountId) {
validWifiRadioSettingsByCountry(input: $input) {
band24 {
standards
channelWidths
channels
}
band5 {
standards
channelWidths
channels
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"countryCode": "US",
"band24": {
"standard": "IEEE80211AX",
"channelWidth": "MHZ_20",
"dfsEnabled": false
},
"band5": {
"standard": "IEEE80211AC",
"channelWidth": "MHZ_80",
"dfsEnabled": true
}
}
}
Response
{
"data": {
"site": {
"validWifiRadioSettingsByCountry": {
"band24": {
"standards": ["AUTO", "IEEE80211N", "IEEE80211AX"],
"channelWidths": ["AUTO", "MHZ_20", "MHZ_40"],
"channels": [1, 6, 11]
},
"band5": {
"standards": ["AUTO", "IEEE80211AC", "IEEE80211AX"],
"channelWidths": ["AUTO", "MHZ_20", "MHZ_40", "MHZ_80"],
"channels": [36, 40, 44, 48]
}
}
}
}
}
Response
Returns a ValidateWifiRadioProfilePayload
Arguments
| Name | Description |
|---|---|
input - ValidateWifiRadioProfileInput!
|
Example
Query
query validateWifiRadioProfile($accountId: ID!, $input: ValidateWifiRadioProfileInput!) {
site(accountId: $accountId) {
validateWifiRadioProfile(input: $input) {
result {
band24 {
isValid
errors
}
band5 {
isValid
errors
}
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"site": {"input": "456", "by": "ID"},
"radioProfile": {
"band24": {
"band": "BAND_2P4G",
"standard": "IEEE80211AX",
"channelWidth": "MHZ_20",
"dfsEnabled": false,
"channel": 6
},
"band5": {
"band": "BAND_5G",
"standard": "IEEE80211AC",
"channelWidth": "MHZ_80",
"dfsEnabled": true,
"channel": 36
}
}
}
}
Response
{
"data": {
"site": {
"validateWifiRadioProfile": {
"result": {
"band24": {"isValid": true, "errors": []},
"band5": {"isValid": true, "errors": []}
}
}
}
}
}
Response
Returns a ValidateWifiRadioProfilePayload
Arguments
| Name | Description |
|---|---|
input - ValidateWifiRadioProfileByCountryInput!
|
Example
Query
query validateWifiRadioProfileByCountry($accountId: ID!, $input: ValidateWifiRadioProfileByCountryInput!) {
site(accountId: $accountId) {
validateWifiRadioProfileByCountry(input: $input) {
result {
band24 {
isValid
errors
}
band5 {
isValid
errors
}
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"countryCode": "US",
"radioProfile": {
"band24": {
"band": "BAND_2P4G",
"standard": "IEEE80211AX",
"channelWidth": "MHZ_20",
"dfsEnabled": false,
"channel": 6
},
"band5": {
"band": "BAND_5G",
"standard": "IEEE80211AC",
"channelWidth": "MHZ_80",
"dfsEnabled": true,
"channel": 36
}
}
}
}
Response
{
"data": {
"site": {
"validateWifiRadioProfileByCountry": {
"result": {
"band24": {"isValid": true, "errors": []},
"band5": {"isValid": true, "errors": []}
}
}
}
}
}
Response
Returns a WifiRadioProfile
Arguments
| Name | Description |
|---|---|
input - WifiRadioProfileRefInput!
|
Example
Query
query wifiRadioProfile($accountId: ID!, $input: WifiRadioProfileRefInput!) {
site(accountId: $accountId) {
wifiRadioProfile(input: $input) {
id
site {
id
name
}
band24 {
band
standard
channelWidth
dfsEnabled
channel
}
band5 {
band
standard
channelWidth
dfsEnabled
channel
}
}
}
}
Variables
{"accountId": "123", "input": {"input": "456", "by": "ID"}}
Response
{
"data": {
"site": {
"wifiRadioProfile": {
"id": "456",
"site": {"id": "789", "name": "example site"},
"band24": {
"band": "BAND_2P4G",
"standard": "IEEE80211AX",
"channelWidth": "MHZ_20",
"dfsEnabled": false,
"channel": 6
},
"band5": {
"band": "BAND_5G",
"standard": "IEEE80211AC",
"channelWidth": "MHZ_80",
"dfsEnabled": true,
"channel": 36
}
}
}
}
}
Response
Returns a WifiRadioProfile
Arguments
| Name | Description |
|---|---|
input - SiteRefInput!
|
Example
Query
query wifiRadioProfileBySite($accountId: ID!, $input: SiteRefInput!) {
site(accountId: $accountId) {
wifiRadioProfileBySite(input: $input) {
id
site {
id
name
}
band24 {
band
standard
channelWidth
dfsEnabled
channel
}
band5 {
band
standard
channelWidth
dfsEnabled
channel
}
}
}
}
Variables
{"accountId": "123", "input": {"input": "456", "by": "ID"}}
Response
{
"data": {
"site": {
"wifiRadioProfileBySite": {
"id": "789",
"site": {"id": "456", "name": "example site"},
"band24": {
"band": "BAND_2P4G",
"standard": "IEEE80211AX",
"channelWidth": "MHZ_20",
"dfsEnabled": false,
"channel": 6
},
"band5": {
"band": "BAND_5G",
"standard": "IEEE80211AC",
"channelWidth": "MHZ_80",
"dfsEnabled": true,
"channel": 36
}
}
}
}
}
Response
Returns a WifiRadioProfileListPayload
Arguments
| Name | Description |
|---|---|
input - WifiRadioProfileListInput!
|
Example
Query
query wifiRadioProfileList($accountId: ID!, $input: WifiRadioProfileListInput!) {
site(accountId: $accountId) {
wifiRadioProfileList(input: $input) {
wifiRadioProfiles {
id
site {
id
name
}
band24 {
band
standard
channelWidth
dfsEnabled
channel
}
band5 {
band
standard
channelWidth
dfsEnabled
channel
}
}
pageInfo {
total
}
}
}
}
Variables
{
"accountId": "123",
"input": {"wifiRadioProfiles": [{"input": "456", "by": "ID"}]}
}
Response
{
"data": {
"site": {
"wifiRadioProfileList": {
"wifiRadioProfiles": [
{
"id": "456",
"site": {"id": "789", "name": "example site"},
"band24": {
"band": "BAND_2P4G",
"standard": "IEEE80211AX",
"channelWidth": "MHZ_20",
"dfsEnabled": false,
"channel": 6
},
"band5": {
"band": "BAND_5G",
"standard": "IEEE80211AC",
"channelWidth": "MHZ_80",
"dfsEnabled": true,
"channel": 36
}
}
],
"pageInfo": {"total": 1}
}
}
}
}
Response
Returns a WifiSsid
Arguments
| Name | Description |
|---|---|
input - WifiSsidRefInput!
|
Example
Query
query wifiSsid($accountId: ID!, $input: WifiSsidRefInput!) {
site(accountId: $accountId) {
wifiSsid(input: $input) {
id
networkInterfaceId
site {
id
name
}
name
enabled
category
visible
subnet
localIp
dhcp {
dhcpSubnet
}
microsegmentationEnabled
internetOnly
mdnsEnabled
security {
mode
authProtocol
trackAuthentication
}
band
}
}
}
Variables
{"accountId": "123", "input": {"input": "456", "by": "ID"}}
Response
{
"data": {
"site": {
"wifiSsid": {
"id": "456",
"networkInterfaceId": "789",
"site": {"id": "100", "name": "example site"},
"name": "Corporate-WiFi",
"enabled": true,
"category": "CORPORATE",
"visible": true,
"subnet": "10.0.0.0/24",
"localIp": "10.0.0.1",
"dhcp": {"dhcpSubnet": "10.0.0.0/24"},
"microsegmentationEnabled": false,
"internetOnly": false,
"mdnsEnabled": false,
"security": {
"mode": "PSK",
"authProtocol": "WPA3",
"trackAuthentication": false
},
"band": "BOTH"
}
}
}
}
Response
Returns a WifiSsidListPayload
Arguments
| Name | Description |
|---|---|
input - WifiSsidListInput!
|
Example
Query
query wifiSsidList($accountId: ID!, $input: WifiSsidListInput!) {
site(accountId: $accountId) {
wifiSsidList(input: $input) {
wifiSsid {
id
networkInterfaceId
site {
id
name
}
name
enabled
category
visible
subnet
localIp
dhcp {
dhcpSubnet
}
microsegmentationEnabled
internetOnly
mdnsEnabled
security {
mode
authProtocol
trackAuthentication
}
band
}
pageInfo {
total
}
}
}
}
Variables
{"accountId": "123", "input": {"site": {"input": "456", "by": "ID"}}}
Response
{
"data": {
"site": {
"wifiSsidList": {
"wifiSsid": [
{
"id": "789",
"networkInterfaceId": "101",
"site": {"id": "456", "name": "example site"},
"name": "Corporate-WiFi",
"enabled": true,
"category": "CORPORATE",
"visible": true,
"subnet": "10.0.0.0/24",
"localIp": "10.0.0.1",
"dhcp": {"dhcpSubnet": "10.0.0.0/24"},
"microsegmentationEnabled": false,
"internetOnly": false,
"mdnsEnabled": false,
"security": {
"mode": "PSK",
"authProtocol": "WPA3",
"trackAuthentication": false
},
"band": "BOTH"
}
],
"pageInfo": {"total": 1}
}
}
}
}
SocketBypassPolicyQueries
policy
Beta
Response
Returns a SocketBypassPolicy!
Arguments
| Name | Description |
|---|---|
input - SocketBypassPolicyInput
|
Example
Query
query socketBypass($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
policy {
enabled
rules {
properties
rule {
id
index
name
}
}
sections {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"socketBypass": {
"policy": {
"enabled": false,
"rules": [
{
"properties": [],
"rule": {
"id": "98dbea00-c49c-4fae-8493-362b6897d372",
"index": 1,
"name": "update bypass exmple"
}
}
],
"sections": [
{
"properties": [],
"section": {
"id": "1bbee1c4-83e6-4286-8c57-2c2aa4e8317b",
"name": "test"
}
}
]
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query socketBypass($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"socketBypass": {
"revisions": {
"revision": [
{"name": "Socket Bypass Test Revision", "changes": 0},
{"name": "Socket Bypass Test Revision", "changes": 0}
]
}
}
}
}
}
SocketLanPolicyQueries
policy
Beta
Response
Returns a SocketLanPolicy!
Arguments
| Name | Description |
|---|---|
input - SocketLanPolicyInput
|
Example
Query
query socketLan($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
policy {
enabled
rules {
properties
rule {
id
index
name
}
}
sections {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {"policy": {"enabled": false, "rules": [], "sections": []}}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query socketLan($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"revisions": {
"revision": [
{"name": "Socket LAN Test Revision", "changes": 0},
{"name": "Socket LAN Test Revision", "changes": 0},
{"name": "Socket LAN Test Revision", "changes": 0},
{"name": "Socket LAN Test Revision", "changes": 0},
{"name": "Socket LAN Test Revision", "changes": 0}
]
}
}
}
}
}
SplitTunnelPolicyQueries
policy
Beta
Response
Returns a SplitTunnelPolicy!
Arguments
| Name | Description |
|---|---|
input - SplitTunnelPolicyInput
|
Example
Query
query SplitTunnelPolicy($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
policy {
enabled
rules {
properties
rule {
id
index
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"splitTunnel": {
"policy": {
"enabled": false,
"rules": [
{
"properties": [],
"rule": {
"id": "96f3efbc-1e5f-4bdc-93bd-c4777b70dc9b",
"index": 1,
"name": "Second Example Rule"
}
}
]
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query SplitTunnelPolicy($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"splitTunnel": {
"revisions": {
"revision": [
{"name": "Revision Name Example", "changes": 0},
{"name": "Revision Name Example", "changes": 0},
{"name": "Revision Name Example", "changes": 0}
]
}
}
}
}
}
TerminalServerPolicyQueries
policy
Beta
Response
Returns a TerminalServerPolicy!
Arguments
| Name | Description |
|---|---|
input - TerminalServerPolicyInput
|
Example
Query
query TerminalServer($accountId: ID!) {
policy(accountId: $accountId) {
terminalServer {
policy {
enabled
rules {
properties
rule {
id
name
description
index
enabled
allowedHostIP {
id
name
}
}
}
sections {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"terminalServer": {
"policy": {
"enabled": true,
"rules": [
{
"rule": {
"id": "f50fa97b-1f12-4522-a15b-6cddde43c8c8",
"name": "Shared Host in Site A",
"index": 1,
"enabled": true,
"description": "Shared Host in Site A ",
"allowedHostIP": {
"id": "900134247",
"name": "Terminal Server Farm"
}
},
"audit": {
"updatedBy": "John.Doe@catonetworks.com",
"updatedTime": "2025-04-23T14:59:08.012"
},
"properties": []
}
],
"sections": []
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query TerminalServer($accountId: ID!) {
policy(accountId: $accountId) {
terminalServer {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"terminalServer": {
"revisions": {"revision": [{"name": "Test Revision", "changes": 0}]}
}
}
}
}
TlsInspectPolicyQueries
policy
Beta
Response
Returns a TlsInspectPolicy!
Arguments
| Name | Description |
|---|---|
input - TlsInspectPolicyInput
|
Example
Query
query TlsInspect($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
policy {
enabled
rules {
properties
rule {
id
index
name
}
}
sections {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"tlsInspect": {
"policy": {
"enabled": false,
"rules": [
{
"properties": [],
"rule": {
"id": "80897ab7-5be5-4979-afde-3969f9d75c8a",
"index": 1,
"name": "Updated Tls Inspect Rule"
}
},
{
"properties": [],
"rule": {
"id": "d9cdb424-0830-4d8c-bfa7-6390bbc9c17b",
"index": 2,
"name": "Updated WAN Rule"
}
}
],
"sections": [
{
"properties": [],
"section": {
"id": "cab89258-646c-4ce8-8a91-9f13108d1e73",
"name": "updated TLS section name"
}
}
]
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query TlsInspect($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"tlsInspect": {
"revisions": {
"revision": [
{"name": "TLS Test Revision", "changes": 0},
{"name": "TLS Test Revision", "changes": 0}
]
}
}
}
}
}
UserQueries
Description
The userList query retrieves a paged list of the account's users. Filtering and sorting can be applied.
Response
Returns a UserListPayload
Arguments
| Name | Description |
|---|---|
input - UserListInput!
|
Example
Query
query userList($accountId: ID!, $input: UserListInput!) {
user(accountId: $accountId) {
userList(input: $input) {
items {
id
userId
objectId
onPremSid
firstName
lastName
userPrincipalName
displayName
phone
email
department
jobTitle
userStatus
creationDate
lastModified
importType
directoryId
hasRemoteAccessEligibility
authInfo {
authMethod
authStatus
}
riskScore
}
pageInfo {
total
}
}
}
}
Variables
{
"accountId": "123456",
"input": {
"filter": {
"searchTerm": {"search": "john"},
"riskScore": [{"in": ["LOW", "MEDIUM"]}],
"userStatus": [{"eq": "ACTIVE"}],
"remoteAccessEligibility": [{"eq": true}],
"importType": [{"neq": "MANUAL"}]
},
"sort": {"name": {"direction": "ASC"}},
"paging": {"from": 0, "limit": 25}
}
}
Response
{
"data": {
"user": {
"userList": {
"items": [
{
"id": "1",
"userId": "jon.doe",
"objectId": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
"onPremSid": null,
"firstName": "Jon",
"lastName": "Doe",
"userPrincipalName": "jon.doe@company.com",
"displayName": "Jon",
"phone": null,
"email": "jon.doe@company.com",
"department": "Product",
"jobTitle": "Product Manager",
"userStatus": "ACTIVE",
"creationDate": "2024-02-10T09:15:00.000Z",
"lastModified": "2024-02-28T11:45:00.000Z",
"importType": "SCIM",
"directoryId": "dir123456",
"hasRemoteAccessEligibility": true,
"authInfo": {"authMethod": "SSO", "authStatus": "COMPLETED"},
"riskScore": "MEDIUM"
},
{
"id": "0",
"userId": "john.doe",
"objectId": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"onPremSid": "S-1-5-21-1234567890-1234567890-1234567890-1001",
"firstName": "John",
"lastName": "Doe",
"userPrincipalName": "john.doe@company.com",
"displayName": "John Doe",
"phone": "+1-555-0100",
"email": "john.doe@company.com",
"department": "Engineering",
"jobTitle": "Senior Software Engineer",
"userStatus": "ACTIVE",
"creationDate": "2024-01-15T10:30:00.000Z",
"lastModified": "2024-03-01T14:22:00.000Z",
"importType": "LDAP",
"directoryId": "dir123456",
"hasRemoteAccessEligibility": true,
"authInfo": {"authMethod": "MFA", "authStatus": "COMPLETED"},
"riskScore": "LOW"
}
],
"pageInfo": {"total": 42}
}
}
}
}
WanFirewallPolicyQueries
policy
Beta
Response
Returns a WanFirewallPolicy!
Arguments
| Name | Description |
|---|---|
input - WanFirewallPolicyInput
|
Example
Query
query InternetFirewall($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
policy {
enabled
rules {
properties
rule {
id
index
name
}
}
sections {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanFirewall": {
"policy": {
"enabled": false,
"rules": [
{
"properties": [],
"rule": {
"id": "16044293",
"index": 1,
"name": "Allow social media"
}
},
{
"properties": [],
"rule": {"id": "16044295", "index": 2, "name": "WAN FW Rule 2"}
}
],
"sections": [
{
"properties": [],
"section": {"id": "363808", "name": "Example Wan Section"}
},
{
"properties": [],
"section": {"id": "363809", "name": "My Wan Section"}
}
]
}
}
}
}
}
policyList
Beta
Description
Provides a list of all policies of Wan Firewall with filtering, pagination and sorting capabilities
Response
Returns a WanFirewallPolicyListPayload!
Arguments
| Name | Description |
|---|---|
input - WanFirewallPolicyListInput!
|
Default |
Example
Query
query wanFirewallPolicyByIds($accountId: ID!, $limit: Int!, $filter: WanFirewallPolicyListFilterInput) {
policy(accountId: $accountId) {
wanFirewall {
policyList(input: {paging: {limit: $limit}, filter: $filter}) {
items {
id
name
description
enabled
policyLevel
}
paging {
total
}
}
}
}
}
Variables
{
"accountId": 12345,
"limit": 1,
"filter": {"id": {"in": ["f07a3670-88ed-48e6-8a31-6f9047e9f584"]}}
}
Response
{
"data": {
"policy": {
"wanFirewall": {
"policyList": {
"items": [
{
"id": "f07a3670-88ed-48e6-8a31-6f9047e9f584",
"name": "Main",
"description": "",
"enabled": true,
"policyLevel": "MAIN"
}
],
"paging": {"total": 1}
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query InternetFirewall($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanFirewall": {
"revisions": {
"revision": [
{"name": "WAN Test Revision", "changes": 0},
{"name": "WAN Test Revision", "changes": 0}
]
}
}
}
}
}
WanNetworkPolicyQueries
policy
Beta
Response
Returns a WanNetworkPolicy!
Arguments
| Name | Description |
|---|---|
input - WanNetworkPolicyInput
|
Example
Query
query wanNetwork($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
policy {
enabled
rules {
properties
rule {
id
index
name
}
}
sections {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanNetwork": {
"policy": {
"enabled": false,
"rules": [
{
"properties": [],
"rule": {
"id": "6f5b98bd-3252-4c45-95e1-9eeac9fd88db",
"index": 1,
"name": "my WAN network rule example"
}
},
{
"properties": [],
"rule": {
"id": "2812534",
"index": 2,
"name": "WAN Voice & Video - Predefined"
}
},
{
"properties": [],
"rule": {
"id": "2812530",
"index": 3,
"name": "Internet Voice & Video - Predefined"
}
},
{
"properties": [],
"rule": {
"id": "2812532",
"index": 4,
"name": "WAN RDP - Predefined"
}
},
{
"properties": [],
"rule": {
"id": "2812535",
"index": 5,
"name": "Internet RDP - Predefined"
}
},
{
"properties": [],
"rule": {
"id": "2812533",
"index": 6,
"name": "WAN SMB - Predefined"
}
},
{
"properties": [],
"rule": {
"id": "2812536",
"index": 7,
"name": "Internet SMB - Predefined"
}
},
{
"properties": [],
"rule": {
"id": "2812529",
"index": 8,
"name": "WAN Data - Predefined"
}
},
{
"properties": [],
"rule": {
"id": "2812531",
"index": 9,
"name": "Internet Traffic - Predefined"
}
}
],
"sections": [
{
"properties": [],
"section": {
"id": "52bd561b-2877-4941-a3d0-5c7219e8e7b7",
"name": "Wan network example section"
}
}
]
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query wanNetwork($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanNetwork": {
"revisions": {
"revision": [
{"name": "WAN network Test Revision", "changes": 0},
{"name": "WAN network Test Revision", "changes": 0},
{"name": "WAN network Test Revision", "changes": 0}
]
}
}
}
}
}
XDR
stories
Beta
Description
Define the paging, sort, and filter arguments to define the XDR stories that are returned in the query
Response
Returns a StoriesData
Arguments
| Name | Description |
|---|---|
input - StoryInput!
|
Example
Query
query Stories($accountId: ID!, $from: Int!, $limit: Int!, $sort: [StorySortInput!], $filter: [StoryFilterInput!]!) {
xdr(accountID: $accountId) {
stories(
input: {paging: {from: $from, limit: $limit}, sort: $sort, filter: $filter}
) {
paging {
from
limit
total
__typename
}
items {
...StoryBrief
__typename
}
__typename
}
__typename
}
}
fragment StoryBrief on Story {
id
accountId
accountName
updatedAt
createdAt
analystName
incident {
__typename
id
status
lastSignal
firstSignal
producer
connectionType
indication
queryName
description
criticality
source
ticket
research
vendor
sourceIp
analystFeedback {
severity
__typename
}
... on Threat {
...ThreatIncidentBrief
__typename
}
... on ThreatPrevention {
...ThreatPreventionIncidentBrief
__typename
}
... on AnomalyStats {
...AnomalyStatsIncidentBrief
__typename
}
... on AnomalyEvents {
...AnomalyEventsIncidentBrief
__typename
}
... on NetworkXDRIncident {
...NetworkXDRIncidentBrief
__typename
}
}
__typename
}
fragment ThreatIncidentBrief on Threat {
__typename
site {
id
name
__typename
}
user {
id
name
__typename
}
direction
}
fragment ThreatPreventionIncidentBrief on ThreatPrevention {
__typename
site {
id
name
__typename
}
user {
id
name
__typename
}
direction
}
fragment AnomalyStatsIncidentBrief on AnomalyStats {
__typename
srcSiteId
subjectType
drillDownFilter {
name
value
__typename
}
}
fragment AnomalyEventsIncidentBrief on AnomalyEvents {
__typename
srcSiteId
subjectType
drillDownFilter {
name
value
__typename
}
}
fragment NetworkXDRIncidentBrief on NetworkXDRIncident {
__typename
storyDuration
storyType
siteConnectionType
siteConfigLocation
acknowledged
linkId
linkName
linkConfigPrecedence
deviceConfigHaRole
licenseRegion
licenseBandwidth
isp
bgpConnection {
connectionName
peerIp
peerAsn
catoIp
catoAsn
__typename
}
networkIncidentTimeline {
created
validated
description
eventType
eventIds
acknowledged
networkEventSource
linkId
linkName
linkConfigPrecedence
linkStatus
linkConfigBandwidth
deviceConfigHaRole
deviceHaRoleState
isp
bgpConnection {
connectionName
peerIp
peerAsn
catoIp
catoAsn
__typename
}
linkQualityIssue {
issueType
direction
current
threshold
__typename
}
__typename
}
}
Variables
{
"accountId": "123",
"from": 0,
"limit": 25,
"filter": [
{
"timeFrame": {"time": "last.P14D", "timeFrameModifier": "StoryUpdate"},
"producer": {
"in": [
"AnomalyEvents",
"AnomalyStats",
"ThreatHunt",
"ThreatPrevention",
"MicrosoftEndpointDefender",
"CatoEndpointAlert"
]
}
}
],
"sort": [{"fieldName": "updatedAt", "order": "desc"}]
}
Response
{
"data": {
"xdr": {
"__typename": "XDR",
"stories": {
"paging": {"from": 0, "limit": 25, "total": 5, "__typename": "Paging"},
"items": [
{
"id": "65ba47966e0c8517cf2de805",
"accountId": 123,
"accountName": "account",
"updatedAt": "2024-01-31T13:13:58Z",
"createdAt": "2024-01-31T13:13:58Z",
"analystName": "abc123",
"incident": {
"__typename": "CatoEndpoint",
"id": "29ebcff1",
"status": "PendingMoreInfo",
"lastSignal": "2024-01-18T01:48:25Z",
"firstSignal": "2024-01-18T01:48:25Z",
"producer": "CatoEndpointAlert",
"connectionType": null,
"indication": "Cato Endpoint Alert",
"queryName": null,
"description": null,
"criticality": 5,
"source": "source",
"ticket": null,
"research": false,
"vendor": "CATO",
"sourceIp": null,
"analystFeedback": {
"severity": "Medium",
"__typename": "AnalystFeedback"
}
},
"__typename": "Story"
}
]
}
}
}
}
story
Beta
Description
Define either the story ID, or the incident ID and producer arguments, to query the specific XDR story
Response
Returns a Story
Arguments
| Name | Description |
|---|---|
storyId - ID
|
|
producer - StoryProducerEnum
|
|
incidentId - ID
|
Example
Query
query StoryDetails($accountId: ID!, $storyId: ID!) {
xdr(accountID: $accountId) {
... on XDR {
story(storyId: $storyId) {
...StoryDetailed
__typename
}
__typename
}
__typename
}
}
fragment StoryDetailed on Story {
__typename
id
summary
updatedAt
createdAt
playbook
timeline {
...TimelineItem
__typename
}
incident {
__typename
id
status
producer
ticket
connectionType
indication
queryName
criticality
source
research
firstSignal
lastSignal
description
site {
id
name
__typename
}
user {
id
name
__typename
}
... on AnomalyStats {
...AnomalyStatsIncidentDetailed
__typename
}
... on AnomalyEvents {
...AnomalyEventsIncidentDetailed
__typename
}
... on Threat {
...ThreatIncidentDetailed
__typename
}
... on ThreatPrevention {
...ThreatPreventionIncidentDetailed
__typename
}
... on NetworkXDRIncident {
...NetworkXDRIncidentDetailed
__typename
}
... on MicrosoftEndpoint {
...MicrosoftEndpointIncidentDetailed
__typename
}
... on CatoEndpoint {
...CatoEndpointIncidentDetailed
__typename
}
}
}
fragment TimelineItem on TimelineItem {
createdAt
type
descriptions
additionalInfo
analystInfo {
name
__typename
}
context
category
__typename
}
fragment AnomalyStatsIncidentDetailed on AnomalyStats {
__typename
srcSiteId
subjectType
metric {
name
value
__typename
}
drillDownFilter {
name
value
__typename
}
gaussian {
n
avg
__typename
}
mitres {
id
name
__typename
}
logonName
sourceIp
os
clientClass
deviceName
macAddress
breakdownField
predictedVerdict
predictedThreatType
similarStoriesData {
storyId
indication
threatTypeName
verdict
similarityPercentage
__typename
}
targets {
name
analysisScore
infectionSource
catoPopularity
threatFeeds
creationTime
categories
countryOfRegistration
searchHits
engines
eventData {
signatureId
eventType
threatType
threatName
severity
action
__typename
}
__typename
}
analystFeedback {
...AnalystFeedback
__typename
}
}
fragment AnalystFeedback on AnalystFeedback {
verdict
severity
threatType {
name
details
recommendedAction
__typename
}
threatClassification
additionalInfo
__typename
}
fragment AnomalyEventsIncidentDetailed on AnomalyEvents {
__typename
srcSiteId
subjectType
metric {
name
value
__typename
}
drillDownFilter {
name
value
__typename
}
gaussian {
n
avg
__typename
}
mitres {
id
name
__typename
}
logonName
sourceIp
os
clientClass
deviceName
macAddress
breakdownField
predictedVerdict
predictedThreatType
similarStoriesData {
storyId
indication
threatTypeName
verdict
similarityPercentage
__typename
}
targets {
name
analysisScore
infectionSource
catoPopularity
threatFeeds
creationTime
categories
countryOfRegistration
searchHits
engines
eventData {
signatureId
eventType
threatType
threatName
severity
action
__typename
}
__typename
}
analystFeedback {
...AnalystFeedback
__typename
}
}
fragment ThreatIncidentDetailed on Threat {
__typename
srcSiteId
flowsCardinality
storyDuration
os
deviceName
macAddress
sourceIp
logonName
direction
predictedVerdict
predictedThreatType
similarStoriesData {
storyId
indication
threatTypeName
verdict
similarityPercentage
__typename
}
queryName
events {
signatureId
eventType
threatType
threatName
severity
__typename
}
mitres {
id
name
__typename
}
timeSeries {
info
units
label
data(perSecond: false)
sum
key {
measureFieldName
dimensions {
fieldName
value
__typename
}
__typename
}
__typename
}
targets {
type
name
analysisScore
infectionSource
catoPopularity
threatFeeds
creationTime
categories
countryOfRegistration
searchHits
engines
eventData {
signatureId
eventType
threatType
threatName
severity
action
__typename
}
__typename
}
flows {
appName
clientClass
sourceIp
sourcePort
direction
createdAt
referer
userAgent
method
destinationCountry
destinationPort
destinationIp
destinationGeolocation
url
tunnelGeolocation
domain
target
httpResponseCode
dnsResponseIP
smbFileName
fileHash
ja3
__typename
}
analystFeedback {
...AnalystFeedback
__typename
}
}
fragment ThreatPreventionIncidentDetailed on ThreatPrevention {
__typename
srcSiteId
flowsCardinality
storyDuration
os
deviceName
macAddress
sourceIp
logonName
direction
predictedVerdict
predictedThreatType
similarStoriesData {
storyId
indication
threatTypeName
verdict
similarityPercentage
__typename
}
queryName
events {
signatureId
eventType
threatType
threatName
severity
__typename
}
mitres {
id
name
__typename
}
timeSeries {
info
units
label
data(perSecond: false)
sum
key {
measureFieldName
dimensions {
fieldName
value
__typename
}
__typename
}
__typename
}
targets {
type
name
analysisScore
infectionSource
catoPopularity
threatFeeds
creationTime
categories
countryOfRegistration
searchHits
engines
eventData {
signatureId
eventType
threatType
threatName
severity
action
__typename
}
__typename
}
threatPreventionsEvents {
appName
clientClass
sourceIp
sourcePort
direction
createdAt
referrer
userAgent
method
destinationCountry
destinationPort
destinationIp
destinationGeolocation
url
tunnelGeolocation
domain
target
httpResponseCode
dnsResponseIP
smbFileName
fileHash
ja3
__typename
}
analystFeedback {
...AnalystFeedback
__typename
}
}
fragment NetworkXDRIncidentDetailed on NetworkXDRIncident {
__typename
storyDuration
storyType
occurrences
siteConnectionType
siteConfigLocation
acknowledged
description
linkId
linkName
linkConfigPrecedence
deviceConfigHaRole
licenseRegion
licenseBandwidth
pop
isp
hostIp
ruleName
bgpConnection {
connectionName
peerIp
peerAsn
catoIp
catoAsn
__typename
}
networkIncidentTimeline {
created
validated
description
eventType
incidentId
eventIds
acknowledged
networkEventSource
linkId
linkName
linkConfigPrecedence
linkStatus
linkConfigBandwidth
deviceConfigHaRole
deviceHaRoleState
pop
isp
hostIp
ruleName
tunnelResetCount
bgpConnection {
connectionName
peerIp
peerAsn
catoIp
catoAsn
__typename
}
linkQualityIssue {
issueType
direction
current
threshold
__typename
}
__typename
}
analystFeedback {
... on AnalystFeedback {
severity
__typename
}
__typename
}
}
fragment MicrosoftEndpointIncidentDetailed on MicrosoftEndpoint {
storyDuration
sourceIp
analystFeedback {
...AnalystFeedback
__typename
}
device {
deviceName
osDetails {
... on OsDetails {
...MicrosoftEndpointIncidentDeviceOsDetails
__typename
}
__typename
}
loggedOnUsers {
... on EndpointUser {
...MicrosoftEndpointIncidentDeviceLoggedOnUser
__typename
}
__typename
}
__typename
}
alerts {
... on MicrosoftDefenderEndpointAlert {
...StoryDetailsMicrosoftEndpointAlert
__typename
}
__typename
}
__typename
}
fragment MicrosoftEndpointIncidentDeviceOsDetails on OsDetails {
osType
osBuild
osVersion
__typename
}
fragment MicrosoftEndpointIncidentDeviceLoggedOnUser on EndpointUser {
... on MicrosoftEndpointUser {
...MicrosoftEndpointIncidentUserDetails
__typename
}
__typename
}
fragment MicrosoftEndpointIncidentUserDetails on MicrosoftEndpointUser {
name
domainName
__typename
}
fragment StoryDetailsMicrosoftEndpointAlert on MicrosoftDefenderEndpointAlert {
id
title
localIp
destinationIp
destinationUrl
mitreTechnique {
id
name
__typename
}
firstActivityDateTime
lastActivityDateTime
threatName
activities {
...StoryDetailsMicrosoftEndpointActivity
__typename
}
resources {
...StoryDetailsMicrosoftEndpointResource
__typename
}
... on MicrosoftDefenderEndpointAlert {
criticality
msStatus: status
__typename
}
__typename
}
fragment StoryDetailsMicrosoftEndpointActivity on MicrosoftActivity {
id
resourceId
parentResourceId
action
__typename
}
fragment StoryDetailsMicrosoftEndpointResource on MicrosoftEndpointResource {
id
remediationStatus
createdDateTime
verdict
roles
...StoryDetailsMicrosoftEndpointFileResource
...StoryDetailsMicrosoftEndpointProcessResource
...StoryDetailsMicrosoftEndpointRegistryResource
__typename
}
fragment StoryDetailsMicrosoftEndpointFileResource on MicrosoftFileResource {
detectionStatus
fileDetails {
...StoryDetailsMicrosoftEndpointFileDetails
__typename
}
__typename
}
fragment StoryDetailsMicrosoftEndpointFileDetails on FileDetails {
path
name
size
sha1
sha256
issuer
signer
__typename
}
fragment StoryDetailsMicrosoftEndpointProcessResource on MicrosoftProcessResource {
processId
processCommandLine
imageFile {
...StoryDetailsMicrosoftEndpointFileDetails
__typename
}
userAccount {
...StoryDetailsMicrosoftEndpointUserDetails
__typename
}
__typename
}
fragment StoryDetailsMicrosoftEndpointUserDetails on EndpointUser {
id
... on MicrosoftEndpointUser {
userSid
__typename
}
__typename
}
fragment StoryDetailsMicrosoftEndpointRegistryResource on MicrosoftRegistryResource {
valueName
valueType
value
key
hive
__typename
}
fragment CatoEndpointIncidentDetailed on CatoEndpoint {
storyDuration
sourceIp
analystFeedback {
...AnalystFeedback
__typename
}
device {
deviceName
macAddress
osDetails {
... on OsDetails {
...CatoEndpointIncidentDeviceOsDetails
__typename
}
__typename
}
loggedOnUsers {
... on EndpointUser {
...CatoEndpointIncidentDeviceLoggedOnUser
__typename
}
__typename
}
__typename
}
alerts {
... on CatoEndpointAlert {
...StoryDetailsCatoEndpointAlert
__typename
}
__typename
}
__typename
}
fragment CatoEndpointIncidentDeviceOsDetails on OsDetails {
osType
osBuild
osVersion
__typename
}
fragment CatoEndpointIncidentDeviceLoggedOnUser on EndpointUser {
... on CatoEndpointUser {
...CatoEndpointIncidentUserDetails
__typename
}
__typename
}
fragment CatoEndpointIncidentUserDetails on CatoEndpointUser {
name
__typename
}
fragment StoryDetailsCatoEndpointAlert on CatoEndpointAlert {
id
title
mitreTechnique {
id
name
__typename
}
createdDateTime
threatName
activities {
...StoryDetailsCatoEndpointActivity
__typename
}
resources {
...StoryDetailsCatoEndpointResource
__typename
}
... on CatoEndpointAlert {
criticality
catoStatus: status
__typename
}
__typename
}
fragment StoryDetailsCatoEndpointActivity on CatoActivity {
id
resourceId
parentResourceId
__typename
}
fragment StoryDetailsCatoEndpointResource on CatoResource {
id
createdDateTime
remediationStatus
...StoryDetailsCatoEndpointFileResource
...StoryDetailsCatoEndpointProcessResource
__typename
}
fragment StoryDetailsCatoEndpointFileResource on CatoFileResource {
detectionStatus
fileDetails {
...StoryDetailsCatoEndpointFileDetails
__typename
}
__typename
}
fragment StoryDetailsCatoEndpointFileDetails on FileDetails {
path
name
size
sha1
sha256
issuer
signer
__typename
}
fragment StoryDetailsCatoEndpointProcessResource on CatoProcessResource {
processId
processCommandLine
imageFile {
...StoryDetailsCatoEndpointFileDetails
__typename
}
userAccount {
...StoryDetailsCatoEndpointUserDetails
__typename
}
__typename
}
fragment StoryDetailsCatoEndpointUserDetails on EndpointUser {
id
... on CatoEndpointUser {
name
__typename
}
__typename
}
Variables
{"accountId": "123", "storyId": "abc123"}
Response
{
"data": {
"xdr": {
"__typename": "XDR",
"story": {
"playbook": null,
"incident": {
"__typename": "Threat",
"id": "abc123",
"status": "Open",
"producer": "ThreatHunt",
"ticket": null,
"connectionType": "Site",
"indication": "abc123",
"queryName": "abc123",
"criticality": 5,
"source": "abc123",
"research": false,
"firstSignal": "2024-02-29T09:00:00Z",
"lastSignal": "2024-02-29T13:00:00Z",
"description": "abc123",
"site": null,
"user": null,
"srcSiteId": "123",
"flowsCardinality": 4,
"storyDuration": 14400,
"os": "OS_WINDOWS",
"deviceName": "abc123",
"macAddress": "aa:aa:11:22:33:44",
"sourceIp": "1.2.3.4",
"logonName": null,
"direction": "OUTBOUND",
"predictedVerdict": null,
"predictedThreatType": null,
"similarStoriesData": [],
"events": [],
"mitres": [],
"timeSeries": [],
"targets": [
{
"type": "domain",
"name": "123",
"analysisScore": 0.75688803,
"infectionSource": true,
"catoPopularity": -1,
"threatFeeds": 2,
"creationTime": "2023-01-10T06:16:40Z",
"categories": "abc123",
"countryOfRegistration": "CZ",
"searchHits": "123",
"engines": null,
"eventData": [],
"__typename": "IncidentTargetRep"
}
],
"flows": [
{
"appName": "http",
"clientClass": null,
"sourceIp": "11.22.33.111",
"sourcePort": 123,
"direction": "INBOUND",
"createdAt": "2024-02-29T09:45:00Z",
"referer": null,
"userAgent": null,
"method": null,
"destinationCountry": "US",
"destinationPort": 123,
"destinationIp": "11.22.33.644",
"destinationGeolocation": "11.1,22.2",
"url": null,
"tunnelGeolocation": "11.1,22.2",
"domain": "abc123",
"target": "abc123",
"httpResponseCode": null,
"dnsResponseIP": null,
"smbFileName": null,
"fileHash": null,
"ja3": null,
"__typename": "IncidentFlow"
}
],
"analystFeedback": {
"verdict": null,
"severity": null,
"threatType": {
"name": "PuP",
"details": null,
"recommendedAction": null,
"__typename": "AnalystFeedbackThreatType"
},
"threatClassification": null,
"additionalInfo": null,
"__typename": "AnalystFeedback"
}
},
"__typename": "Story",
"id": "abc123",
"summary": "abc123",
"updatedAt": "2024-03-27T08:32:44Z",
"createdAt": "2024-03-27T08:22:51Z",
"timeline": [
{
"createdAt": "2024-03-27T08:22:51Z",
"type": "Diff",
"descriptions": ["abc123"],
"additionalInfo": null,
"analystInfo": null,
"context": "Story created",
"category": null,
"__typename": "TimelineItem"
}
]
}
}
}
}
ZtnaAlwaysOnPolicyQueries
policy
Beta
Response
Returns a ZtnaAlwaysOnPolicy!
Arguments
| Name | Description |
|---|---|
input - ZtnaAlwaysOnPolicyInput
|
Example
Query
query ztnaAlwaysOn($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
policy {
enabled
rules {
properties
rule {
id
index
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"ztnaAlwaysOn": {
"policy": {
"enabled": false,
"rules": [
{
"properties": [],
"rule": {
"id": "601d474a-9843-4511-8c65-cc3885f9e449",
"index": 1,
"name": "Updated Rule Name Example"
}
},
{
"properties": [],
"rule": {
"id": "ac120fa5-1035-41d2-8f9c-43800048ea0f",
"index": 2,
"name": "Example Rule"
}
},
{
"properties": [],
"rule": {
"id": "dc86486d-1377-4b51-b38f-7911da8f962c",
"index": 3,
"name": "Rule Example "
}
}
]
}
}
}
}
}
revisions
Beta
Response
Returns a PolicyRevisionsPayload
Example
Query
query ztnaAlwaysOn($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
revisions {
revision {
name
changes
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"ztnaAlwaysOn": {
"revisions": {
"revision": [{"name": "Revision Name Example", "changes": 0}]
}
}
}
}
}
ZtnaAppConnectorQueries
Description
Retrieve a single ZTNA App Connector
Response
Returns a ZtnaAppConnector
Arguments
| Name | Description |
|---|---|
input - ZtnaAppConnectorRefInput!
|
Example
Query
query ZtnaAppConnector($accountId: ID!) {
ztnaAppConnector(accountId: $accountId) {
ztnaAppConnector(input: { by: ID, input: "1500000001" }) {
id
name
description
type
groupName
serialNumber
socketId
socketModel
isRegistered
privateAppCount
privateAppRef {
id
name
}
location {
countryCode
countryName
stateCode
cityName
address
timezone
}
preferredPopLocation {
automatic
preferredOnly
primary {
id
name
}
secondary {
id
name
}
}
createdAt
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"ztnaAppConnector": {
"ztnaAppConnector": {
"id": "1500000001",
"name": "DC-East-Connector-1",
"description": "Primary connector for east data center",
"type": "PHYSICAL",
"groupName": "East-DC-Group",
"serialNumber": "X1600-ABC12345",
"socketId": "98765",
"socketModel": "X1600",
"isRegistered": true,
"privateAppCount": 3,
"privateAppRef": [
{"id": "2001", "name": "internal-wiki"},
{"id": "2002", "name": "jira-server"},
{"id": "2003", "name": "gitlab-instance"}
],
"location": {
"countryCode": "US",
"countryName": "United States",
"stateCode": "California",
"cityName": "San Francisco",
"address": "100 Market Street",
"timezone": "America/Los_Angeles"
},
"preferredPopLocation": {
"automatic": false,
"preferredOnly": false,
"primary": {"id": "123", "name": "New York"},
"secondary": {"id": "456", "name": "Tel Aviv"}
},
"createdAt": "2025-06-15T10:30:00Z"
}
}
}
}
Description
List connector group names, with optional free-text search and paging
Response
Returns a ZtnaAppConnectorGroupListPayload
Arguments
| Name | Description |
|---|---|
input - ZtnaAppConnectorGroupListInput
|
Example
Query
query ZtnaAppConnectorGroupList($accountId: ID!) {
ztnaAppConnector(accountId: $accountId) {
ztnaAppConnectorGroupList(input: {
paging: { limit: 50, from: 0 }
}) {
items
pageInfo {
total
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"ztnaAppConnector": {
"ztnaAppConnectorGroupList": {
"items": ["East-DC-Group", "West-DC-Group", "AWS-Connectors"],
"pageInfo": {"total": 3}
}
}
}
}
Description
Paged list of ZTNA App Connectors, with optional filtering by group name(s)
Response
Returns a ZtnaAppConnectorListPayload
Arguments
| Name | Description |
|---|---|
input - ZtnaAppConnectorListInput!
|
Example
Query
query ZtnaAppConnectorList($accountId: ID!) {
ztnaAppConnector(accountId: $accountId) {
ztnaAppConnectorList(input: {
filter: {
groupName: [{ eq: "East-DC-Group" }]
type: { eq: PHYSICAL }
}
sort: { name: { direction: ASC, priority: 1 } }
paging: { limit: 10, from: 0 }
}) {
ztnaAppConnector {
id
name
type
groupName
serialNumber
socketModel
isRegistered
location {
countryCode
cityName
timezone
}
createdAt
}
pageInfo {
total
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"ztnaAppConnector": {
"ztnaAppConnectorList": {
"ztnaAppConnector": [
{
"id": "1500000001",
"name": "DC-East-Connector-1",
"type": "PHYSICAL",
"groupName": "East-DC-Group",
"serialNumber": "X1600-ABC12345",
"socketModel": "X1600",
"isRegistered": true,
"location": {
"countryCode": "US",
"cityName": "San Francisco",
"timezone": "America/Los_Angeles"
},
"createdAt": "2025-06-15T10:30:00Z"
},
{
"id": "1500000002",
"name": "DC-East-Connector-2",
"type": "PHYSICAL",
"groupName": "East-DC-Group",
"serialNumber": "X1700-DEF67890",
"socketModel": "X1700",
"isRegistered": true,
"location": {
"countryCode": "US",
"cityName": "San Francisco",
"timezone": "America/Los_Angeles"
},
"createdAt": "2025-07-01T14:00:00Z"
}
],
"pageInfo": {"total": 2}
}
}
}
}
Description
Get ZTNA App Connectors configuration for the account
Response
Returns a ZtnaAppConnectorsConfiguration
Example
Query
query ZtnaAppConnectorsConfiguration($accountId: ID!) {
ztnaAppConnector(accountId: $accountId) {
ztnaAppConnectorsConfiguration {
privateAppsServiceRange
appConnectorManagementRange
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"ztnaAppConnector": {
"ztnaAppConnectorsConfiguration": {
"privateAppsServiceRange": "100.64.0.0/16",
"appConnectorManagementRange": "100.65.0.0/16"
}
}
}
}
Mutations
AccessPrivateApplicationMutations
Description
Create a new private application for Private Access
Response
Returns a CreatePrivateApplicationPayload
Arguments
| Name | Description |
|---|---|
input - CreatePrivateApplicationInput!
|
Example
Query
mutation CreatePrivateApplication($accountId: ID!) {
privateApplication(accountId: $accountId) {
createPrivateApplication(input: {
name: "Internal HR Portal"
description: "Internal HR management application"
internalAppAddress: "hr.internal.corp"
probingEnabled: true
published: true
allowIcmpProtocol: true
protocolPorts: [
{
protocol: TCP
port: [443, 8443]
}
]
publishedAppDomain: {
publishedAppDomain: "publish.domain.com"
connectorGroupName: "group 1"
}
}) {
application {
id
name
description
internalAppAddress
probingEnabled
published
allowIcmpProtocol
protocolPorts {
protocol
port
}
publishedAppDomain {
publishedAppDomain
connectorGroupName
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"privateApplication": {
"createPrivateApplication": {
"application": {
"id": "5001",
"name": "Internal HR Portal",
"description": "Internal HR management application",
"internalAppAddress": "hr.internal.corp",
"probingEnabled": true,
"published": false,
"allowIcmpProtocol": true,
"protocolPorts": [{"protocol": "TCP", "port": [443, 8443]}],
"publishedAppDomain": {
"publishedAppDomain": "publish.domain.com",
"connectorGroupName": "group 1"
}
}
}
}
}
}
Description
Delete a private application. This action cannot be undone.
Response
Returns a DeletePrivateApplicationPayload
Arguments
| Name | Description |
|---|---|
input - DeletePrivateApplicationInput!
|
Example
Query
mutation DeletePrivateApplication($accountId: ID!) {
privateApplication(accountId: $accountId) {
deletePrivateApplication(input: {
privateApplication: {
by: ID
input: "5001"
}
}) {
application
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"privateApplication": {"deletePrivateApplication": {"application": "5001"}}
}
}
Description
Update an existing private application's configuration
Response
Returns an UpdatePrivateApplicationPayload
Arguments
| Name | Description |
|---|---|
input - UpdatePrivateApplicationInput!
|
Example
Query
mutation UpdatePrivateApplication($accountId: ID!) {
privateApplication(accountId: $accountId) {
updatePrivateApplication(input: {
id: "5001"
name: "Updated HR Portal"
description: "Updated internal HR management application"
published: true
protocolPorts: [
{
protocol: TCP
port: [443]
}
]
privateAppProbing: {
type: "ICMP_PING"
interval: 5
faultThresholdDown: 5
}
}) {
application {
id
name
description
internalAppAddress
probingEnabled
published
allowIcmpProtocol
protocolPorts {
protocol
port
}
privateAppProbing {
type
interval
faultThresholdDown
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"privateApplication": {
"updatePrivateApplication": {
"application": {
"id": "5001",
"name": "Updated HR Portal",
"description": "Updated internal HR management application",
"internalAppAddress": "hr.internal.corp",
"probingEnabled": true,
"published": true,
"allowIcmpProtocol": true,
"protocolPorts": [{"protocol": "TCP", "port": [443]}],
"privateAppProbing": {
"type": "ICMP_PING",
"interval": 5,
"faultThresholdDown": 5
}
}
}
}
}
}
AccountManagementMutations
addAccount
Description
Add a new account
Response
Returns an AccountInfo
Arguments
| Name | Description |
|---|---|
input - AddAccountInput!
|
Example
Query
mutation addAccount($accountId:ID!, $input:AddAccountInput!) {
accountManagement(accountId: $accountId) {
addAccount(input: $input) {
description
id
name
tenancy
timeZone
type
audit {
createdBy
createdTime
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"name": "account_name",
"tenancy": "SINGLE_TENANT",
"type": "CUSTOMER",
"description": "account description",
"timezone": "Australia/ACT"
}
}
Response
{
"data": {
"accountManagement": {
"addAccount": {
"description": "account description",
"id": "456",
"name": "name",
"tenancy": "SINGLE_TENANT",
"timeZone": "Australia/ACT",
"type": "CUSTOMER",
"audit": {
"createdBy": "main@admin.com",
"createdTime": "2024-08-14T09:34:24Z"
}
}
}
}
}
disableAccount
Beta
Description
Sets the account status to "Disabled" for accounts with plan = "Trial" and status = "Active" or "Locked".
Response
Returns a DisableAccountPayload
Arguments
| Name | Description |
|---|---|
accountId - ID!
|
Example
Query
mutation disableAccount($parentAccountId:ID!, $accountId:ID!) {
accountManagement(accountId: $parentAccountId) {
disableAccount(accountId: $accountId) {
accountInfo {
description
id
name
tenancy
timeZone
type
audit {
createdBy
createdTime
}
plan
status
}
}
}
}
Variables
{"parentAccountId": "123", "accountId": "456"}
Response
{
"data": {
"accountManagement": {
"disableAccount": {
"accountInfo": {
"description": "account description",
"id": "456",
"name": "name",
"tenancy": "SINGLE_TENANT",
"timeZone": "Australia/ACT",
"type": "CUSTOMER",
"audit": {
"createdBy": "main@admin.com",
"createdTime": "2024-08-14T09:34:24Z"
},
"plan": "TRIAL",
"status": "ACTIVE"
}
}
}
}
}
removeAccount
Description
Delete an existing account. The account status will become “Disabled”, and it will be scheduled for deletion
Response
Returns a RemoveAccountPayload
Arguments
| Name | Description |
|---|---|
accountId - ID!
|
Example
Query
mutation removeAccount($parentAccountId:ID!, $accountId:ID!) {
accountManagement(accountId: $parentAccountId) {
removeAccount(accountId: $accountId) {
accountInfo {
description
id
name
tenancy
timeZone
type
audit {
createdBy
createdTime
}
}
}
}
}
Variables
{"parentAccountId": "123", "accountId": "456"}
Response
{
"data": {
"accountManagement": {
"removeAccount": {
"accountInfo": {
"description": "account description",
"id": "456",
"name": "name",
"tenancy": "SINGLE_TENANT",
"timeZone": "Australia/ACT",
"type": "CUSTOMER",
"audit": {
"createdBy": "main@admin.com",
"createdTime": "2024-08-14T09:34:24Z"
}
}
}
}
}
}
updateAccount
Description
Update existing account attributes
Response
Returns an AccountInfo
Arguments
| Name | Description |
|---|---|
input - UpdateAccountInput!
|
Example
Query
mutation updateAccount($accountId:ID!, $input:UpdateAccountInput!) {
accountManagement(accountId: $accountId) {
updateAccount(input: $input) {
description
id
name
tenancy
timeZone
type
audit {
createdBy
createdTime
}
}
}
}
Variables
{"accountId": "456", "input": {"description": "new account description"}}
Response
{
"data": {
"accountManagement": {
"updateAccount": {
"description": "account description",
"id": "456",
"name": "name",
"tenancy": "SINGLE_TENANT",
"timeZone": "Australia/ACT",
"type": "CUSTOMER",
"audit": {
"createdBy": "main@admin.com",
"createdTime": "2024-08-14T09:34:24Z"
}
}
}
}
}
AdminMutations
addAdmin
Response
Returns an AddAdminPayload
Arguments
| Name | Description |
|---|---|
input - AddAdminInput!
|
Example
Query
mutation addAdmin($accountId:ID!, $input: AddAdminInput!) {
admin(accountId:$accountId) {
addAdmin(input:$input) {
adminID
}
}
}
Variables
{
"accountId": "123",
"input": {
"firstName": "Name",
"lastName": "Surname",
"email": "name.surname@company.org",
"passwordNeverExpires": false,
"mfaEnabled": true,
"managedRoles": [{"role": {"id": 2, "name": "Viewer"}}]
}
}
Response
{"data": {"admin": {"addAdmin": {"adminID": "456"}}}}
addServicePrincipalAdmin
Response
Returns an AddServicePrincipalAdminPayload
Arguments
| Name | Description |
|---|---|
input - AddServicePrincipalAdminInput!
|
Example
Query
mutation addServicePrincipalAdmin($accountId:ID!, $input: AddServicePrincipalAdminInput!) {
admin(accountId:$accountId) {
addServicePrincipalAdmin(input:$input) {
adminID
}
}
}
Variables
{
"accountId": "123",
"input": {
"name": "Service Principal",
"email": "service.principal@company.org",
"managedRoles": [{"role": {"id": 2, "name": "Viewer"}}]
}
}
Response
{"data": {"admin": {"addServicePrincipalAdmin": {"adminID": "456"}}}}
removeAdmin
Response
Returns a RemoveAdminPayload
Arguments
| Name | Description |
|---|---|
adminID - ID!
|
Example
Query
mutation removeAdmin($accountId:ID!, $adminID:ID!){
admin(accountId:$accountId) {
removeAdmin(adminID:$adminID) {
adminID
}
}
}
Variables
{"accountId": "123", "adminID": "456"}
Response
{"data": {"admin": {"removeAdmin": {"adminID": "456"}}}}
removeServicePrincipalAdmin
Response
Returns a RemoveServicePrincipalAdminPayload
Arguments
| Name | Description |
|---|---|
adminID - ID!
|
Example
Query
mutation removeServicePrincipalAdmin($accountId:ID!, $adminID:ID!){
admin(accountId:$accountId) {
removeServicePrincipalAdmin(adminID:$adminID) {
adminID
}
}
}
Variables
{"accountId": "123", "adminID": "456"}
Response
{"data": {"admin": {"removeServicePrincipalAdmin": {"adminID": "456"}}}}
updateAdmin
Response
Returns an UpdateAdminPayload
Arguments
| Name | Description |
|---|---|
adminID - ID!
|
|
input - UpdateAdminInput!
|
Example
Query
mutation updateAdmin($accountId:ID!, $adminID:ID!, $input: UpdateAdminInput!){
admin(accountId:$accountId) {
updateAdmin(adminID:$adminID,input:$input) {
adminID
}
}
}
Variables
{
"accountId": "123",
"adminID": "456",
"input": {
"managedRoles": [
{"role": {"id": 1, "name": "Editor"}},
{"role": {"id": 2, "name": "Viewer"}}
]
}
}
Response
{"data": {"admin": {"updateAdmin": {"adminID": "456"}}}}
updateServicePrincipalAdmin
Response
Returns an UpdateServicePrincipalAdminPayload
Arguments
| Name | Description |
|---|---|
adminID - ID!
|
|
input - UpdateServicePrincipalAdminInput!
|
Example
Query
mutation updateServicePrincipalAdmin($accountId:ID!, $adminID:ID!, $input: UpdateServicePrincipalAdminInput!){
admin(accountId:$accountId) {
updateServicePrincipalAdmin(adminID:$adminID,input:$input) {
adminID
}
}
}
Variables
{
"accountId": "123",
"adminID": "456",
"input": {
"name": "Service Principal (renamed)",
"managedRoles": [{"role": {"id": 1, "name": "Editor"}}]
}
}
Response
{"data": {"admin": {"updateServicePrincipalAdmin": {"adminID": "456"}}}}
AntiMalwareFileHashPolicyMutations
addRule
Beta
Response
Returns an AntiMalwareFileHashRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - AntiMalwareFileHashAddRuleInput!
|
Example
Query
mutation AddRule($accountId: ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
addRule(input: {
rule: {
enabled: true
name: "Block Malicious File"
description: "Block file with known malicious hash."
fileName: "malware.exe"
expirationDate: "2025-12-31T23:59:59Z"
action: BLOCK
sha256: "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
},
at: {
position: LAST_IN_POLICY
}
}) {
status
rule {
rule {
id
name
description
enabled
fileName
expirationDate
action
sha256
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"antiMalwareFileHash": {
"addRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "example-id",
"name": "Block Malicious File",
"description": "Block file with known malicious hash.",
"enabled": true,
"fileName": "malware.exe",
"expirationDate": "2025-12-31T23:59:59Z",
"action": "BLOCK",
"sha256": "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
}
}
}
}
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddSection($accountId: ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
addSection(input: {
section: {
name: "New section"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"antiMalwareFileHash": {
"addSection": {
"section": {"section": {"id": "section-id", "name": "New section"}},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns an AntiMalwareFileHashPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreatePolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
createPolicyRevision(input: {
name: "Test Revision"
description: "Test working with multiple revisions"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"antiMalwareFileHash": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Test working with multiple revisions",
"name": "Test Revision",
"id": "revision-id",
"createdTime": "2025-08-27T12:00:00Z",
"updatedTime": "2025-08-27T12:00:00Z"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns an AntiMalwareFileHashPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardPolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"antiMalwareFileHash": {"discardPolicyRevision": {"status": "FAILURE"}}
}
}
}
moveRule
Beta
Response
Returns an AntiMalwareFileHashRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveRule($accountId: ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
moveRule(input: {
id: "rule-id"
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
index
id
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"antiMalwareFileHash": {
"moveRule": {
"status": "SUCCESS",
"rule": {"rule": {"index": 1, "id": "rule-id"}}
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId:ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
moveSection(input: {
id: "section-id"
to: {
position: LAST_IN_POLICY
}
}) {
status
errors {
errorMessage
errorCode
}
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"antiMalwareFileHash": {
"moveSection": {
"status": "SUCCESS",
"errors": [],
"section": {
"properties": [],
"section": {"id": "section-id", "name": "Section Name"}
}
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns an AntiMalwareFileHashPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation PublishPolicy($accountId:ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
publishPolicyRevision(input: {
name: "Ticket #1234"
description : "Block malicious file hashes"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"antiMalwareFileHash": {"publishPolicyRevision": {"status": "SUCCESS"}}
}
}
}
removeRule
Beta
Response
Returns an AntiMalwareFileHashRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - AntiMalwareFileHashRemoveRuleInput!
|
Example
Query
mutation RemoveRule($accountId: ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
removeRule(input: {
id: "example-id"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"antiMalwareFileHash": {"removeRule": {"status": "SUCCESS"}}}
}
}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveSection($accountId: ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
removeSection(input: {
id: "section-id"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"antiMalwareFileHash": {"removeSection": {"status": "SUCCESS"}}}
}
}
updatePolicy
Beta
Response
Returns an AntiMalwareFileHashPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - AntiMalwareFileHashPolicyUpdateInput!
|
Example
Query
mutation UpdatePolicyState($accountId: ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
updatePolicy(input: {
state: DISABLED
}){
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"antiMalwareFileHash": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Response
Returns an AntiMalwareFileHashRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - AntiMalwareFileHashUpdateRuleInput!
|
Example
Query
mutation UpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
updateRule(input: {
id: "example-id"
rule: {
name: "Updated File Hash Rule"
fileName: "updated-malware.exe"
expirationDate: "2026-01-01T00:00:00Z"
action: BYPASS
sha256: "abcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcd"
}
}) {
status
rule {
rule {
id
name
fileName
expirationDate
action
sha256
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"antiMalwareFileHash": {
"updateRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "example-id",
"name": "Updated File Hash Rule",
"fileName": "updated-malware.exe",
"expirationDate": "2026-01-01T00:00:00Z",
"action": "BYPASS",
"sha256": "abcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdefabcd"
}
}
}
}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
antiMalwareFileHash {
updateSection(input: {
id: "section-id"
section: {
name: "Updated section name"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"antiMalwareFileHash": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {"id": "section-id", "name": "Updated section name"}
}
}
}
}
}
}
AppTenantRestrictionPolicyMutations
addRule
Beta
Response
Returns an AppTenantRestrictionRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - AppTenantRestrictionAddRuleInput!
|
Example
Query
mutation AddRule($accountId: ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
addRule(input: {
rule: {
enabled: true
name: "Example Rule"
description: "Example description"
severity: MEDIUM
action: INJECT_HEADERS
application: {
input:"hibob"
by: ID
}
source: {
ip: ["192.0.2.1", "198.51.100.1"]
subnet: ["10.0.0.0/24"]
}
headers: [{
name: "headerName"
value: "headerValue"
}]
},
at: {
position: LAST_IN_POLICY
}
}) {
status
rule {
rule {
id
name
description
enabled
source {
ip
subnet
}
action
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"appTenantRestriction": {
"addRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "58dc4161-77bb-4866-a2c8-3eed554158f7",
"name": "Example Rule",
"description": "Example description",
"enabled": true,
"source": {
"ip": ["192.0.2.1", "198.51.100.1"],
"subnet": ["10.0.0.0/24"]
},
"action": "INJECT_HEADERS"
}
}
}
}
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddSection($accountId: ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
addSection(input: {
section: {
name: "New section"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"appTenantRestriction": {
"addSection": {
"section": {
"section": {
"id": "6d468052-8680-4c54-8316-58793ad30d1e",
"name": "New section"
}
},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns an AppTenantRestrictionPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreatePolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
createPolicyRevision(input: {
name: "Test Revision"
description: "Test working with multiple revisions"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"appTenantRestriction": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Test working with multiple revisions",
"name": "Test Revision",
"id": "276f34f3-197d-41ec-8d3d-de34bc703da9",
"createdTime": "2024-12-15T13:25:34.774",
"updatedTime": "2024-12-15T13:25:34.774"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns an AppTenantRestrictionPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardPolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"appTenantRestriction": {"discardPolicyRevision": {"status": "FAILURE"}}
}
}
}
moveRule
Beta
Response
Returns an AppTenantRestrictionRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveRule($accountId: ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
moveRule(input: {
id: "58dc4161-77bb-4866-a2c8-3eed554158f7"
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
index
id
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"appTenantRestriction": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {"index": 1, "id": "58dc4161-77bb-4866-a2c8-3eed554158f7"}
}
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId:ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
moveSection(input: {
id: "0f61ccb5-1912-4bc0-ade6-06fc684b561f"
to: {
position: LAST_IN_POLICY
}
}) {
status
errors {
errorMessage
errorCode
}
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"appTenantRestriction": {
"moveSection": {
"status": "SUCCESS",
"errors": [],
"section": {
"properties": ["MOVED"],
"section": {
"id": "0f61ccb5-1912-4bc0-ade6-06fc684b561f",
"name": "Section 1"
}
}
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns an AppTenantRestrictionPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation PublishPolicy($accountId:ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
publishPolicyRevision(input: {
name: "Ticket #1234"
description : "Allow HR access to social websites"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"appTenantRestriction": {"publishPolicyRevision": {"status": "SUCCESS"}}
}
}
}
removeRule
Beta
Response
Returns an AppTenantRestrictionRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - AppTenantRestrictionRemoveRuleInput!
|
Example
Query
mutation RemoveRule($accountId:ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
removeRule(input: {
id: "58dc4161-77bb-4866-a2c8-3eed554158f7"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"appTenantRestriction": {"removeRule": {"status": "SUCCESS"}}}
}
}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveSection($accountId: ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
removeSection(input: {
id: "6d468052-8680-4c54-8316-58793ad30d1e"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"appTenantRestriction": {"removeSection": {"status": "SUCCESS"}}}
}
}
updatePolicy
Beta
Response
Returns an AppTenantRestrictionPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - AppTenantRestrictionPolicyUpdateInput!
|
Example
Query
mutation UpdatePolicyState($accountId: ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
updatePolicy(input: {
state: DISABLED
}){
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"appTenantRestriction": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Response
Returns an AppTenantRestrictionRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - AppTenantRestrictionUpdateRuleInput!
|
Example
Query
mutation UpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
updateRule(input: {
id: "58dc4161-77bb-4866-a2c8-3eed554158f7"
rule: {
name: "Updated rule name"
source: {
ip: ["192.0.2.2"]
}
}
}) {
status
rule {
rule {
id
name
description
source {
ip
subnet
}
action
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"appTenantRestriction": {
"updateRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "58dc4161-77bb-4866-a2c8-3eed554158f7",
"name": "Updated rule name",
"description": "Example description",
"source": {"ip": ["192.0.2.2"], "subnet": ["10.0.0.0/24"]},
"action": "INJECT_HEADERS"
}
}
}
}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
appTenantRestriction {
updateSection(input: {
id: "6d468052-8680-4c54-8316-58793ad30d1e"
section: {
name: "Updated section name"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"appTenantRestriction": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "6d468052-8680-4c54-8316-58793ad30d1e",
"name": "New section"
}
}
}
}
}
}
}
ApplicationControlPolicyMutations
addRule
Beta
Response
Returns an ApplicationControlRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - ApplicationControlAddRuleInput!
|
Example
Query
mutation AddRule($accountId: ID!) {
policy(accountId: $accountId) {
applicationControl {
addRule(input: {
rule: {
enabled: true
name: "Example Rule"
description: "Example description"
ruleType: APPLICATION
applicationRule: {
application: {
application: {
input:"hibob"
by: ID
}
}
}
},
at: {
position: LAST_IN_POLICY
}
}) {
status
errors {
errorCode
errorMessage
}
rule {
properties
audit {
updatedTime
updatedBy
}
rule {
id
name
description
enabled
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"applicationControl": {
"addRule": {
"status": "SUCCESS",
"errors": [],
"rule": {
"properties": ["ADDED"],
"audit": {
"updatedTime": "2025-09-14T08:09:19.776",
"updatedBy": "kfir.dadosh@catonetworks.com"
},
"rule": {
"id": "b2b8784e-359c-428e-878b-de53d8730998",
"name": "Example Rule",
"description": "Example description",
"enabled": true
}
}
}
}
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddSection($accountId: ID!) {
policy(accountId: $accountId) {
applicationControl {
addSection(input: {
section: {
name: "New section"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"applicationControl": {
"addSection": {
"section": {
"section": {
"id": "ba6e65bb-bdd6-432e-9c73-56ceeef599d6",
"name": "New section"
}
},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns an ApplicationControlPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreatePolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
applicationControl {
createPolicyRevision(input: {
name: "Test Revision"
description: "Test working with multiple revisions"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"applicationControl": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Test working with multiple revisions",
"name": "Test Revision",
"id": "6f89b7da-c5fb-44b3-b101-3b541dc20c08",
"createdTime": "2025-09-14T08:09:36.612",
"updatedTime": "2025-09-14T08:09:36.612"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns an ApplicationControlPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardPolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
applicationControl {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"applicationControl": {"discardPolicyRevision": {"status": "FAILURE"}}
}
}
}
moveRule
Beta
Response
Returns an ApplicationControlRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveRule($accountId: ID!) {
policy(accountId: $accountId) {
applicationControl {
moveRule(input: {
id: "b2b8784e-359c-428e-878b-de53d8730998"
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
index
id
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"applicationControl": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {"index": 1, "id": "b2b8784e-359c-428e-878b-de53d8730998"}
}
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId:ID!) {
policy(accountId: $accountId) {
applicationControl {
moveSection(input: {
id: "0f61ccb5-1912-4bc0-ade6-06fc684b561f"
to: {
position: LAST_IN_POLICY
}
}) {
status
errors {
errorMessage
errorCode
}
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"applicationControl": {
"moveSection": {
"status": "FAILURE",
"errors": [
{
"errorMessage": "Section does not exist",
"errorCode": "sectionNotExist"
}
],
"section": null
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns an ApplicationControlPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation PublishPolicy($accountId:ID!) {
policy(accountId: $accountId) {
applicationControl {
publishPolicyRevision(input: {
name: "Ticket #1234"
description : "Allow HR access to social websites"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"applicationControl": {"publishPolicyRevision": {"status": "SUCCESS"}}
}
}
}
removeRule
Beta
Response
Returns an ApplicationControlRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - ApplicationControlRemoveRuleInput!
|
Example
Query
mutation RemoveRule($accountId:ID!) {
policy(accountId: $accountId) {
applicationControl {
removeRule(input: {
id: "b2b8784e-359c-428e-878b-de53d8730998"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {"applicationControl": {"removeRule": {"status": "SUCCESS"}}}
}
}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveSection($accountId: ID!) {
policy(accountId: $accountId) {
applicationControl {
removeSection(input: {
id: "ba6e65bb-bdd6-432e-9c73-56ceeef599d6"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {"applicationControl": {"removeSection": {"status": "SUCCESS"}}}
}
}
updatePolicy
Beta
Response
Returns an ApplicationControlPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - ApplicationControlPolicyUpdateInput!
|
Example
Query
mutation UpdatePolicyState($accountId: ID!) {
policy(accountId: $accountId) {
applicationControl {
updatePolicy(input: {
state: DISABLED
}){
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"applicationControl": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Response
Returns an ApplicationControlRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - ApplicationControlUpdateRuleInput!
|
Example
Query
mutation UpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
applicationControl {
updateRule(input: {
id: "b2b8784e-359c-428e-878b-de53d8730998"
rule: {
name: "Updated rule name"
}
}) {
status
rule {
rule {
id
name
description
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"applicationControl": {
"updateRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "b2b8784e-359c-428e-878b-de53d8730998",
"name": "Updated rule name",
"description": "Example description"
}
}
}
}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
applicationControl {
updateSection(input: {
id: "ba6e65bb-bdd6-432e-9c73-56ceeef599d6"
section: {
name: "Updated section name"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"applicationControl": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "ba6e65bb-bdd6-432e-9c73-56ceeef599d6",
"name": "New section"
}
}
}
}
}
}
}
ClientConnectivityPolicyMutations
addRule
Beta
Response
Returns a ClientConnectivityRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - ClientConnectivityAddRuleInput!
|
Example
Query
mutation AddRule($accountId: ID!) {
policy(accountId: $accountId) {
clientConnectivity {
addRule(input: {
at: {
position: LAST_IN_POLICY
}
rule: {
enabled:true
name: "Example Rule"
description: "Example Description"
source: {}
platform: [MACOS]
device: []
country: [
{
by: ID
input: "US"
}
]
confidenceLevel: HIGH
connectionOrigin: [REMOTE]
sourceRange: []
action: ALLOW_INTERNET
}
}) {
status
errors {
errorCode
errorMessage
}
rule {
rule {
id
name
description
enabled
platform
country {
id
name
}
confidenceLevel
connectionOrigin
action
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"clientConnectivity": {
"addRule": {
"status": "SUCCESS",
"errors": [],
"rule": {
"rule": {
"id": "90c3207e-6aed-400f-8f7e-48abdf973ed9",
"name": "Example Rule",
"description": "Example Description",
"enabled": true,
"platform": ["MACOS"],
"country": [{"id": "US", "name": "United States"}],
"confidenceLevel": "HIGH",
"connectionOrigin": ["REMOTE"],
"action": "ALLOW_INTERNET"
}
}
}
}
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddSection($accountId: ID!) {
policy(accountId: $accountId) {
clientConnectivity {
addSection(input: {
section: {
name: "New section"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"clientConnectivity": {
"addSection": {
"section": {
"section": {
"id": "6cad9bd7-9c7a-462b-91b4-1ce781788a74",
"name": "New section"
}
},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns a ClientConnectivityPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreatePolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
clientConnectivity {
createPolicyRevision(input: {
name: "Test Revision"
description: "Test working with multiple revisions"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"clientConnectivity": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Test working with multiple revisions",
"name": "Test Revision",
"id": "8a16c79a-3946-47e8-ad68-1b8cb03bb32d",
"createdTime": "2025-11-24T08:36:25.528",
"updatedTime": "2025-11-24T08:36:25.528"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns a ClientConnectivityPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardPolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
clientConnectivity {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"clientConnectivity": {"discardPolicyRevision": {"status": "FAILURE"}}
}
}
}
moveRule
Beta
Response
Returns a ClientConnectivityRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveRule($accountId: ID!) {
policy(accountId: $accountId) {
clientConnectivity {
moveRule(input: {
id: "9ed03ea7-6c46-43b4-8edf-5e1f0a8897da"
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
index
id
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"clientConnectivity": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {"index": 1, "id": "9ed03ea7-6c46-43b4-8edf-5e1f0a8897da"}
}
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId:ID!) {
policy(accountId: $accountId) {
clientConnectivity {
moveSection(input: {
id: "6cad9bd7-9c7a-462b-91b4-1ce781788a74"
to: {
position: LAST_IN_POLICY
}
}) {
status
errors {
errorMessage
errorCode
}
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"clientConnectivity": {
"moveSection": {
"status": "SUCCESS",
"errors": [],
"section": {
"properties": ["MOVED"],
"section": {
"id": "6cad9bd7-9c7a-462b-91b4-1ce781788a74",
"name": "New section"
}
}
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns a ClientConnectivityPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation PublishPolicy($accountId:ID!) {
policy(accountId: $accountId) {
clientConnectivity {
publishPolicyRevision(input: {
name: "Ticket #1234"
description : "Allow HR access to social websites"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"clientConnectivity": {"publishPolicyRevision": {"status": "SUCCESS"}}
}
}
}
removeRule
Beta
Response
Returns a ClientConnectivityRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - ClientConnectivityRemoveRuleInput!
|
Example
Query
mutation RemoveRule($accountId:ID!) {
policy(accountId: $accountId) {
clientConnectivity {
removeRule(input: {
id: "90c3207e-6aed-400f-8f7e-48abdf973ed9"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {"clientConnectivity": {"removeRule": {"status": "SUCCESS"}}}
}
}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveSection($accountId: ID!) {
policy(accountId: $accountId) {
clientConnectivity {
removeSection(input: {
id: "6cad9bd7-9c7a-462b-91b4-1ce781788a74"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {"clientConnectivity": {"removeSection": {"status": "SUCCESS"}}}
}
}
updatePolicy
Beta
Response
Returns a ClientConnectivityPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - ClientConnectivityPolicyUpdateInput!
|
Example
Query
mutation UpdatePolicyState($accountId: ID!) {
policy(accountId: $accountId) {
clientConnectivity {
updatePolicy(input: {
state: DISABLED
}){
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"clientConnectivity": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Response
Returns a ClientConnectivityRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - ClientConnectivityUpdateRuleInput!
|
Example
Query
mutation UpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
clientConnectivity {
updateRule(input: {
id: "9ed03ea7-6c46-43b4-8edf-5e1f0a8897da"
rule: {
name: "Updated rule name"
platform: [MACOS]
}
}) {
status
rule {
rule {
id
name
description
platform
action
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"clientConnectivity": {
"updateRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "9ed03ea7-6c46-43b4-8edf-5e1f0a8897da",
"name": "Updated rule name",
"description": "",
"platform": ["MACOS"],
"action": "ALLOW"
}
}
}
}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
clientConnectivity {
updateSection(input: {
id: "6cad9bd7-9c7a-462b-91b4-1ce781788a74"
section: {
name: "Updated section name"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"clientConnectivity": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "6cad9bd7-9c7a-462b-91b4-1ce781788a74",
"name": "New section"
}
}
}
}
}
}
}
ContainerMutations
delete
Beta
Response
Returns a DeleteContainerPayload!
Arguments
| Name | Description |
|---|---|
input - DeleteContainerInput!
|
Example
Query
mutation removeValuesFqdnContainer($accountId:ID!, $input:DeleteContainerInput!) {
container(accountId: $accountId) {
delete(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {"ref": {"by": "NAME", "input": "Some Container"}}
}
Response
{
"data": {
"container": {
"delete": {
"container": {
"__typename": "FqdnContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
FqdnContainerMutations
addValues
Beta
Response
Returns a FqdnContainerAddValuesPayload!
Arguments
| Name | Description |
|---|---|
input - FqdnContainerAddValuesInput!
|
Example
Query
mutation addValuesToFqdnContainer($accountId:ID!, $input:FqdnContainerAddValuesInput!) {
container(accountId: $accountId) {
fqdn {
addValues(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"ref": {"by": "NAME", "input": "Some Container"},
"values": ["google.com", "amazon.com"]
}
}
Response
{
"data": {
"container": {
"fqdn": {
"addValues": {
"container": {
"__typename": "FqdnContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
createFromFile
Beta
Response
Returns a CreateFqdnContainerFromFilePayload!
Arguments
| Name | Description |
|---|---|
input - CreateFqdnContainerFromFileInput!
|
Example
Query
mutation createFqdnContainerFromFile($accountId:ID!, $input:CreateFqdnContainerFromFileInput!) {
container(accountId: $accountId) {
fqdn {
createFromFile(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"name": "Some Container",
"description": "Description of some container",
"uploadFile": "A multipart file containing data"
}
}
Response
{
"data": {
"container": {
"fqdn": {
"createFromFile": {
"container": {
"__typename": "FqdnContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
createFromList
Beta
Response
Returns a CreateFqdnContainerFromListPayload!
Arguments
| Name | Description |
|---|---|
input - CreateFqdnContainerFromListInput!
|
Example
Query
mutation createFqdnContainerFromListInput($accountId:ID!, $input:CreateFqdnContainerFromListInput!) {
container(accountId: $accountId) {
fqdn {
createFromList(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"name": "Some Container",
"description": "Description of some container",
"values": ["www.example.com"]
}
}
Response
{
"data": {
"container": {
"fqdn": {
"createFromList": {
"container": {
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
createFromURL
Beta
Response
Returns a CreateFqdnContainerFromUrlPayload!
Arguments
| Name | Description |
|---|---|
input - CreateFqdnContainerFromUrlInput!
|
Example
Query
mutation createFqdnContainerFromURL($accountId:ID!, $input:CreateFqdnContainerFromUrlInput!) {
container(accountId: $accountId) {
fqdn {
createFromURL(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
syncData {
fileType
url
timeInterval
timeUnit
notifications {
subscriptionGroup {
id
name
}
webhook {
id
name
}
mailingList {
id
name
}
}
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"name": "FQDN Container from URL",
"description": "Container synced from external URL",
"fileType": "CSV",
"syncData": {
"url": "https://example.com/fqdns.csv",
"timeInterval": 24,
"timeUnit": "HOUR",
"notifications": {
"subscriptionGroup": [],
"webhook": [],
"mailingList": [{"by": "NAME", "input": "All Admins"}]
}
}
}
}
Response
{
"data": {
"container": {
"fqdn": {
"createFromURL": {
"container": {
"__typename": "FqdnContainer",
"id": "1234567890",
"name": "FQDN Container from URL",
"description": "Container synced from external URL",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
},
"syncData": {
"fileType": "CSV",
"url": "https://example.com/fqdns.csv",
"timeInterval": 24,
"timeUnit": "HOUR",
"notifications": {
"subscriptionGroup": [],
"webhook": [],
"mailingList": [{"id": "-100", "name": "All Admins"}]
}
}
}
}
}
}
}
}
removeValues
Beta
Response
Returns a FqdnContainerRemoveValuesPayload!
Arguments
| Name | Description |
|---|---|
input - FqdnContainerRemoveValuesInput!
|
Example
Query
mutation removeValuesToFqdnContainer($accountId:ID!, $input:FqdnContainerRemoveValuesInput!) {
container(accountId: $accountId) {
fqdn {
removeValues(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"ref": {"by": "NAME", "input": "Some Container"},
"values": ["google.com", "amazon.com"]
}
}
Response
{
"data": {
"container": {
"fqdn": {
"removeValues": {
"container": {
"__typename": "FqdnContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
syncFromURL
Beta
Response
Returns a SyncFqdnContainerFromUrlPayload!
Arguments
| Name | Description |
|---|---|
input - SyncFqdnContainerFromUrlInput!
|
Example
Query
mutation syncFqdnContainerFromURL($accountId:ID!, $input:SyncFqdnContainerFromUrlInput!) {
container(accountId: $accountId) {
fqdn {
syncFromURL(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
syncData {
fileType
url
timeInterval
timeUnit
notifications {
subscriptionGroup {
id
name
}
webhook {
id
name
}
mailingList {
id
name
}
}
}
syncDataAudit {
lastSynced
lastSyncAttempt
errorMsg
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {"ref": {"by": "NAME", "input": "FQDN Container from URL"}}
}
Response
{
"data": {
"container": {
"fqdn": {
"syncFromURL": {
"container": {
"__typename": "FqdnContainer",
"id": "1234567890",
"name": "FQDN Container from URL",
"description": "Container synced from external URL",
"size": 150,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T16:00:00Z"
},
"syncData": {
"fileType": "CSV",
"url": "https://example.com/fqdns.csv",
"timeInterval": 24,
"timeUnit": "HOUR",
"notifications": {
"subscriptionGroup": [],
"webhook": [],
"mailingList": []
}
},
"syncDataAudit": {
"lastSynced": "2024-09-18T16:00:00Z",
"lastSyncAttempt": "2024-09-18T16:00:00Z",
"errorMsg": null
}
}
}
}
}
}
}
updateFromFile
Beta
Response
Returns an UpdateFqdnContainerFromFilePayload!
Arguments
| Name | Description |
|---|---|
input - UpdateFqdnContainerFromFileInput!
|
Example
Query
mutation updateFqdnContainerFromFile($accountId:ID!, $input:UpdateFqdnContainerFromFileInput!) {
container(accountId: $accountId) {
fqdn {
updateFromFile(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"ref": {"by": "NAME", "input": "Some Container"},
"description": "Description of some container",
"uploadFile": null
}
}
Response
{
"data": {
"container": {
"fqdn": {
"updateFromFile": {
"container": {
"__typename": "FqdnContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
updateFromList
Beta
Response
Returns an UpdateFqdnContainerFromListPayload!
Arguments
| Name | Description |
|---|---|
input - UpdateFqdnContainerFromListInput!
|
Example
Query
mutation updateFqdnContainerFromListInput($accountId:ID!, $input:UpdateFqdnContainerFromListInput!) {
container(accountId: $accountId) {
fqdn {
updateFromList(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"ref": {"by": "NAME", "input": "Some Container"},
"description": "Description of some container",
"values": ["www.example.com"]
}
}
Response
{
"data": {
"container": {
"fqdn": {
"updateFromList": {
"container": {
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
updateFromURL
Beta
Response
Returns an UpdateFqdnContainerFromUrlPayload!
Arguments
| Name | Description |
|---|---|
input - UpdateFqdnContainerFromUrlInput!
|
Example
Query
mutation updateFqdnContainerFromURL($accountId:ID!, $input:UpdateFqdnContainerFromUrlInput!) {
container(accountId: $accountId) {
fqdn {
updateFromURL(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
syncData {
fileType
url
timeInterval
timeUnit
notifications {
subscriptionGroup {
id
name
}
webhook {
id
name
}
mailingList {
id
name
}
}
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"ref": {"by": "NAME", "input": "FQDN Container from URL"},
"description": "Updated description for container synced from URL",
"fileType": "CSV",
"syncData": {
"url": "https://example.com/fqdns-updated.csv",
"timeInterval": 12,
"timeUnit": "HOUR",
"notifications": {
"subscriptionGroup": [],
"webhook": [],
"mailingList": []
}
}
}
}
Response
{
"data": {
"container": {
"fqdn": {
"updateFromURL": {
"container": {
"__typename": "FqdnContainer",
"id": "1234567890",
"name": "FQDN Container from URL",
"description": "Updated description for container synced from URL",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T15:45:00Z"
},
"syncData": {
"fileType": "CSV",
"url": "https://example.com/fqdns-updated.csv",
"timeInterval": 12,
"timeUnit": "HOUR",
"notifications": {
"subscriptionGroup": [],
"webhook": [],
"mailingList": []
}
}
}
}
}
}
}
}
IpAddressRangeContainerMutations
addValues
Beta
Response
Returns an IpAddressRangeContainerAddValuesPayload!
Arguments
| Name | Description |
|---|---|
input - IpAddressRangeContainerAddValuesInput!
|
Example
Query
mutation addValuesToIpAddressRangeContainer($accountId:ID!, $input:IpAddressRangeContainerAddValuesInput!) {
container(accountId: $accountId) {
ipAddressRange {
addValues(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"ref": {"by": "NAME", "input": "Some Container"},
"values": [
{"from": "190.20.24.36", "to": "190.20.24.236"},
{"from": "190.30.24.36", "to": "190.30.24.236"}
]
}
}
Response
{
"data": {
"container": {
"ipAddressRange": {
"addValues": {
"container": {
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
createFromFile
Beta
Response
Arguments
| Name | Description |
|---|---|
input - CreateIpAddressRangeContainerFromFileInput!
|
Example
Query
mutation createIpAddressRangeContainerFromFile($accountId:ID!, $input:CreateIpAddressRangeContainerFromFileInput!) {
container(accountId: $accountId) {
ipAddressRange {
createFromFile(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"name": "Some Container",
"description": "Description of some container",
"uploadFile": "A multipart file containing data"
}
}
Response
{
"data": {
"container": {
"ipAddressRange": {
"createFromFile": {
"container": {
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
createFromList
Beta
Response
Arguments
| Name | Description |
|---|---|
input - CreateIpAddressRangeContainerFromListInput!
|
Example
Query
mutation createIpAddressRangeContainerFromList($accountId:ID!, $input:CreateIpAddressRangeContainerFromListInput!) {
container(accountId: $accountId) {
ipAddressRange {
createFromList(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"name": "Some Container",
"description": "Description of some container",
"values": [{"from": "1.2.3.4", "to": "2.3.4.5"}]
}
}
Response
{
"data": {
"container": {
"ipAddressRange": {
"createFromList": {
"container": {
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
createFromURL
Beta
Response
Arguments
| Name | Description |
|---|---|
input - CreateIpAddressRangeContainerFromUrlInput!
|
Example
Query
mutation createIpAddressRangeContainerFromURL($accountId:ID!, $input:CreateIpAddressRangeContainerFromUrlInput!) {
container(accountId: $accountId) {
ipAddressRange {
createFromURL(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
syncData {
fileType
url
timeInterval
timeUnit
notifications {
subscriptionGroup {
id
name
}
webhook {
id
name
}
mailingList {
id
name
}
}
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"name": "IP Range Container from URL",
"description": "Container synced from external URL",
"fileType": "CSV",
"syncData": {
"url": "https://example.com/ip-ranges.csv",
"timeInterval": 24,
"timeUnit": "HOUR",
"notifications": {
"subscriptionGroup": [],
"webhook": [],
"mailingList": [{"by": "NAME", "input": "All Admins"}]
}
}
}
}
Response
{
"data": {
"container": {
"ipAddressRange": {
"createFromURL": {
"container": {
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "IP Range Container from URL",
"description": "Container synced from external URL",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
},
"syncData": {
"fileType": "CSV",
"url": "https://example.com/ip-ranges.csv",
"timeInterval": 24,
"timeUnit": "HOUR",
"notifications": {
"subscriptionGroup": [],
"webhook": [],
"mailingList": [{"id": "-100", "name": "All Admins"}]
}
}
}
}
}
}
}
}
removeValues
Beta
Response
Returns an IpAddressRangeContainerRemoveValuesPayload!
Arguments
| Name | Description |
|---|---|
input - IpAddressRangeContainerRemoveValuesInput!
|
Example
Query
mutation removeValuesToIpAddressRangeContainer($accountId:ID!, $input:IpAddressRangeContainerRemoveValuesInput!) {
container(accountId: $accountId) {
ipAddressRange {
removeValues(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"ref": {"by": "NAME", "input": "Some Container"},
"values": [
{"from": "190.20.24.36", "to": "190.20.24.236"},
{"from": "190.30.24.36", "to": "190.30.24.236"}
]
}
}
Response
{
"data": {
"container": {
"ipAddressRange": {
"removeValues": {
"container": {
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
syncFromURL
Beta
Response
Arguments
| Name | Description |
|---|---|
input - SyncIpAddressRangeContainerFromUrlInput!
|
Example
Query
mutation syncIpAddressRangeContainerFromURL($accountId:ID!, $input:SyncIpAddressRangeContainerFromUrlInput!) {
container(accountId: $accountId) {
ipAddressRange {
syncFromURL(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
syncData {
fileType
url
timeInterval
timeUnit
notifications {
subscriptionGroup {
id
name
}
webhook {
id
name
}
mailingList {
id
name
}
}
}
syncDataAudit {
lastSynced
lastSyncAttempt
errorMsg
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {"ref": {"by": "NAME", "input": "IP Range Container from URL"}}
}
Response
{
"data": {
"container": {
"ipAddressRange": {
"syncFromURL": {
"container": {
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "IP Range Container from URL",
"description": "Container synced from external URL",
"size": 150,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T16:00:00Z"
},
"syncData": {
"fileType": "CSV",
"url": "https://example.com/ip-ranges.csv",
"timeInterval": 24,
"timeUnit": "HOUR",
"notifications": {
"subscriptionGroup": [],
"webhook": [],
"mailingList": []
}
},
"syncDataAudit": {
"lastSynced": "2024-09-18T16:00:00Z",
"lastSyncAttempt": "2024-09-18T16:00:00Z",
"errorMsg": null
}
}
}
}
}
}
}
updateFromFile
Beta
Response
Arguments
| Name | Description |
|---|---|
input - UpdateIpAddressRangeContainerFromFileInput!
|
Example
Query
mutation updateIpAddressRangeContainerFromFile($accountId:ID!, $input:UpdateIpAddressRangeContainerFromFileInput!) {
container(accountId: $accountId) {
ipAddressRange {
updateFromFile(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"ref": {"by": "NAME", "input": "Some Container"},
"description": "Description of some container",
"uploadFile": null
}
}
Response
{
"data": {
"container": {
"ipAddressRange": {
"updateFromFile": {
"container": {
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
updateFromList
Beta
Response
Arguments
| Name | Description |
|---|---|
input - UpdateIpAddressRangeContainerFromListInput!
|
Example
Query
mutation updateIpAddressRangeContainerFromList($accountId:ID!, $input:UpdateIpAddressRangeContainerFromListInput!) {
container(accountId: $accountId) {
ipAddressRange {
updateFromList(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"ref": {"by": "NAME", "input": "Some Container"},
"description": "Description of some container",
"values": [{"from": "1.2.3.4", "to": "2.3.4.5"}]
}
}
Response
{
"data": {
"container": {
"ipAddressRange": {
"updateFromList": {
"container": {
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "Some Container",
"description": "Description of some container",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T14:31:03Z"
}
}
}
}
}
}
}
updateFromURL
Beta
Response
Returns an UpdateIpAddressRangeContainerFromUrlPayload!
Arguments
| Name | Description |
|---|---|
input - UpdateIpAddressRangeContainerFromUrlInput!
|
Example
Query
mutation updateIpAddressRangeContainerFromURL($accountId:ID!, $input:UpdateIpAddressRangeContainerFromUrlInput!) {
container(accountId: $accountId) {
ipAddressRange {
updateFromURL(input: $input) {
container {
__typename
id
name
description
size
audit {
createdBy
createdAt
lastModifiedBy
lastModifiedAt
}
syncData {
fileType
url
timeInterval
timeUnit
notifications {
subscriptionGroup {
id
name
}
webhook {
id
name
}
mailingList {
id
name
}
}
}
}
}
}
}
}
Variables
{
"accountId": 12345,
"input": {
"ref": {"by": "NAME", "input": "IP Range Container from URL"},
"description": "Updated description for container synced from URL",
"fileType": "CSV",
"syncData": {
"url": "https://example.com/ip-ranges-updated.csv",
"timeInterval": 12,
"timeUnit": "HOUR",
"notifications": {
"subscriptionGroup": [],
"webhook": [],
"mailingList": []
}
}
}
}
Response
{
"data": {
"container": {
"ipAddressRange": {
"updateFromURL": {
"container": {
"__typename": "IpAddressRangeContainer",
"id": "1234567890",
"name": "IP Range Container from URL",
"description": "Updated description for container synced from URL",
"size": 100,
"audit": {
"createdBy": "some.admin@catonetworks.com",
"createdAt": "2024-09-18T14:31:03Z",
"lastModifiedBy": "some.admin@catonetworks.com",
"lastModifiedAt": "2024-09-18T15:45:00Z"
},
"syncData": {
"fileType": "CSV",
"url": "https://example.com/ip-ranges-updated.csv",
"timeInterval": 12,
"timeUnit": "HOUR",
"notifications": {
"subscriptionGroup": [],
"webhook": [],
"mailingList": []
}
}
}
}
}
}
}
}
CustomAppDataMutations
Response
Returns an AddCustomApplicationPayload
Arguments
| Name | Description |
|---|---|
input - AddCustomApplicationInput!
|
Example
Query
mutation ($accountId: ID!, $input: AddCustomApplicationInput!) {
customAppData(accountId: $accountId) {
addCustomApplication(input: $input) {
customApplication {
id
name
description
category {
id
name
}
criteria {
protocol
port
portRange {
from
to
}
destination {
domain
fqdn
destinationIp {
ip
subnet
ipRange {
from
to
}
}
}
}
}
}
}
}
Variables
{
"accountId": "123456",
"input": {
"name": "My Custom App",
"description": "A sample custom application",
"category": [{"by": "ID", "input": "security"}],
"criteria": [
{
"protocol": "TCP",
"port": [443],
"portRange": [{"from": 8000, "to": 8080}],
"destination": {
"domain": ["example.com"],
"fqdn": ["api.example.com"],
"destinationIp": {
"ip": ["192.168.1.1"],
"subnet": ["192.168.1.0/24"],
"ipRange": [{"from": "192.168.1.1", "to": "192.168.1.100"}]
}
}
}
]
}
}
Response
{
"data": {
"customAppData": {
"addCustomApplication": {
"customApplication": {
"id": "custom-app-id-456",
"name": "My Custom App",
"description": "A sample custom application",
"category": [{"id": "security", "name": "Security"}],
"criteria": [
{
"protocol": "TCP",
"port": [443],
"portRange": [{"from": 8000, "to": 8080}],
"destination": {
"domain": ["example.com"],
"fqdn": ["api.example.com"],
"destinationIp": {
"ip": ["192.168.1.1"],
"subnet": ["192.168.1.0/24"],
"ipRange": [{"from": "192.168.1.1", "to": "192.168.1.100"}]
}
}
}
]
}
}
}
}
}
Response
Returns a DeleteCustomApplicationPayload
Arguments
| Name | Description |
|---|---|
input - DeleteCustomApplicationInput!
|
Example
Query
mutation ($accountId: ID!, $input: DeleteCustomApplicationInput!) {
customAppData(accountId: $accountId) {
deleteCustomApplication(input: $input) {
customApplication {
id
name
}
}
}
}
Variables
{
"accountId": "123456",
"input": {"customApplication": {"by": "ID", "input": "custom-app-id-123"}}
}
Response
{
"data": {
"customAppData": {
"deleteCustomApplication": {
"customApplication": {
"id": "custom-app-id-123",
"name": "My Custom App"
}
}
}
}
}
Response
Returns an UpdateCustomApplicationPayload
Arguments
| Name | Description |
|---|---|
input - UpdateCustomApplicationInput!
|
Example
Query
mutation ($accountId: ID!, $input: UpdateCustomApplicationInput!) {
customAppData(accountId: $accountId) {
updateCustomApplication(input: $input) {
customApplication {
id
name
description
category {
id
name
}
criteria {
protocol
port
portRange {
from
to
}
destination {
domain
fqdn
destinationIp {
ip
subnet
ipRange {
from
to
}
}
}
}
}
}
}
}
Variables
{
"accountId": "123456",
"input": {
"id": "custom-app-id-123",
"name": "Updated Custom App",
"description": "Updated description",
"category": [{"by": "ID", "input": "security"}],
"criteria": [
{
"protocol": "TCP",
"port": [443, 8443],
"portRange": [],
"destination": {
"domain": ["updated-example.com"],
"fqdn": ["api.updated-example.com"]
}
}
]
}
}
Response
{
"data": {
"customAppData": {
"updateCustomApplication": {
"customApplication": {
"id": "custom-app-id-123",
"name": "Updated Custom App",
"description": "Updated description",
"category": [{"id": "security", "name": "Security"}],
"criteria": [
{
"protocol": "TCP",
"port": [443, 8443],
"portRange": [],
"destination": {
"domain": ["updated-example.com"],
"fqdn": ["api.updated-example.com"],
"destinationIp": null
}
}
]
}
}
}
}
}
DynamicIpAllocationPolicyMutations
addRule
Beta
Response
Returns a DynamicIpAllocationRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - DynamicIpAllocationAddRuleInput!
|
Example
Query
mutation AddRule($accountId: ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
addRule(input: {
at: {
position: LAST_IN_POLICY
}
rule: {
enabled:true
name: "Example Rule"
description: "Example description"
range: {
globalIpRange:{
by: NAME
input: "12.22.18.0/24"
}
}
}
})
{
status
rule {
rule {
id
name
description
enabled
range {
globalIpRange {
id
}
}
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {
"addRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "2c25bae8-f787-4098-b3c2-6057e5fe8537",
"name": "Example Rule",
"description": "Example description",
"enabled": true,
"range": {"globalIpRange": {"id": "1927110"}}
}
}
}
}
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddSection($accountId: ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
addSection(input: {
section: {
name: "New Section Name Example"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {
"addSection": {
"section": {
"section": {
"id": "83e54a6a-9998-4fcf-b1a1-5313e52cc5f0",
"name": "New section2"
}
},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreatePolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
createPolicyRevision(input: {
name: "Revision Name Example"
description: "Revision Description Example"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Test working with multiple revisions",
"name": "Test Revision",
"id": "ce815213-ec04-435a-8bf9-3ef5ada025e6",
"createdTime": "2024-09-25T14:31:07.605",
"updatedTime": "2024-09-25T14:31:07.605"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardPolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {"discardPolicyRevision": {"status": "FAILURE"}}
}
}
}
moveRule
Beta
Response
Returns a DynamicIpAllocationRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveRule($accountId: ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
moveRule(input: {
id: "3c345055-4f14-48dc-ab8c-5b5db9d778fc"
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
index
id
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {"index": 1, "id": "3c345055-4f14-48dc-ab8c-5b5db9d778fc"}
}
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId:ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
moveSection(input: {
id: "0495cf5e-1598-4f34-8c01-94970620c68f"
to: {
position: LAST_IN_POLICY
}
}) {
status
errors {
errorMessage
errorCode
}
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {
"moveSection": {
"status": "SUCCESS",
"errors": [],
"section": {
"properties": ["MOVED"],
"section": {
"id": "0495cf5e-1598-4f34-8c01-94970620c68f",
"name": "New section 2"
}
}
}
}
}
}
}
publishPolicyRevision
Beta
Response
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation PublishPolicy($accountId:ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
publishPolicyRevision(input: {
name: "IT Group SDP Users Dynamic IP Allocation Example"
description : "Allocate Dynamic IP range for IT group Example"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {"publishPolicyRevision": {"status": "SUCCESS"}}
}
}
}
removeRule
Beta
Response
Returns a DynamicIpAllocationRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - DynamicIpAllocationRemoveRuleInput!
|
Example
Query
mutation RemoveRule($accountId:ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
removeRule(input: {
id: "60ba1383-04ce-4a1f-8c61-5e5a3c2eabb1"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"dynamicIpAllocation": {"removeRule": {"status": "SUCCESS"}}}
}
}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveSection($accountId: ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
removeSection(input: {
id: "f4d0862d-cd2f-47fa-9a94-ce418130ce1f"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"dynamicIpAllocation": {"removeSection": {"status": "SUCCESS"}}}
}
}
updatePolicy
Beta
Response
Arguments
| Name | Description |
|---|---|
input - DynamicIpAllocationPolicyUpdateInput!
|
Example
Query
mutation UpdatePolicyState($accountId: ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
updatePolicy(input: {
state: DISABLED
}){
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Response
Returns a DynamicIpAllocationRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - DynamicIpAllocationUpdateRuleInput!
|
Example
Query
mutation UpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
updateRule(input: {
id: "2c25bae8-f787-4098-b3c2-6057e5fe8537"
rule: {
name: "Updated Rule Name Example"
}
}) {
status
rule {
rule {
id
name
description
enabled
range {
globalIpRange {
id
}
}
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {
"updateRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "2c25bae8-f787-4098-b3c2-6057e5fe8537",
"name": "Updated rule name",
"description": "Example description",
"enabled": true,
"range": {"globalIpRange": {"id": "1927110"}}
}
}
}
}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
dynamicIpAllocation {
updateSection(input: {
id: "54a367d6-75da-4399-bc03-65170ea97d3f"
section: {
name: "Updated Section Name Example"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "54a367d6-75da-4399-bc03-65170ea97d3f",
"name": "New section"
}
}
}
}
}
}
}
EnterpriseDirectoryMutations
archiveLocation
Beta
Response
Returns an EnterpriseDirectoryArchiveLocationPayload
Arguments
| Name | Description |
|---|---|
locationId - ID
|
Example
Query
mutation archiveEnterpriseDirectoryLocation($accountID:ID!, $locationID: ID!) {
enterpriseDirectory(accountId:$accountID) {
archiveLocation(locationId: $locationID
){
location{
id
}
}
}
}
Variables
{"accountID": "123456", "locationID": "4749add2-b6f4-45cf-8b04-41e83ccaed20"}
Response
{
"data": {
"enterpriseDirectory": {
"archiveLocation": {
"location": {"id": "4749add2-b6f4-45cf-8b04-41e83ccaed20"}
}
}
}
}
createLocation
Beta
Response
Returns an EnterpriseDirectoryCreateLocationPayload
Arguments
| Name | Description |
|---|---|
input - EnterpriseDirectoryCreateLocationInput!
|
Example
Query
mutation createEnterpriseDirectoryLocation($accountID:ID!, $input: EnterpriseDirectoryCreateLocationInput!) {
enterpriseDirectory(accountId:$accountID) {
createLocation(input: $input
){
location{
id
}
}
}
}
Variables
{
"accountID": "123456",
"input": {
"name": "test location",
"type": "BRANCH",
"details": {
"companyName": "",
"postalAddress": {
"street": "226 rue de rivoli",
"cityName": "Paris",
"zipCode": "75019",
"country": {"by": "ID", "input": "FR"}
},
"contact": {
"name": "Angelina",
"phone": "0567476293",
"email": "Angelina@gmail.com"
},
"vatId": ""
}
}
}
Response
{
"data": {
"enterpriseDirectory": {
"createLocation": {
"location": {"id": "4749add2-b6f4-45cf-8b04-41e83ccaed20"}
}
}
}
}
restoreLocation
Beta
Response
Returns an EnterpriseDirectoryRestoreLocationPayload
Arguments
| Name | Description |
|---|---|
locationId - ID
|
Example
Query
mutation restoreEnterpriseDirectoryLocation($accountID:ID!, $locationID: ID!) {
enterpriseDirectory(accountId:$accountID) {
restoreLocation(locationId: $locationID
){
location{
id
}
}
}
}
Variables
{"accountID": "123456", "locationID": "4749add2-b6f4-45cf-8b04-41e83ccaed20"}
Response
{
"data": {
"enterpriseDirectory": {
"restoreLocation": {
"location": {"id": "4749add2-b6f4-45cf-8b04-41e83ccaed20"}
}
}
}
}
updateLocation
Beta
Response
Returns an EnterpriseDirectoryUpdateLocationPayload
Arguments
| Name | Description |
|---|---|
input - EnterpriseDirectoryUpdateLocationInput!
|
Example
Query
mutation updateEnterpriseDirectoryLocation($accountID:ID!, $input: EnterpriseDirectoryUpdateLocationInput!) {
enterpriseDirectory(accountId:$accountID) {
updateLocation(input: $input
){
location{
id
}
}
}
}
Variables
{
"accountID": "123456",
"input": {
"id": "4749add2-b6f4-45cf-8b04-41e83ccaed20",
"name": "test location",
"type": "BRANCH",
"details": {
"companyName": "",
"postalAddress": {
"street": "226 rue de rivoli",
"cityName": "Paris",
"zipCode": "75019",
"country": {"by": "ID", "input": "FR"}
},
"contact": {
"name": "Angelina",
"phone": "0567476293",
"email": "Angelina@gmail.com"
},
"vatId": ""
}
}
}
Response
{
"data": {
"enterpriseDirectory": {
"updateLocation": {
"location": {"id": "4749add2-b6f4-45cf-8b04-41e83ccaed20"}
}
}
}
}
ExternalAccessMutations
addPartnerAccessRequest
Beta
Description
Add partner access request. This mutation is used to request access to managed accounts.
Response
Returns an AddPartnerAccessRequestPayload!
Arguments
| Name | Description |
|---|---|
input - AddPartnerAccessRequestInput!
|
Example
Query
mutation addPartnerAccessRequest($accountId: ID! $input: AddPartnerAccessRequestInput!) {
externalAccess(accountId: $accountId) {
addPartnerAccessRequest(input: $input) {
invitation {
id
account {
id
name
}
activeDate
admins {
id
name
}
partner {
id
name
}
requestedDate
expirationDate
status
reason
partnerNote
roles {
id
name
}
}
}
}
}
Variables
{
"accountId": "123456",
"input": {
"partner": {"input": "123456", "by": "ID"},
"accounts": [{"input": "123458", "by": "ID"}],
"roles": [{"input": "2", "by": "ID"}],
"admins": [{"input": "87400", "by": "ID"}],
"reason": "reason",
"expirationDate": "2025-03-10T00:00:00+02:00",
"partnerNote": "note"
}
}
Response
{
"data": {
"externalAccess": {
"addPartnerAccessRequest": {
"invitation": [
{
"id": "67c56e8d6dbc4e000cfd3b63",
"partner": {"id": "123456", "name": "ExternalAccessPartner"},
"activeDate": "2025-03-03T08:55:41.848Z",
"requestedDate": "2025-03-03T08:55:41.848Z",
"expirationDate": "2025-03-09T22:00:00.000Z",
"status": "PENDING",
"reason": "test",
"partnerNote": "note",
"account": {"id": "123458", "name": "ExternalAccess_Account"},
"admins": [
{"id": "87400", "name": "r t", "__typename": "AdminRef"}
],
"roles": [{"id": "2", "name": "Viewer"}]
}
]
}
}
}
}
cancelPartnerAccess
Beta
Description
This mutation is used to cancel previously requested partner access to the managed account.
Response
Returns a CancelPartnerAccessPayload!
Arguments
| Name | Description |
|---|---|
input - CancelPartnerAccessInput!
|
Example
Query
mutation cancelPartnerAccess($accountId: ID! $invitationId: ID! $reason: String) {
externalAccess(accountId: $accountId) {
cancelPartnerAccess(
input: { invitationId: $invitationId, reason: $reason }
) {
invitation {
id
partner {
id
name
}
requestedDate
expirationDate
status
reason
partnerNote
account {
id
name
}
roles {
id
name
}
}
}
}
}
Variables
{
"accountId": "123456",
"invitationId": "67c56e8d6dbc4e000cfd3b63",
"reason": "reason"
}
Response
{
"data": {
"externalAccess": {
"cancelPartnerAccess": {
"invitation": {
"id": "67c56e8d6dbc4e000cfd3b63",
"partner": {"id": "123455", "name": "ExternalAccessPartner"},
"requestedDate": "2025-03-03T08:55:41.848Z",
"expirationDate": "2025-03-09T22:00:00.000Z",
"status": "PENDING",
"reason": "test",
"partnerNote": null,
"account": {"id": "123456", "name": "ExternalAccess_Account"},
"roles": [{"id": "2", "name": "Viewer"}]
}
}
}
}
}
resolveIncomingAccessRequest
Beta
Description
Approve or reject a managed account access request.
Response
Returns a ResolveIncomingAccessRequestPayload!
Arguments
| Name | Description |
|---|---|
input - ResolveIncomingAccessRequestInput!
|
Example
Query
mutation resolveIncomingAccessRequest(
$accountId: ID!
$requestId: ID!
$approval: PartnerAccessApprovalResponse!
$note: String
) {
externalAccess(accountId: $accountId) {
resolveIncomingAccessRequest(
input: { requestId: $requestId, approval: $approval, note: $note }
) {
request {
id
partner {
id
name
}
requestedDate
expirationDate
status
reason
note
permissions {
permissions {
action
resource
}
}
}
}
}
}
Variables
{
"accountId": "219517",
"approval": "APPROVE",
"requestId": "67c61938000a440d96107be2",
"note": "Grant access for support"
}
Response
{
"data": {
"externalAccess": {
"resolveIncomingAccessRequest": {
"request": {
"id": "67c61938000a440d96107be2",
"partner": {"id": "218687", "name": "ExternalAccessPartner"},
"requestedDate": "2025-03-03T21:03:52.482Z",
"expirationDate": "2025-03-03T22:00:00.000Z",
"status": "ACTIVE",
"reason": "reason",
"note": "Grant access for support",
"permissions": {
"permissions": [{"action": "EDIT", "resource": "NetworkRules"}]
}
}
}
}
}
}
revokePartnerAccess
Beta
Description
This mutation is used to revoke previously granted access to the account.
Response
Returns a RevokePartnerAccessPayload!
Arguments
| Name | Description |
|---|---|
input - RevokePartnerAccessInput!
|
Example
Query
mutation revokePartnerAccess($accountId: ID! $invitationId: ID! $reason: String) {
externalAccess(accountId: $accountId) {
revokePartnerAccess(
input: { invitationId: $invitationId, reason: $reason }
) {
invitation {
id
partner {
id
name
}
requestedDate
expirationDate
status
reason
note
permissions {
permissions {
action
resource
}
}
}
}
}
}
Variables
{"accountId": "123456", "invitationId": "123456", "reason": "reason"}
Response
{
"data": {
"externalAccess": {
"revokePartnerAccess": {
"invitation": {
"id": "164386",
"partner": {"id": "123455", "name": "Partner_Account"},
"requestedDate": "2024-12-02T06:07:47.000Z",
"expirationDate": "2026-12-02T06:07:46.982Z",
"status": "ACTIVE",
"reason": "",
"note": "",
"account": {"id": "123456", "name": "ExternalAccess_Account"},
"permissions": {
"permissions": [{"action": "EDIT", "resource": "NetworkRules"}]
}
}
}
}
}
}
GroupsMutations
createGroup
Beta
Description
Create a new group
Response
Returns a CreateGroupPayload
Arguments
| Name | Description |
|---|---|
input - CreateGroupInput!
|
Example
Query
mutation createGroup($accountId: ID!, $input: CreateGroupInput!) {
groups(accountId: $accountId) {
createGroup(input: $input) {
group {
id
name
description
membersCount
members {
items {
name
type
}
paging {
total
}
}
membersCountPerType {
type
membersCount
}
audit {
updatedTime
}
}
}
}
}
Variables
{
"accountId": "12345",
"input": {
"name": "group-2",
"description": "a group of printers",
"members": [{"type": "HOST", "by": "ID", "input": "3579"}]
}
}
Response
{
"data": {
"groups": {
"createGroup": {
"group": {
"id": "54499492-a6eb-4a99-90f2-795da5d942ce",
"name": "group-2",
"description": "a group of printers",
"membersCount": 1,
"members": {
"items": [{"name": "printer-1", "type": "HOST"}],
"paging": {"total": 1}
},
"membersCountPerType": [{"type": "HOST", "membersCount": 1}],
"audit": {"updatedTime": "2023-07-27T11:43:13.889"}
}
}
}
}
}
deleteGroup
Beta
Description
Delete a group
Response
Returns a DeleteGroupPayload
Arguments
| Name | Description |
|---|---|
input - GroupRefInput!
|
Example
Query
mutation deleteGroup($accountId: ID!, $group: GroupRefInput!) {
groups(accountId: $accountId) {
deleteGroup(input: $group) {
group {
id
name
}
}
}
}
Variables
{"accountId": "12345", "group": {"input": "group-2"}}
Response
{
"data": {
"groups": {
"deleteGroup": {
"group": {
"id": "54499492-a6eb-4a99-90f2-795da5d942fb",
"name": "group-2"
}
}
}
}
}
updateGroup
Beta
Description
Update an existing group, including attributes such as name, description, and member items
Response
Returns an UpdateGroupPayload
Arguments
| Name | Description |
|---|---|
input - UpdateGroupInput!
|
Example
Query
mutation updateGroup($accountId: ID!, $input: UpdateGroupInput!) {
groups(accountId: $accountId) {
updateGroup(input: $input) {
group {
id
name
description
membersCount
members {
items {
name
type
}
paging {
total
}
}
membersCountPerType {
type
membersCount
}
audit {
updatedTime
}
}
}
}
}
Variables
{
"accountId": "12345",
"input": {
"group": {"by": "NAME", "input": "group-2"},
"membersToAdd": [{"by": "ID", "input": "2468", "type": "SITE"}],
"membersToRemove": [{"by": "ID", "input": "3579", "type": "SITE"}]
}
}
Response
{
"data": {
"groups": {
"updateGroup": {
"group": {
"id": "54499492-a6eb-4a99-90f2-795da5d942ce",
"name": "grp-2",
"description": "grp-2 description",
"membersCount": 1,
"members": {
"items": [{"name": "s1", "type": "SITE"}],
"paging": {"total": 1}
},
"membersCountPerType": [{"type": "SITE", "membersCount": 1}],
"audit": {"updatedTime": "2023-07-27T11:55:02.717"}
}
}
}
}
}
HardwareMutations
updateHwShipping
Beta
Description
Set Shipping details for a list of hardware
Response
Returns a HardwarePayload
Arguments
| Name | Description |
|---|---|
input - UpdateHwShippingInput!
|
Example
Query
mutation hardware($accountID:ID!, $input: UpdateHwShippingInput!) {
hardware(accountId:$accountID) {
updateHwShipping(input: $input
){
items{
id
}
}
}
}
Variables
{
"accountID": "26361",
"input": {
"ids": ["4749add2-b6f4-45cf-8b04-41e83ccaed20"],
"details": {
"powerCable": "US",
"details": {
"address": "5850add2-b6f4-45dg-9b04-41e83ccaed30",
"comment": "something"
}
}
}
}
Response
{
"data": {
"hardware": {
"updateHwShipping": {
"items": [{"id": "4749add2-b6f4-45cf-8b04-41e83ccaed20"}]
}
}
}
}
InternetFirewallPolicyMutations
addRule
Beta
Description
Add a new rule to the Internet Firewall policy.
Response
Returns an InternetFirewallRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - InternetFirewallAddRuleInput!
|
Example
Query
mutation AddRule($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
addRule(input: {
rule: {
enabled: true
name: "Example Rule"
description: "Example description"
source: {
ip: ["192.0.2.1", "198.51.100.1"]
subnet: ["10.0.0.0/24"]
}
action: ALLOW
},
at: {
position: LAST_IN_POLICY
}
}) {
status
rule {
rule {
id
name
description
enabled
source {
ip
subnet
}
action
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {
"addRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "106ee457-4406-4ea4-a163-36aa247de48f",
"name": "Example Rule",
"description": "Example description",
"enabled": true,
"source": {
"ip": ["192.0.2.1", "198.51.100.1"],
"subnet": ["10.0.0.0/24"]
},
"action": "ALLOW"
}
}
}
}
}
}
}
addSection
Beta
Description
Add a new section to the policy. First section behaves as follows: When the first section is created, all the rules in the policy, including the default system rules, are automatically added to it. The first section containing the default system rules can be modified but not deleted. The first section will always remain first-in-policy, i.e. it cannot be moved, and not other sections can be moved or created before it.
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddSection($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
addSection(input: {
section: {
name: "New section"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {
"addSection": {
"section": {
"section": {
"id": "9ab458a3-a263-4ef7-ad6a-86de3cee7822",
"name": "New section"
}
},
"status": "SUCCESS"
}
}
}
}
}
addSubPolicy
Beta
Description
Add a new sub-policy to the Internet Firewall policy.
Response
Returns an InternetFirewallAddSubPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - InternetFirewallAddSubPolicyInput!
|
Example
Query
mutation AddSubPolicy($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
addSubPolicy(input: {
scope: {
enabled: true
name: "Sub-policy 1"
description: "Example sub policy"
source: {
ip: ["192.0.2.1", "198.51.100.1"]
subnet: ["10.0.0.0/24"]
}
},
at: {
position: LAST_IN_POLICY
}
}) {
status
policy {
id
name
description
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {
"addSubPolicy": {
"status": "SUCCESS",
"policy": {
"id": "106ee457-4406-4ea4-a163-36aa247de48f",
"name": "Sub-policy 1",
"description": "Example sub policy",
"enabled": true
}
}
}
}
}
}
createPolicyRevision
Beta
Description
Create the policy revision. Create a new empty policy revision.
Response
Returns an InternetFirewallPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreatePolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
createPolicyRevision(input: {
name: "Test Revision"
description: "Test working with multiple revisions"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Test working with multiple revisions",
"name": "Test Revision",
"id": "c15811b4-1e43-44ea-a132-6d1a73cb7f8d",
"createdTime": "2024-07-18T21:49:58.116",
"updatedTime": "2024-07-18T21:49:58.116"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Description
Discard the policy revision. All changes in this discarded revision are discarded, and the revision is deleted.
Response
Returns an InternetFirewallPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardPolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {"discardPolicyRevision": {"status": "FAILURE"}}
}
}
}
moveRule
Beta
Description
Change the relative location of an existing rule within the Internet Firewall policy.
Response
Returns an InternetFirewallRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveRule($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
moveRule(input: {
id: "106ee457-4406-4ea4-a163-36aa247de48f"
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
index
id
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {"index": 1, "id": "106ee457-4406-4ea4-a163-36aa247de48f"}
}
}
}
}
}
}
moveSection
Beta
Description
Move a section to a new position within the policy. The section will be anchored in the new position, i.e. other admins will not be able to move it, or reference it when moving other sections, until the modified policy revision is published.
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId:ID!) {
policy(accountId: $accountId) {
internetFirewall {
moveSection(input: {
id: "9ab458a3-a263-4ef7-ad6a-86de3cee7822"
to: {
position: LAST_IN_POLICY
}
}) {
status
errors {
errorMessage
errorCode
}
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {
"moveSection": {
"status": "FAILURE",
"errors": [
{
"errorMessage": "Section with system rules cannot be moved or removed",
"errorCode": "sectionSystemMove"
}
],
"section": null
}
}
}
}
}
publishPolicyRevision
Beta
Description
Publish the policy revision. A published revision becomes the active policy, and its content is merged with all unpublished revisions for other admins.
Response
Returns an InternetFirewallPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation PublishPolicy($accountId:ID!) {
policy(accountId: $accountId) {
internetFirewall {
publishPolicyRevision(input: {
name: "Ticket #1234"
description : "Allow HR access to social websites"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {"publishPolicyRevision": {"status": "SUCCESS"}}
}
}
}
removeRule
Beta
Description
Remove an existing rule from the Internet Firewall policy.
Response
Returns an InternetFirewallRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - InternetFirewallRemoveRuleInput!
|
Example
Query
mutation RemoveRule($accountId:ID!) {
policy(accountId: $accountId) {
internetFirewall {
removeRule(input: {
id: "106ee457-4406-4ea4-a163-36aa247de48f"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"internetFirewall": {"removeRule": {"status": "SUCCESS"}}}
}
}
removeSection
Beta
Description
Delete an existing section. The first section in policy cannot be deleted.
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveSection($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
removeSection(input: {
id: "9ab458a3-a263-4ef7-ad6a-86de3cee7822"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"internetFirewall": {"removeSection": {"status": "FAILURE"}}}
}
}
removeSubPolicy
Beta
Description
Remove an existing sub-policy from the Internet Firewall policy.
Response
Arguments
| Name | Description |
|---|---|
input - InternetFirewallRemoveSubPolicyInput!
|
Example
Query
mutation RemoveSubPolicy($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
removeSubPolicy(input: {
ref: {
input: "5b1716a1-95c1-4206-9ffd-a53e34307bb9"
by: ID
}
}) {
status
policy {
id
name
description
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {
"removeSubPolicy": {
"status": "SUCCESS",
"policy": {
"id": "106ee457-4406-4ea4-a163-36aa247de48f",
"name": "Sub-policy 1",
"description": "Example sub policy",
"enabled": true
}
}
}
}
}
}
updatePolicy
Beta
Description
Change the state of the policy, e.g. enable or disable the policy. Applicable to the published policy only. State changes are applied immediately and not as part of publishing a policy revision.
Response
Returns an InternetFirewallPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - InternetFirewallPolicyUpdateInput!
|
Example
Query
mutation UpdatePolicyState($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
updatePolicy(input: {
state: DISABLED
}){
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Description
Update an existing rule of the Internet Firewall policy.
Response
Returns an InternetFirewallRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - InternetFirewallUpdateRuleInput!
|
Example
Query
mutation UpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
updateRule(input: {
id: "106ee457-4406-4ea4-a163-36aa247de48f"
rule: {
name: "Updated rule name"
source: {
ip: ["192.0.2.2"]
}
}
}) {
status
rule {
rule {
id
name
description
source {
ip
subnet
}
action
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {
"updateRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "106ee457-4406-4ea4-a163-36aa247de48f",
"name": "Updated rule name",
"description": "Example description",
"source": {"ip": ["192.0.2.2"], "subnet": ["10.0.0.0/24"]},
"action": "ALLOW"
}
}
}
}
}
}
}
updateSection
Beta
Description
Update policy section attributes
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
internetFirewall {
updateSection(input: {
id: "9ab458a3-a263-4ef7-ad6a-86de3cee7822"
section: {
name: "Updated section name"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"internetFirewall": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "9ab458a3-a263-4ef7-ad6a-86de3cee7822",
"name": "Updated section name"
}
}
}
}
}
}
}
LicensingMutations
updateCommercialLicense
Beta
Description
BETA
Response
Returns an UpdateCommercialLicensePayload
Arguments
| Name | Description |
|---|---|
input - UpdateCommercialLicenseInput!
|
Example
Query
mutation updateCommercialLicense($accountId: ID!, $updateCommercialLicenseInput: UpdateCommercialLicenseInput!) {
licensing(accountId: $accountId) {
updateCommercialLicense(input: $updateCommercialLicenseInput) {
license {
__typename
id
startDate
}
}
}
}
Variables
{
"accountId": "123",
"updateCommercialLicenseInput": {
"startDate": "2025-10-20T00:00:00.000Z",
"licenseId": "99d9485f-0829-4b7e-8781-6365bd6f8914"
}
}
Response
{
"data": {
"licensing": {
"updateCommercialLicense": {
"license": {
"__typename": "SiteLicense",
"id": "99d9485f-0829-4b7e-8781-6365bd6f8914",
"startDate": "2025-10-20T00:00:00.000Z"
}
}
}
}
}
NotificationSubscriptionMutations
createMailingList
Description
Creates a new Mailing List. Any valid email can be added, including those not associated with account users.
Usage limits:
- Maximum number of Mailing Lists per account: 1,000.
- Maximum number of members in each Mailing List: 1,000.
Response
Returns a CreateMailingListPayload!
Arguments
| Name | Description |
|---|---|
input - CreateMailingListInput!
|
Example
Query
mutation CreateMailingList($accountId: ID!) {
notification(accountId: $accountId) {
createMailingList(input: {
name: "Security Team"
address: ["security-lead@example.com", "soc-analyst@example.com"]
admin: [{ by: ID, input: "example-id" }]
}) {
mailingList {
id
name
type
address
admin {
id
}
audit {
updatedTime
updatedBy {
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"createMailingList": {
"mailingList": {
"id": "example-id",
"name": "Security Team",
"type": "SPECIFIC_EMAILS",
"address": ["security-lead@example.com", "soc-analyst@example.com"],
"admin": [{"id": "example-id"}],
"audit": {
"updatedBy": {
"__typename": "AdminRef",
"name": "admin@example.com"
},
"updatedTime": "2025-01-15T10:30:00Z"
}
}
}
}
}
}
createSubscriptionGroup
Description
Creates a Subscription Group. Subscription Groups combine Mailing Lists and integrations (including webhooks) for sending notifications.
Usage limits:
- Maximum number of Subscription Groups per account: 1,000.
- Maximum number of members in each Subscription Group: 100.
Response
Returns a CreateSubscriptionGroupPayload
Arguments
| Name | Description |
|---|---|
input - CreateSubscriptionGroupInput!
|
Example
Query
mutation CreateSubscriptionGroup($accountId: ID!) {
notification(accountId: $accountId) {
createSubscriptionGroup(input: {
name: "Critical Alerts"
mailingList: [
{ by: ID, input: "example-id" }
]
integration: [
{ by: ID, input: "example-id" }
]
}) {
subscriptionGroup {
id
name
mailingList {
id
name
}
integration {
webhookList {
id
name
enabled
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"createSubscriptionGroup": {
"subscriptionGroup": {
"id": "example-id",
"name": "Critical Alerts",
"mailingList": [{"id": "example-id", "name": "Security Team"}],
"integration": {
"webhookList": [
{
"id": "example-id",
"name": "Slack Security Channel",
"enabled": true
}
]
}
}
}
}
}
}
deleteMailingList
Description
Deletes a Mailing List. This action cannot be undone.
Response
Returns a DeleteMailingListPayload
Arguments
| Name | Description |
|---|---|
input - MailingListRefInput!
|
Example
Query
mutation DeleteMailingList($accountId: ID!) {
notification(accountId: $accountId) {
deleteMailingList(input: {
by: ID
input: "example-id"
}) {
mailingList {
id
name
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"deleteMailingList": {
"mailingList": {"id": "example-id", "name": "Security Team"}
}
}
}
}
deleteSubscriptionGroup
Description
Deletes a Subscription Group. This action cannot be undone.
Response
Returns a DeleteSubscriptionGroupPayload
Arguments
| Name | Description |
|---|---|
input - SubscriptionGroupRefInput!
|
Example
Query
mutation DeleteSubscriptionGroup($accountId: ID!) {
notification(accountId: $accountId) {
deleteSubscriptionGroup(input: {
by: ID
input: "example-id"
}) {
subscriptionGroup {
id
name
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"deleteSubscriptionGroup": {
"subscriptionGroup": {"id": "example-id", "name": "Critical Alerts"}
}
}
}
}
updateMailingList
Description
Updates an existing Mailing List. Only specified attributes in the input will be updated, no changes to other attributes.
Usage limits:
- Maximum number of members in each Mailing List: 1,000.
Response
Returns an UpdateMailingListPayload!
Arguments
| Name | Description |
|---|---|
input - UpdateMailingListInput!
|
Example
Query
mutation UpdateMailingList($accountId: ID!) {
notification(accountId: $accountId) {
updateMailingList(input: {
mailingList: {
by: ID
input: "example-id"
}
name: "Updated Security Team"
addressToAdd: ["new-member@example.com"]
addressToRemove: ["soc-analyst@example.com"]
}) {
mailingList {
id
name
type
address
admin {
id
}
audit {
updatedTime
updatedBy {
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"updateMailingList": {
"mailingList": {
"id": "example-id",
"name": "Updated Security Team",
"type": "SPECIFIC_EMAILS",
"address": ["security-lead@example.com", "new-member@example.com"],
"admin": [{"id": "example-id"}],
"audit": {
"updatedBy": {
"__typename": "AdminRef",
"name": "admin@example.com"
},
"updatedTime": "2025-01-15T10:30:00Z"
}
}
}
}
}
}
updateSubscriptionGroup
Description
Updates an existing Subscription Group. Subscription Groups combine Mailing Lists and integrations (including webhooks) for sending notifications.
Usage limits:
- Maximum number of members in each Subscription Group: 100.
Response
Returns an UpdateSubscriptionGroupPayload
Arguments
| Name | Description |
|---|---|
input - UpdateSubscriptionGroupInput!
|
Example
Query
mutation UpdateSubscriptionGroup($accountId: ID!) {
notification(accountId: $accountId) {
updateSubscriptionGroup(input: {
subscriptionGroup: {
by: ID
input: "example-id"
}
name: "Critical Alerts - Updated"
mailingListToAdd: [
{ by: ID, input: "example-id" }
]
integrationToRemove: [
{ by: ID, input: "example-id" }
]
}) {
subscriptionGroup {
id
name
mailingList {
id
name
}
integration {
webhookList {
id
name
enabled
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"updateSubscriptionGroup": {
"subscriptionGroup": {
"id": "example-id",
"name": "Critical Alerts - Updated",
"mailingList": [
{"id": "example-id", "name": "Security Team"},
{"id": "example-id", "name": "Network Operations"}
],
"integration": {"webhookList": []}
}
}
}
}
}
IntegrationMutations
createWebhook
Description
Create a webhook integration to send notifications to third-party integrations and vendors via HTTP/HTTPS.
Usage limits:
- Maximum number of webhooks per account: 1,000.
Response
Returns a CreateWebhookPayload
Arguments
| Name | Description |
|---|---|
input - CreateWebhookInput!
|
Example
Query
mutation CreateWebhook($accountId: ID!) {
notification(accountId: $accountId) {
integration {
createWebhook(input: {
name: "Slack Security Channel"
enabled: true
url: "https://hooks.slack.com/services/example"
auth: {
bearer: {
bearerToken: "xoxb-example-token"
}
}
header: [
{ name: "Content-Type", value: "application/json" }
]
body: "{\"text\": \"$alertTypeName - $alertMessage\"}"
requestMethod: POST
}) {
webhook {
id
name
enabled
url
requestMethod
header {
name
value
}
body
responseMapping {
key
value
}
relatedWebhookId
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"integration": {
"createWebhook": {
"webhook": {
"id": "example-id",
"name": "Slack Security Channel",
"enabled": true,
"url": "https://hooks.slack.com/services/example",
"requestMethod": "POST",
"header": [{"name": "Content-Type", "value": "application/json"}],
"body": "{\"text\": \"$alertTypeName - $alertMessage\"}",
"responseMapping": [],
"relatedWebhookId": null
}
}
}
}
}
}
deleteWebhook
Description
Delete a webhook integration. This action cannot be undone.
Response
Returns a DeleteWebhookPayload
Arguments
| Name | Description |
|---|---|
input - WebhookIntegrationRefInput!
|
Example
Query
mutation DeleteWebhook($accountId: ID!) {
notification(accountId: $accountId) {
integration {
deleteWebhook(input: {
by: ID
input: "example-id"
}) {
webhook {
id
name
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"integration": {
"deleteWebhook": {
"webhook": {"id": "example-id", "name": "Slack Security Channel"}
}
}
}
}
}
testWebhook
Description
Tests an existing webhook integration by sending a request with the specified field structure, auto-populated with sample (placeholder) values.
Response
Returns a TestWebhookPayload!
Arguments
| Name | Description |
|---|---|
input - WebhookIntegrationRefInput!
|
Example
Query
mutation TestWebhook($accountId: ID!) {
notification(accountId: $accountId) {
integration {
testWebhook(input: {
by: ID
input: "example-id"
}) {
success
errorMessage
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"integration": {"testWebhook": {"success": true, "errorMessage": null}}
}
}
}
updateWebhook
Description
Update existing webhook integration.
Response
Returns an UpdateWebhookPayload
Arguments
| Name | Description |
|---|---|
input - UpdateWebhookInput!
|
Example
Query
mutation UpdateWebhook($accountId: ID!) {
notification(accountId: $accountId) {
integration {
updateWebhook(input: {
webhook: {
by: ID
input: "example-id"
}
name: "Slack Security Channel - Updated"
enabled: false
url: "https://hooks.slack.com/services/updated-example"
body: "{\"text\": \"[$alertSeverity] $alertTypeName - $alertMessage\"}"
headerToAdd: [
{ name: "X-Custom-Header", value: "custom-value" }
]
}) {
webhook {
id
name
enabled
url
requestMethod
header {
name
value
}
body
responseMapping {
key
value
}
relatedWebhookId
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"notification": {
"integration": {
"updateWebhook": {
"webhook": {
"id": "example-id",
"name": "Slack Security Channel - Updated",
"enabled": false,
"url": "https://hooks.slack.com/services/updated-example",
"requestMethod": "POST",
"header": [
{"name": "Content-Type", "value": "application/json"},
{"name": "X-Custom-Header", "value": "custom-value"}
],
"body": "{\"text\": \"[$alertSeverity] $alertTypeName - $alertMessage\"}",
"responseMapping": [],
"relatedWebhookId": null
}
}
}
}
}
}
PopLocationMutations
addAllocatedIp
Beta
Description
Allocates an IP address for a PoP location.
Response
Returns a PopLocationAddAllocatedIpPayload
Arguments
| Name | Description |
|---|---|
input - PopLocationAddAllocatedIpInput!
|
Example
Query
mutation addAllocatedIp($accountId: ID!, $input: PopLocationAddAllocatedIpInput!) {
popLocationMutations(accountId: $accountId) {
addAllocatedIp(input: $input) {
allocatedIp {
id
ip
description
allocationType
popLocation {
id
name
}
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"type": "BYOIP",
"popLocation": {"by": "ID", "input": "456"},
"description": "New allocated IP for London POP"
}
}
Response
{
"data": {
"popLocationMutations": {
"addAllocatedIp": {
"allocatedIp": {
"id": "1234",
"ip": "203.0.113.10",
"description": "New allocated IP for London POP",
"allocationType": "BYOIP",
"popLocation": {"id": "456", "name": "London-1"}
}
}
}
}
}
allocateIp
Beta
Use addAllocatedIp instead.
Description
Allocates an IP address for a PoP location.
Response
Returns a PopLocationAllocateIpPayload
Arguments
| Name | Description |
|---|---|
input - PopLocationAllocateIpInput!
|
Example
Query
mutation allocateIp($accountId: ID!, $input: PopLocationAllocateIpInput!) {
popLocationMutations(accountId: $accountId) {
allocateIp(input: $input) {
allocatedIp {
id
ip
description
allocationType
popLocation {
id
name
}
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"type": "SYSTEM",
"popLocation": {"by": "ID", "input": "456"},
"description": "New allocated IP for London POP"
}
}
Response
{
"data": {
"popLocationMutations": {
"allocateIp": {
"allocatedIp": {
"id": 1234,
"ip": "203.0.113.10",
"description": "New allocated IP for London POP",
"allocationType": "SYSTEM",
"popLocation": {"id": "456", "name": "London-1"}
}
}
}
}
}
releaseIp
Beta
Use removeAllocatedIp instead.
Description
Releases an allocated IP address for a PoP location.
Response
Returns a PopLocationReleaseIpPayload
Arguments
| Name | Description |
|---|---|
input - PopLocationReleaseIpInput!
|
Example
Query
mutation releaseIp($accountId: ID!, $input: PopLocationReleaseIpInput!) {
popLocationMutations(accountId: $accountId) {
releaseIp(input: $input) {
allocatedIp {
id
ip
description
allocationType
popLocation {
id
name
}
}
}
}
}
Variables
{"accountId": "123", "input": {"ip": "203.0.113.10", "type": "SYSTEM"}}
Response
{
"data": {
"popLocationMutations": {
"releaseIp": {
"allocatedIp": {
"id": "1234",
"ip": "203.0.113.10",
"description": "IP address",
"allocationType": "SYSTEM",
"popLocation": {"id": "456", "name": "London-1"}
}
}
}
}
}
removeAllocatedIp
Beta
Description
Releases an allocated IP address for a PoP location.
Response
Returns a PopLocationRemoveAllocatedIpPayload
Arguments
| Name | Description |
|---|---|
input - PopLocationRemoveAllocatedIpInput!
|
Example
Query
mutation removeAllocatedIp($accountId: ID!, $input: PopLocationRemoveAllocatedIpInput!) {
popLocationMutations(accountId: $accountId) {
removeAllocatedIp(input: $input) {
allocatedIp {
id
ip
description
allocationType
popLocation {
id
name
}
}
}
}
}
Variables
{"accountId": "123", "input": {"ip": "203.0.113.10", "type": "BYOIP"}}
Response
{
"data": {
"popLocationMutations": {
"removeAllocatedIp": {
"allocatedIp": {
"id": "1234",
"ip": "203.0.113.10",
"description": "IP address",
"allocationType": "BYOIP",
"popLocation": {"id": "456", "name": "London-1"}
}
}
}
}
}
updateAllocatedIpDescription
Beta
Description
Updates the description for an allocated IP address for a PoP location.
Response
Arguments
| Name | Description |
|---|---|
input - PopLocationUpdateAllocatedIpDescriptionInput!
|
Example
Query
mutation updateAllocatedIpDescription($accountId: ID!, $input: PopLocationUpdateAllocatedIpDescriptionInput!) {
popLocationMutations(accountId: $accountId) {
updateAllocatedIpDescription(input: $input) {
allocatedIp {
id
ip
description
allocationType
popLocation {
id
name
}
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"ip": "203.0.113.10",
"description": "Updated description for allocated IP"
}
}
Response
{
"data": {
"popLocationMutations": {
"updateAllocatedIpDescription": {
"allocatedIp": {
"id": "1234",
"ip": "203.0.113.10",
"description": "Updated description for allocated IP",
"allocationType": "SYSTEM",
"popLocation": {"id": "456", "name": "London-1"}
}
}
}
}
}
PrivateAccessPolicyMutations
addRule
Beta
Response
Returns a PrivateAccessRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PrivateAccessAddRuleInput!
|
Example
Query
mutation AddRule($accountId: ID!) {
policy(accountId: $accountId) {
privateAccess {
addRule(input: {
at: {
position: LAST_IN_POLICY
}
rule: {
enabled: true
name: "Allow HR to Internal Portal"
description: "Allow HR group access to internal HR application"
source: {
usersGroup: [
{
by: NAME
input: "HR Department"
}
]
}
platform: [WINDOWS, MACOS]
device: []
country: [
{
by: ID
input: "US"
}
]
applications: {
application: [
{
by: NAME
input: "Internal HR Portal"
}
]
}
connectionOrigin: [ANY]
action: {
action: ALLOW
}
}
}) {
status
errors {
errorCode
errorMessage
}
rule {
rule {
id
name
description
enabled
platform
country {
id
name
}
applications {
application {
id
name
}
}
connectionOrigin
action {
action
}
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"privateAccess": {
"addRule": {
"status": "SUCCESS",
"errors": [],
"rule": {
"rule": {
"id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"name": "Allow HR to Internal Portal",
"description": "Allow HR group access to internal HR application",
"enabled": true,
"platform": ["WINDOWS", "MACOS"],
"country": [{"id": "US", "name": "United States"}],
"applications": {
"application": [{"id": "5001", "name": "Internal HR Portal"}]
},
"connectionOrigin": ["ANY"],
"action": {"action": "ALLOW"}
}
}
}
}
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddSection($accountId: ID!) {
policy(accountId: $accountId) {
privateAccess {
addSection(input: {
section: {
name: "New section"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"privateAccess": {
"addSection": {
"section": {
"section": {
"id": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
"name": "New section"
}
},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns a PrivateAccessPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreatePolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
privateAccess {
createPolicyRevision(input: {
name: "Test Revision"
description: "Test working with multiple revisions"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"privateAccess": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Test working with multiple revisions",
"name": "Test Revision",
"id": "c3d4e5f6-a7b8-9012-cdef-123456789012",
"createdTime": "2026-04-28T10:30:00.000",
"updatedTime": "2026-04-28T10:30:00.000"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns a PrivateAccessPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardPolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
privateAccess {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"privateAccess": {"discardPolicyRevision": {"status": "SUCCESS"}}
}
}
}
moveRule
Beta
Response
Returns a PrivateAccessRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveRule($accountId: ID!) {
policy(accountId: $accountId) {
privateAccess {
moveRule(input: {
id: "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
index
id
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"privateAccess": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {"index": 1, "id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890"}
}
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId:ID!) {
policy(accountId: $accountId) {
privateAccess {
moveSection(input: {
id: "b2c3d4e5-f6a7-8901-bcde-f12345678901"
to: {
position: LAST_IN_POLICY
}
}) {
status
errors {
errorMessage
errorCode
}
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"privateAccess": {
"moveSection": {
"status": "SUCCESS",
"errors": [],
"section": {
"properties": ["MOVED"],
"section": {
"id": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
"name": "New section"
}
}
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns a PrivateAccessPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation PublishPolicy($accountId:ID!) {
policy(accountId: $accountId) {
privateAccess {
publishPolicyRevision(input: {
name: "Ticket #1234"
description : "Allow HR access to internal applications"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"privateAccess": {"publishPolicyRevision": {"status": "SUCCESS"}}
}
}
}
removeRule
Beta
Response
Returns a PrivateAccessRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PrivateAccessRemoveRuleInput!
|
Example
Query
mutation RemoveRule($accountId:ID!) {
policy(accountId: $accountId) {
privateAccess {
removeRule(input: {
id: "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{"data": {"policy": {"privateAccess": {"removeRule": {"status": "SUCCESS"}}}}}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveSection($accountId: ID!) {
policy(accountId: $accountId) {
privateAccess {
removeSection(input: {
id: "b2c3d4e5-f6a7-8901-bcde-f12345678901"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {"privateAccess": {"removeSection": {"status": "SUCCESS"}}}
}
}
updatePolicy
Beta
Response
Returns a PrivateAccessPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PrivateAccessPolicyUpdateInput!
|
Example
Query
mutation UpdatePolicyState($accountId: ID!) {
policy(accountId: $accountId) {
privateAccess {
updatePolicy(input: {
state: DISABLED
}){
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"privateAccess": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Response
Returns a PrivateAccessRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PrivateAccessUpdateRuleInput!
|
Example
Query
mutation UpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
privateAccess {
updateRule(input: {
id: "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
rule: {
name: "Updated rule name"
platform: [WINDOWS]
connectionOrigin: [REMOTE_CLIENT]
}
}) {
status
rule {
rule {
id
name
description
platform
connectionOrigin
action {
action
}
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"privateAccess": {
"updateRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"name": "Updated rule name",
"description": "Allow HR group access to internal HR application",
"platform": ["WINDOWS"],
"connectionOrigin": ["REMOTE_CLIENT"],
"action": {"action": "ALLOW"}
}
}
}
}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
privateAccess {
updateSection(input: {
id: "b2c3d4e5-f6a7-8901-bcde-f12345678901"
section: {
name: "Updated section name"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"privateAccess": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
"name": "Updated section name"
}
}
}
}
}
}
}
RemotePortFwdPolicyMutations
addRule
Beta
Description
Add a new port forwarding rule to enable remote access to internal services.
Response
Returns a RemotePortFwdRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - RemotePortFwdAddRuleInput!
|
Example
Query
mutation AddRule($accountId: ID!) {
policy(accountId: $accountId) {
remotePortFwd {
addRule(input: {
rule: {
enabled: true,
name: "RPF Rule",
description: "RPF Rule",
forwardIcmp: false,
externalIp: {
by: ID,
input: "26270"
},
externalPortRange: {
from: 8095,
to: 8095
},
internalIp: "1.1.1.1",
internalPortRange: {
from: 8095,
to: 8095
},
remoteIPs: {
ip: [
"8.8.8.8"
]
},
restrictionType: ALLOW_LIST
},
at: {
position: LAST_IN_POLICY
}
}) {
status
rule {
rule {
id
name
enabled
description
forwardIcmp
externalIp {
id
name
}
externalPortRange {
from
to
}
internalIp
internalPortRange {
from
to
}
remoteIPs {
ip
}
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"remotePortFwd": {
"addRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "d22ece52-f1cb-46c4-b3d5-367125bebb37",
"name": "RPF Rule",
"enabled": true,
"description": "RPF Rule",
"forwardIcmp": false,
"externalIp": {
"id": "26270",
"name": "exaltsimu_test_4 - 198.20.1.16"
},
"externalPortRange": {"from": 8095, "to": 8095},
"internalIp": "1.1.1.1",
"internalPortRange": {"from": 8095, "to": 8095},
"remoteIPs": {"ip": ["8.8.8.8"]}
}
}
}
}
}
}
}
addSection
Beta
Description
Add a new section to the policy. First section behaves as follows: When the first section is created, all the rules in the policy, including the default system rules, are automatically added to it. The first section containing the default system rules can be modified but not deleted. The first section will always remain first-in-policy, i.e. it cannot be moved, and not other sections can be moved or created before it.
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddSection($accountId: ID!) {
policy(accountId: $accountId) {
remotePortFwd {
addSection(input: {
section: {
name: "New section"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"remotePortFwd": {
"addSection": {
"section": {
"section": {
"id": "0e3bbaff-698e-440d-93f2-d207eca8af89",
"name": "New section"
}
},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Description
Create a new empty policy revision for port forwarding rules.
Response
Returns a RemotePortFwdPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreatePolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
remotePortFwd {
createPolicyRevision(input: {
name: "Test Revision"
description: "Test working with multiple revisions"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"remotePortFwd": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Test working with multiple revisions",
"name": "Test Revision",
"id": "b8305755-fe19-4868-9962-dff25687e722",
"createdTime": "2024-11-19T16:11:21.338",
"updatedTime": "2024-11-19T16:11:21.338"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Description
Discard the policy revision. All changes in this revision are discarded and the revision is deleted.
Response
Returns a RemotePortFwdPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardPolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
remotePortFwd {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"remotePortFwd": {"discardPolicyRevision": {"status": "FAILURE"}}
}
}
}
moveRule
Beta
Description
Change the priority/position of an existing port forwarding rule.
Response
Returns a RemotePortFwdRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveRule($accountId: ID!) {
policy(accountId: $accountId) {
remotePortFwd {
moveRule(input: {
id: "d22ece52-f1cb-46c4-b3d5-367125bebb37"
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
index
id
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"remotePortFwd": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {"index": 1, "id": "d22ece52-f1cb-46c4-b3d5-367125bebb37"}
}
}
}
}
}
}
moveSection
Beta
Description
Move a section to a new position within the policy. The section will be anchored in the new position, i.e. other admins will not be able to move it, or reference it when moving other sections, until the modified policy revision is published.
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId:ID!) {
policy(accountId: $accountId) {
remotePortFwd {
moveSection(input: {
id: "0e3bbaff-698e-440d-93f2-d207eca8af89"
to: {
position: LAST_IN_POLICY
}
}) {
status
errors {
errorMessage
errorCode
}
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"remotePortFwd": {
"moveSection": {
"status": "SUCCESS",
"errors": [],
"section": {
"properties": ["MOVED"],
"section": {
"id": "0e3bbaff-698e-440d-93f2-d207eca8af89",
"name": "New section"
}
}
}
}
}
}
}
publishPolicyRevision
Beta
Description
Publish the policy revision. Published revision becomes the active policy and its rules are merged with unpublished revisions from other admins.
Response
Returns a RemotePortFwdPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation PublishPolicy($accountId:ID!) {
policy(accountId: $accountId) {
remotePortFwd {
publishPolicyRevision(input: {
name: "NA sites"
description : "Allow traffic for North America sites"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"remotePortFwd": {"publishPolicyRevision": {"status": "SUCCESS"}}
}
}
}
removeRule
Beta
Description
Remove an existing port forwarding rule from the policy.
Response
Returns a RemotePortFwdRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - RemotePortFwdRemoveRuleInput!
|
Example
Query
mutation RemoveRule($accountId:ID!) {
policy(accountId: $accountId) {
remotePortFwd {
removeRule(input: {
id: "d22ece52-f1cb-46c4-b3d5-367125bebb37"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{"data": {"policy": {"remotePortFwd": {"removeRule": {"status": "SUCCESS"}}}}}
removeSection
Beta
Description
Delete an existing section. The first section in policy cannot be deleted.
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveSection($accountId: ID!) {
policy(accountId: $accountId) {
remotePortFwd {
removeSection(input: {
id: "0e3bbaff-698e-440d-93f2-d207eca8af89"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"remotePortFwd": {"removeSection": {"status": "SUCCESS"}}}
}
}
updatePolicy
Beta
Description
Change the state of the port forwarding policy (enable/disable). Changes are applied immediately and not as part of policy revision publishing.
Response
Returns a RemotePortFwdPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - RemotePortFwdPolicyUpdateInput!
|
Example
Query
mutation UpdatePolicyState($accountId: ID!) {
policy(accountId: $accountId) {
remotePortFwd {
updatePolicy(input: {
state: DISABLED
}){
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"remotePortFwd": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Description
Update an existing port forwarding rule configuration.
Response
Returns a RemotePortFwdRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - RemotePortFwdUpdateRuleInput!
|
Example
Query
mutation UpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
remotePortFwd {
updateRule(input: {
id: "d22ece52-f1cb-46c4-b3d5-367125bebb37"
rule: {
internalIp: "10.0.0.1",
}
}) {
status
rule {
rule {
id
name
enabled
description
internalIp
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"remotePortFwd": {
"updateRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "d22ece52-f1cb-46c4-b3d5-367125bebb37",
"name": "RPF Rule",
"enabled": true,
"description": "RPF Rule",
"internalIp": "10.0.0.1"
}
}
}
}
}
}
}
updateSection
Beta
Description
Update policy section attributes
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
remotePortFwd {
updateSection(input: {
id: "0e3bbaff-698e-440d-93f2-d207eca8af89"
section: {
name: "Updated section name"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"remotePortFwd": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "0e3bbaff-698e-440d-93f2-d207eca8af89",
"name": "New section"
}
}
}
}
}
}
}
SandboxMutations
Description
Delete a sandbox report
Response
Returns a DeleteReportPayload!
Arguments
| Name | Description |
|---|---|
input - DeleteReportInput!
|
Example
Query
mutation sandboxReports($accountId: ID!, $input: DeleteReportInput!) {
sandbox(accountId: $accountId) {
deleteReport(input: $input) {
fileHash
}
}
}
Variables
{"accountId": 12345, "input": {"fileHash": "FILE_HASH"}}
Response
{"data": {"sandbox": {"deleteReport": {"fileHash": "FILE_HASH"}}}}
Description
Upload a file for sandbox analysis
Response
Returns an UploadFilePayload!
Arguments
| Name | Description |
|---|---|
input - UploadFileInput!
|
Example
Query
mutation sandboxReports($accountId: ID!, $input: UploadFileInput!) {
sandbox(accountId: $accountId) {
uploadFile(input: $input) {
uploadUrl
}
}
}
Variables
{"accountId": 12345, "input": {"fileName": "eicar.zip"}}
Response
{"data": {"sandbox": {"uploadFile": {"uploadUrl": "UPLOAD_URL"}}}}
SiteMutations
addBgpPeer
Beta
Description
Adds a new BGP peer to the specified site.
Response
Returns an AddBgpPeerPayload
Arguments
| Name | Description |
|---|---|
input - AddBgpPeerInput!
|
Example
Query
mutation addBgpPeer($accountId: ID!, $input: AddBgpPeerInput!) {
site(accountId: $accountId) {
addBgpPeer(input: $input){
bgpPeer{
site{
id
name
}
id
name
peerAsn
catoAsn
peerIp
catoIp
advertiseDefaultRoute
advertiseAllRoutes
advertiseSummaryRoutes
summaryRoute{
id
route
community{
from
to
}
}
defaultAction
performNat
md5AuthKey
metric
holdTime
keepaliveInterval
bfdEnabled
bfdSettings {
transmitInterval
receiveInterval
multiplier
}
tracking{
id
enabled
alertFrequency
subscriptionId
}
}
}
}
}
Variables
{
"accountId": 123,
"input": {
"site": {"input": "456", "by": "ID"},
"name": "example peer",
"peerAsn": 1,
"catoAsn": 8,
"peerIp": "185.0.0.69",
"advertiseDefaultRoute": true,
"advertiseAllRoutes": false,
"advertiseSummaryRoutes": false,
"summaryRoute": [
{
"route": "1.6.5.0/25",
"community": [{"from": 1, "to": 2}, {"from": 1, "to": 3}]
}
],
"defaultAction": "ACCEPT",
"performNat": false,
"md5AuthKey": "2313123",
"metric": 100,
"holdTime": 60,
"keepaliveInterval": 20,
"bfdEnabled": false,
"tracking": {
"enabled": true,
"alertFrequency": "DAILY",
"subscriptionId": "-100"
}
}
}
Response
{
"data": {
"site": {
"addBgpPeer": {
"bgpPeer": {
"site": {"id": "456", "name": "test-accept"},
"id": "13372",
"name": "example peer",
"peerAsn": 1,
"catoAsn": 8,
"peerIp": "185.0.0.69",
"catoIp": "185.0.0.1",
"advertiseDefaultRoute": true,
"advertiseAllRoutes": false,
"advertiseSummaryRoutes": false,
"summaryRoute": [
{
"id": "3830",
"route": "1.6.5.0/25",
"community": [{"from": 1, "to": 2}, {"from": 1, "to": 3}]
}
],
"defaultAction": "ACCEPT",
"performNat": false,
"md5AuthKey": "2313123",
"metric": 100,
"holdTime": 60,
"keepaliveInterval": 20,
"bfdEnabled": false,
"bfdSettings": {
"transmitInterval": 1000,
"receiveInterval": 1000,
"multiplier": 5
},
"tracking": {
"id": "1689",
"enabled": true,
"alertFrequency": "DAILY",
"subscriptionId": "-100"
}
}
}
}
}
}
addCloudInterconnectPhysicalConnection
Beta
Description
Add a new physical connection to a cloud interconnect site.Either connect to a partner, or a non-supported public provider
Response
Arguments
| Name | Description |
|---|---|
input - AddCloudInterconnectPhysicalConnectionInput!
|
Example
Query
mutation addCloudInterconnectPhysicalConnection($accountId: ID!, $input: AddCloudInterconnectPhysicalConnectionInput!){
site(accountId: $accountId) {
addCloudInterconnectPhysicalConnection( input: $input ) {
id
}
}
}
Variables
{
"accountId": 128782,
"input": {
"site": {"by": "ID", "input": "400957"},
"haRole": "PRIMARY",
"popLocation": {"input": "10000", "by": "ID"},
"serviceProviderName": "Equinix",
"encapsulationMethod": "DOT1Q",
"subnet": "200.0.2.0/24",
"privateCatoIp": "200.0.2.19",
"privateSiteIp": "200.0.2.20",
"upstreamBwLimit": "100",
"downstreamBwLimit": "100"
}
}
Response
{
"data": {
"site": {
"addCloudInterconnectPhysicalConnection": {"id": "NDAwOTU3LVBSSU1BUlk="}
}
}
}
addCloudInterconnectSite
Beta
Description
Add a new cloud interconnect site.
Response
Returns an AddCloudInterconnectSitePayload
Arguments
| Name | Description |
|---|---|
input - AddCloudInterconnectSiteInput!
|
Example
Query
mutation addCloudInterconnectSite($accountId: ID!, $input: AddCloudInterconnectSiteInput!){
site(accountId: $accountId) {
addCloudInterconnectSite( input: $input){
siteId
}
}
}
Variables
{
"accountId": 128782,
"input": {
"name": "cloud_interconnect_test_site",
"siteType": "BRANCH",
"description": "test description",
"siteLocation": {
"countryCode": "AF",
"timezone": "Asia/Kabul",
"city": "‘Alāqahdārī Aṯghar"
}
}
}
Response
{"data": {"site": {"addCloudInterconnectSite": {"siteId": "400957"}}}}
addIpsecIkeV2Site
Beta
Response
Returns an AddIpsecIkeV2SitePayload
Arguments
| Name | Description |
|---|---|
input - AddIpsecIkeV2SiteInput!
|
Example
Query
mutation addIpsecIkeV2Site($accountId:ID!, $input:AddIpsecIkeV2SiteInput!){
site(accountId:$accountId) {
addIpsecIkeV2Site(input:$input) {
siteId
}
}
}
Variables
{
"accountId": 123,
"input": {
"name": "New Site",
"siteType": "DATACENTER",
"description": "Data warehouse",
"nativeNetworkRange": "123.0.0.0/24",
"vlan": 1400,
"siteLocation": {"countryCode": "IL", "timezone": "Asia/Jerusalem"}
}
}
Response
{"data": {"site": {"addIpsecIkeV2Site": {"siteId": "456"}}}}
addIpsecIkeV2SiteTunnels
Beta
Response
Returns an AddIpsecIkeV2SiteTunnelsPayload
Arguments
| Name | Description |
|---|---|
siteId - ID!
|
|
input - AddIpsecIkeV2SiteTunnelsInput!
|
Example
Query
mutation addIpsecIkeV2SiteTunnels($accountId: ID!, $siteId: ID!, $input: AddIpsecIkeV2SiteTunnelsInput!) {
site(accountId: $accountId) {
addIpsecIkeV2SiteTunnels(siteId: $siteId, input: $input) {
siteId
}
}
}
Variables
{
"accountId": "123",
"siteId": "456",
"input": {
"primary": {
"destinationType": "IPv4",
"publicCatoIpId": 1000,
"tunnels": {
"publicSiteIp": "10.10.10.1",
"privateCatoIp": "1.1.1.12",
"privateSiteIp": "1.1.1.13",
"lastMileBw": {"downstream": 100, "upstream": 100},
"psk": "TEst123456789"
}
},
"secondary": {
"destinationType": "FQDN",
"tunnels": {
"publicSiteIp": "20.20.20.1",
"lastMileBw": {"downstream": 200, "upstream": 200},
"psk": "TEst123456789"
}
}
}
}
Response
{"data": {"site": {"addIpsecIkeV2SiteTunnels": {"siteId": "456"}}}}
addNetworkRange
Response
Returns an AddNetworkRangePayload
Arguments
| Name | Description |
|---|---|
lanSocketInterfaceId - ID!
|
|
input - AddNetworkRangeInput!
|
Example
Query
mutation addNetworkRange(
$accountId:ID!,
$lanSocketInterfaceId: ID!,
$input:AddNetworkRangeInput!
) {
site(accountId:$accountId){
addNetworkRange(lanSocketInterfaceId:$lanSocketInterfaceId, input:$input){
networkRangeId
}
}
}
Variables
{
"accountId": "123",
"lanSocketInterfaceId": "456",
"input": {
"name": "Printers",
"rangeType": "Routed",
"subnet": "123.0.1.0/30",
"gateway": "123.0.0.2"
}
}
Response
{"data": {"site": {"addNetworkRange": {"networkRangeId": "UzQ3MDcw"}}}}
addSecondaryAwsVSocket
Beta
Description
Add a secondary AWS vSocket to an existing site
Response
Returns an AddSecondaryAwsVSocketPayload
Arguments
| Name | Description |
|---|---|
input - AddSecondaryAwsVSocketInput!
|
Example
Query
mutation addSecondaryAwsVSocket($accountId:ID!, $input:AddSecondaryAwsVSocketInput!){
site(accountId:$accountId) {
addSecondaryAwsVSocket(input:$input) {
id
}
}
}
Variables
{
"accountId": "143762",
"input": {
"site": {"by": "ID", "input": "400353"},
"eniIpAddress": "11.22.34.50",
"eniIpSubnet": "11.22.34.0/24",
"routeTableId": "123"
}
}
Response
{"data": {"site": {"addSecondaryAwsVSocket": {"id": "NDAwOTU3LVBSSU1BUlk="}}}}
addSecondaryAzureVSocket
Beta
Description
Add a secondary Azure vSocket to an existing site
Response
Returns an AddSecondaryAzureVSocketPayload
Arguments
| Name | Description |
|---|---|
input - AddSecondaryAzureVSocketInput!
|
Example
Query
mutation addSecondaryAzureVSocket($accountId:ID!, $input:AddSecondaryAzureVSocketInput!){
site(accountId:$accountId) {
addSecondaryAzureVSocket(input:$input) {
id
}
}
}
Variables
{
"accountId": "143762",
"input": {
"site": {"by": "ID", "input": "400353"},
"interfaceIp": "20.0.0.57",
"floatingIp": "20.0.0.17"
}
}
Response
{"data": {"site": {"addSecondaryAzureVSocket": {"id": "627135"}}}}
Response
Returns an AddSecondaryGcpVSocketPayload
Arguments
| Name | Description |
|---|---|
input - AddSecondaryGcpVSocketInput!
|
Example
Query
mutation addSecondaryGcpVSocket($accountId: ID!, $input: AddSecondaryGcpVSocketInput!) {
sites(accountId: $accountId) {
addSecondaryGcpVSocket(input: $input) {
socketInfo {
site {
id
name
}
id
interfaceIp
loadBalancerIp
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"site": {"input": "456", "by": "ID"},
"gcpConfig": {"interfaceIp": "10.0.0.1", "loadBalancerIp": "10.0.0.2"}
}
}
Response
{
"data": {
"sites": {
"addSecondaryGcpVSocket": {
"socketInfo": {
"site": {"id": "456", "name": "example site"},
"id": "789",
"interfaceIp": "10.0.0.1",
"loadBalancerIp": "10.0.0.2"
}
}
}
}
}
addSocketAddOnCard
Beta
Response
Returns an AddSocketAddOnCardPayload
Arguments
| Name | Description |
|---|---|
input - AddSocketAddOnCardInput!
|
Example
Query
mutation addSocketAddOnCard($accountId: ID!, $input: AddSocketAddOnCardInput!) {
sites(accountId: $accountId) {
addSocketAddOnCard(input: $input) {
...AddSocketAddOnCardData
__typename
}
__typename
}
}
fragment AddSocketAddOnCardData on AddSocketAddOnCardPayload {
addOns {
expansionSlotNumber
type
__typename
}
__typename
}
Variables
{
"accountId": "123",
"input": {
"site": {"input": "456", "by": "ID"},
"addOns": [
{"type": "FOUR_10G_FIBER", "expansionSlotNumber": "SLOT_1"},
{"type": "FOUR_10G_FIBER", "expansionSlotNumber": "SLOT_2"}
]
}
}
Response
{
"data": {
"sites": {
"addSocketAddOnCard": {
"addOns": [
{
"expansionSlotNumber": "SLOT_1",
"type": "FOUR_10G_FIBER",
"__typename": "SocketAddOnCard"
},
{
"expansionSlotNumber": "SLOT_2",
"type": "FOUR_10G_FIBER",
"__typename": "SocketAddOnCard"
}
],
"__typename": "AddSocketAddOnCardPayload"
},
"__typename": "SiteMutations"
}
}
}
addSocketSite
Response
Returns an AddSocketSitePayload
Arguments
| Name | Description |
|---|---|
input - AddSocketSiteInput!
|
Example
Query
mutation addSocketSite($accountId:ID!, $input:AddSocketSiteInput!){
site(accountId:$accountId) {
addSocketSite(input:$input) {
siteId
}
}
}
Variables
{
"accountId": 123,
"input": {
"name": "New Site",
"connectionType": "SOCKET_X1700",
"siteType": "DATACENTER",
"description": "Data warehouse",
"nativeNetworkRange": "123.0.0.0/24",
"vlan": 1400,
"siteLocation": {
"countryCode": "IL",
"timezone": "Asia/Jerusalem",
"city": "Asheklon"
}
}
}
Response
{"data": {"site": {"addSocketSite": {"siteId": "456"}}}}
addStaticHost
Response
Returns an AddStaticHostPayload
Arguments
| Name | Description |
|---|---|
siteId - ID!
|
|
input - AddStaticHostInput!
|
Example
Query
mutation addStaticHost($accountId:ID!,$siteId: ID!, $input: AddStaticHostInput!) {
site(accountId:$accountId){
addStaticHost(siteId:$siteId, input:$input){
hostId
}
}
}
Variables
{
"accountId": "123",
"siteId": "456",
"input": {"name": "Printer", "ip": "123.0.0.10"}
}
Response
{"data": {"site": {"addStaticHost": {"hostId": "789"}}}}
assignSiteBwLicense
Beta
Description
Assign a license to an existing site // License-to-site assignment will be removed starting in 2026 with the transition to a new pricing model.
Response
Returns an AssignSiteBwLicensePayload
Arguments
| Name | Description |
|---|---|
input - AssignSiteBwLicenseInput!
|
Example
Query
mutation assignSiteBwLicense($accountId: ID!, $input: AssignSiteBwLicenseInput!) {
sites(accountId: $accountId) {
assignSiteBwLicense(input: $input) {
license {
__typename
id,
sku,
... on SiteLicense {
site {
id
}
total
}
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"site": {"input": "445432"},
"licenseId": "99d9485f-0829-4b7e-8781-6365bd6f8914"
}
}
Response
{
"data": {
"sites": {
"assignSiteBwLicense": {
"license": {
"__typename": "SiteLicense",
"id": "3a63749f-e7e0-4385-a02f-6a0f3db10d1d",
"sku": "CATO_SITE",
"site": {"id": "453087"},
"total": 1000
}
}
}
}
}
Response
Returns a CreateWifiRadioProfilePayload
Arguments
| Name | Description |
|---|---|
input - CreateWifiRadioProfileInput!
|
Example
Query
mutation createWifiRadioProfile($accountId: ID!, $input: CreateWifiRadioProfileInput!) {
sites(accountId: $accountId) {
createWifiRadioProfile(input: $input) {
wifiRadioProfile {
id
site {
id
name
}
band24 {
band
standard
channelWidth
dfsEnabled
channel
}
band5 {
band
standard
channelWidth
dfsEnabled
channel
}
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"site": {"input": "456", "by": "ID"},
"band24": {
"band": "BAND_2P4G",
"standard": "IEEE80211AX",
"channelWidth": "MHZ_20",
"dfsEnabled": false,
"channel": 6
},
"band5": {
"band": "BAND_5G",
"standard": "IEEE80211AC",
"channelWidth": "MHZ_80",
"dfsEnabled": true,
"channel": 36
}
}
}
Response
{
"data": {
"sites": {
"createWifiRadioProfile": {
"wifiRadioProfile": {
"id": "789",
"site": {"id": "456", "name": "example site"},
"band24": {
"band": "BAND_2P4G",
"standard": "IEEE80211AX",
"channelWidth": "MHZ_20",
"dfsEnabled": false,
"channel": 6
},
"band5": {
"band": "BAND_5G",
"standard": "IEEE80211AC",
"channelWidth": "MHZ_80",
"dfsEnabled": true,
"channel": 36
}
}
}
}
}
}
Response
Returns a CreateWifiSsidPayload
Arguments
| Name | Description |
|---|---|
input - CreateWifiSsidInput!
|
Example
Query
mutation createWifiSsid($accountId: ID!, $input: CreateWifiSsidInput!) {
sites(accountId: $accountId) {
createWifiSsid(input: $input) {
wifiSsid {
id
networkInterfaceId
site {
id
name
}
name
enabled
category
visible
subnet
localIp
dhcp {
dhcpSubnet
}
microsegmentationEnabled
internetOnly
mdnsEnabled
security {
mode
authProtocol
trackAuthentication
}
band
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"name": "Corporate-WiFi",
"networkInterfaceId": "101",
"site": {"input": "456", "by": "ID"},
"enabled": true,
"category": "CORPORATE",
"visible": true,
"subnet": "10.0.0.0/24",
"localIp": "10.0.0.1",
"dhcp": {"dhcpSubnet": "10.0.0.0/24"},
"microsegmentationEnabled": false,
"internetOnly": false,
"mdnsEnabled": false,
"security": {
"mode": "PSK",
"authProtocol": "WPA3",
"psk": {"passkey": "example_passkey"}
},
"band": "BOTH"
}
}
Response
{
"data": {
"sites": {
"createWifiSsid": {
"wifiSsid": {
"id": "789",
"networkInterfaceId": "101",
"site": {"id": "456", "name": "example site"},
"name": "Corporate-WiFi",
"enabled": true,
"category": "CORPORATE",
"visible": true,
"subnet": "10.0.0.0/24",
"localIp": "10.0.0.1",
"dhcp": {"dhcpSubnet": "10.0.0.0/24"},
"microsegmentationEnabled": false,
"internetOnly": false,
"mdnsEnabled": false,
"security": {
"mode": "PSK",
"authProtocol": "WPA3",
"trackAuthentication": false
},
"band": "BOTH"
}
}
}
}
}
exchangeSocketPorts
Beta
Description
Exchanges two socket ports on a site by swapping their interface assignments.
Response
Returns an ExchangeSocketPortsPayload
Arguments
| Name | Description |
|---|---|
input - ExchangeSocketPortsInput!
|
Example
Query
mutation exchangeSocketPorts($accountId: ID!, $input: ExchangeSocketPortsInput!) {
sites(accountId: $accountId) {
exchangeSocketPorts(input: $input) {
interfaces {
interfaceId
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"site": {"by": "ID", "input": "456"},
"firstInterface": {"interfaceId": "WAN1"},
"secondInterface": {"interfaceId": "LAN1"}
}
}
Response
{
"data": {
"sites": {
"exchangeSocketPorts": {
"interfaces": [{"interfaceId": "WAN1"}, {"interfaceId": "LAN1"}]
}
}
}
}
removeBgpPeer
Beta
Description
Removes an existing BGP peer configuration from a site.
Response
Returns a RemoveBgpPeerPayload
Arguments
| Name | Description |
|---|---|
input - RemoveBgpPeerInput!
|
Example
Query
mutation removeBgpPeer($accountId: ID!, $input: RemoveBgpPeerInput!) {
site(accountId: $accountId) {
removeBgpPeer(input: $input){
bgpPeer{
site{
id
name
}
id
name
peerAsn
catoAsn
peerIp
catoIp
advertiseDefaultRoute
advertiseAllRoutes
advertiseSummaryRoutes
summaryRoute{
id
route
community{
from
to
}
}
defaultAction
performNat
md5AuthKey
metric
holdTime
keepaliveInterval
bfdEnabled
bfdSettings {
transmitInterval
receiveInterval
multiplier
}
tracking{
id
enabled
alertFrequency
subscriptionId
}
}
}
}
}
Variables
{"accountId": 123, "input": {"id": "13372"}}
Response
{
"data": {
"site": {
"removeBgpPeer": {
"bgpPeer": {
"site": {"id": "456", "name": "test-accept"},
"id": "13372",
"name": "updatedName",
"peerAsn": 2,
"catoAsn": 9,
"peerIp": "185.0.0.69",
"catoIp": "185.0.0.1",
"advertiseDefaultRoute": true,
"advertiseAllRoutes": false,
"advertiseSummaryRoutes": false,
"summaryRoute": [
{
"id": "3832",
"route": "1.6.5.0/25",
"community": [{"from": 1, "to": 2}, {"from": 1, "to": 3}]
}
],
"defaultAction": "ACCEPT",
"performNat": false,
"md5AuthKey": "2313123",
"metric": 100,
"holdTime": 60,
"keepaliveInterval": 20,
"bfdEnabled": false,
"bfdSettings": {
"transmitInterval": 1000,
"receiveInterval": 1000,
"multiplier": 5
},
"tracking": {
"id": "1691",
"enabled": true,
"alertFrequency": "DAILY",
"subscriptionId": "-100"
}
}
}
}
}
}
removeCloudInterconnectPhysicalConnection
Beta
Description
Remove a physical connection from a cloud interconnect site.
Response
Arguments
| Name | Description |
|---|---|
input - RemoveCloudInterconnectPhysicalConnectionInput!
|
Example
Query
mutation removeCloudInterconnectPhysicalConnection($accountId: ID!, $input: RemoveCloudInterconnectPhysicalConnectionInput!){
site(accountId: $accountId) {
removeCloudInterconnectPhysicalConnection( input: $input ) {
id
}
}
}
Variables
{"accountId": 128782, "input": {"id": "NDAwOTU3LVBSSU1BUlk="}}
Response
{
"data": {
"site": {
"removeCloudInterconnectPhysicalConnection": {
"id": "NDAwOTU3LVBSSU1BUlk="
}
}
}
}
removeIpsecIkeV2SiteTunnels
Beta
Response
Returns a RemoveIpsecIkeV2SiteTunnelsPayload
Arguments
| Name | Description |
|---|---|
siteId - ID!
|
|
input - RemoveIpsecIkeV2SiteTunnelsInput!
|
Example
Query
mutation removeIpsecIkeV2SiteTunnels($accountId: ID!, $siteId: ID!, $input: RemoveIpsecIkeV2SiteTunnelsInput!) {
site(accountId: $accountId) {
removeIpsecIkeV2SiteTunnels(siteId: $siteId, input: $input) {
siteId
}
}
}
Variables
{"accountId": "123", "siteId": "456", "input": {"tunnelId": "PRIMARY1"}}
Response
{"data": {"site": {"removeIpsecIkeV2SiteTunnels": {"siteId": "456"}}}}
removeNetworkRange
Response
Returns a RemoveNetworkRangePayload
Arguments
| Name | Description |
|---|---|
networkRangeId - ID!
|
Example
Query
mutation removeNetworkRange(
$accountId:ID!,
$networkRangeId: ID!,
) {
site(accountId:$accountId){
removeNetworkRange(networkRangeId:$networkRangeId){
networkRangeId
}
}
}
Variables
{"accountId": "123", "networkRangeId": "UzQ3MDcw"}
Response
{"data": {"site": {"removeNetworkRange": {"networkRangeId": "UzQ3MDcw"}}}}
removeSecondaryAwsVSocket
Beta
Description
Remove the secondary AWS vSocket from an existing site
Response
Returns a RemoveSecondaryAwsVSocketPayload
Arguments
| Name | Description |
|---|---|
socketId - ID!
|
Example
Query
mutation RemoveSecondaryAwsVSocket($accountId: ID!, $socketId: ID!) {
site(accountId: $accountId) {
removeSecondaryAwsVSocket(socketId: $socketId) {
secondaryAwsVSocket {
site {
id
name
}
id
ipAddress
subnet
routeTableId
}
}
}
}
Variables
{"accountId": "5018", "socketId": 648938}
Response
{
"data": {
"site": {
"removeSecondaryAwsVSocket": {
"secondaryAwsVSocket": {
"site": {"id": "360942", "name": "aws"},
"id": "648938",
"ipAddress": "10.20.30.40",
"subnet": "10.20.30.0/24",
"routeTableId": "rtb-123456"
}
}
}
}
}
removeSecondaryAzureVSocket
Beta
Description
Remove the secondary Azure vSocket from an existing site
Response
Returns a RemoveSecondaryAzureVSocketPayload
Arguments
| Name | Description |
|---|---|
socketId - ID!
|
Example
Query
mutation RemoveSecondaryAzureVSocket($accountId: ID!, $socketId: ID!) {
site(accountId: $accountId) {
removeSecondaryAzureVSocket(socketId: $socketId) {
secondaryAzureVSocket {
site {
id
name
}
id
interfaceIp
floatingIp
}
}
}
}
Variables
{"accountId": "5018", "socketId": 654376}
Response
{
"data": {
"site": {
"removeSecondaryAzureVSocket": {
"secondaryAzureVSocket": {
"site": {"id": "366082", "name": "azure"},
"id": "654376",
"interfaceIp": "122.0.0.55",
"floatingIp": "122.0.0.56"
}
}
}
}
}
Response
Returns a RemoveSecondaryGcpVSocketPayload
Arguments
| Name | Description |
|---|---|
input - RemoveSecondaryGcpVSocketInput!
|
Example
Query
mutation removeSecondaryGcpVSocket($accountId: ID!, $input: RemoveSecondaryGcpVSocketInput!) {
sites(accountId: $accountId) {
removeSecondaryGcpVSocket(input: $input) {
socketInfo {
site {
id
name
}
id
interfaceIp
loadBalancerIp
}
}
}
}
Variables
{"accountId": "123", "input": {"id": "789"}}
Response
{
"data": {
"sites": {
"removeSecondaryGcpVSocket": {
"socketInfo": {
"site": {"id": "456", "name": "example site"},
"id": "789",
"interfaceIp": "10.0.0.1",
"loadBalancerIp": "10.0.0.2"
}
}
}
}
}
removeSite
Response
Returns a RemoveSitePayload
Arguments
| Name | Description |
|---|---|
siteId - ID!
|
Example
Query
mutation removeSite($accountId:ID!, $siteId:ID!){
site(accountId:$accountId) {
removeSite(siteId:$siteId) {
siteId
}
}
}
Variables
{"accountId": "123", "siteId": "456"}
Response
{"data": {"site": {"removeSite": {"siteId": "456"}}}}
removeSiteBwLicense
Beta
Description
Remove a license from a site // License-to-site assignment will be removed starting in 2026 with the transition to a new pricing model.
Response
Returns a RemoveSiteBwLicensePayload
Arguments
| Name | Description |
|---|---|
input - RemoveSiteBwLicenseInput!
|
Example
Query
mutation removeSiteBwLicense($accountId: ID!,$input: RemoveSiteBwLicenseInput!) {
sites(accountId: $accountId) {
removeSiteBwLicense(input: $input) {
license {
__typename
id
status
plan
sku
... on SiteLicense {
siteLicenseType
siteLicenseGroup
site {
id
}
total
}
}
}
}
}
Variables
{
"accountId": "228967",
"input": {
"site": {"input": "453087"},
"licenseId": "3a63749f-e7e0-4385-a02f-6a0f3db10d1d"
}
}
Response
{
"data": {
"sites": {
"removeSiteBwLicense": {
"license": {
"__typename": "SiteLicense",
"id": "3a63749f-e7e0-4385-a02f-6a0f3db10d1d",
"status": "ACTIVE",
"plan": "COMMERCIAL",
"sku": "CATO_SITE",
"siteLicenseType": "SASE",
"siteLicenseGroup": "GROUP_1",
"site": null,
"total": 1000
}
}
}
}
}
removeSocketAddOnCard
Beta
Response
Returns a RemoveSocketAddOnCardPayload
Arguments
| Name | Description |
|---|---|
input - RemoveSocketAddOnCardInput!
|
Example
Query
mutation removeSocketAddOnCard($accountId: ID!, $input: RemoveSocketAddOnCardInput!) {
sites(accountId: $accountId) {
removeSocketAddOnCard(input: $input) {
...RemoveSocketAddOnCardData
__typename
}
__typename
}
}
fragment RemoveSocketAddOnCardData on RemoveSocketAddOnCardPayload {
addOns {
expansionSlotNumber
type
__typename
}
__typename
}
Variables
{
"accountId": "123",
"input": {
"site": {"input": "456", "by": "ID"},
"expansionSlotNumbers": ["SLOT_2"]
}
}
Response
{
"data": {
"sites": {
"removeSocketAddOnCard": {
"addOns": [
{
"expansionSlotNumber": "SLOT_2",
"type": "FOUR_10G_FIBER",
"__typename": "SocketAddOnCard"
}
],
"__typename": "RemoveSocketAddOnCardPayload"
},
"__typename": "SiteMutations"
}
}
}
removeStaticHost
Response
Returns a RemoveStaticHostPayload
Arguments
| Name | Description |
|---|---|
hostId - ID!
|
Example
Query
mutation removeStaticHost($accountId:ID!,$hostId: ID!) {
site(accountId:$accountId){
removeStaticHost(hostId:$hostId){
hostId
}
}
}
Variables
{"accountId": "123", "hostId": "789"}
Response
{"data": {"site": {"removeStaticHost": {"hostId": "789"}}}}
Response
Returns a RemoveWifiSsidPayload
Arguments
| Name | Description |
|---|---|
input - RemoveWifiSsidInput!
|
Example
Query
mutation removeWifiSsid($accountId: ID!, $input: RemoveWifiSsidInput!) {
sites(accountId: $accountId) {
removeWifiSsid(input: $input) {
wifiSsid {
id
name
}
}
}
}
Variables
{"accountId": "123", "input": {"wifiSsid": {"input": "789", "by": "ID"}}}
Response
{
"data": {
"sites": {
"removeWifiSsid": {"wifiSsid": {"id": "789", "name": "Corporate-WiFi"}}
}
}
}
replaceSiteBwLicense
Beta
Description
Replace an existing license of a site. This API is used to make sure the site will always have a license to avoid traffic drop for sites without licenses. // License-to-site assignment will be removed starting in 2026 with the transition to a new pricing model.
Response
Returns a ReplaceSiteBwLicensePayload
Arguments
| Name | Description |
|---|---|
input - ReplaceSiteBwLicenseInput!
|
Example
Query
mutation replaceSiteBwLicense($accountId: ID!,$input: ReplaceSiteBwLicenseInput!) {
sites(accountId: $accountId) {
replaceSiteBwLicense(input: $input) {
license {
__typename
id,
sku,
... on SiteLicense {
site {
id
}
total
}
}
}
}
}
Variables
{
"accountId": "228967",
"input": {
"site": {"input": "453087"},
"licenseIdToAdd": "7fe1aca1-59c3-4b6b-bc8c-d2850867e073",
"licenseIdToRemove": "3a63749f-e7e0-4385-a02f-6a0f3db10d1d"
}
}
Response
{
"data": {
"sites": {
"replaceSiteBwLicense": {
"license": {
"__typename": "SiteLicense",
"id": "7fe1aca1-59c3-4b6b-bc8c-d2850867e073",
"sku": "CATO_SITE",
"site": {"id": "453087"},
"total": 1000
}
}
}
}
}
Description
Requests an upgrade for multiple sites to specific versions. Returns the result of the request.
Response
Returns a StartSiteUpgradePayload
Arguments
| Name | Description |
|---|---|
input - StartSiteUpgradeInput!
|
Example
Query
mutation SiteMutation($accountId: ID!, $input: StartSiteUpgradeInput!) {
sites(accountId: $accountId) {
startSiteUpgrade(input: $input) {
results {
site {
id
name
}
targetVersion
}
}
}
}
Variables
{
"accountId": 123,
"input": {
"upgrades": [
{
"site": {"input": "site-name", "by": "NAME"},
"targetVersion": "23.0.19481"
}
]
}
}
Response
{
"data": {
"sites": {
"startSiteUpgrade": {
"results": [
{
"site": {"id": "456", "name": "site-name"},
"targetVersion": "23.0.19481"
}
]
}
}
}
}
updateBgpPeer
Beta
Description
Updates an existing BGP peer configuration.
Response
Returns an UpdateBgpPeerPayload
Arguments
| Name | Description |
|---|---|
input - UpdateBgpPeerInput!
|
Example
Query
mutation updateBgpPeer($accountId: ID!, $input: UpdateBgpPeerInput!) {
site(accountId: $accountId) {
updateBgpPeer(input: $input){
bgpPeer{
site{
id
name
}
id
name
peerAsn
catoAsn
peerIp
catoIp
advertiseDefaultRoute
advertiseAllRoutes
advertiseSummaryRoutes
summaryRoute{
id
route
community{
from
to
}
}
defaultAction
performNat
md5AuthKey
metric
holdTime
keepaliveInterval
bfdEnabled
bfdSettings {
transmitInterval
receiveInterval
multiplier
}
tracking{
id
enabled
alertFrequency
subscriptionId
}
}
}
}
}
Variables
{
"accountId": 123,
"input": {
"id": "13372",
"name": "updatedName",
"peerAsn": 2,
"catoAsn": 9,
"peerIp": "185.0.0.69",
"advertiseDefaultRoute": true,
"advertiseAllRoutes": false,
"advertiseSummaryRoutes": false,
"summaryRoute": [
{
"route": "1.6.5.0/25",
"community": [{"from": 1, "to": 2}, {"from": 1, "to": 3}]
}
],
"defaultAction": "ACCEPT",
"performNat": false,
"md5AuthKey": "2313123",
"metric": 100,
"holdTime": 60,
"keepaliveInterval": 20,
"bfdEnabled": false,
"tracking": {
"enabled": true,
"alertFrequency": "DAILY",
"subscriptionId": "-100"
}
}
}
Response
{
"data": {
"site": {
"updateBgpPeer": {
"bgpPeer": {
"site": {"id": "456", "name": "test-accept"},
"id": "13372",
"name": "updatedName",
"peerAsn": 2,
"catoAsn": 9,
"peerIp": "185.0.0.69",
"catoIp": "185.0.0.1",
"advertiseDefaultRoute": true,
"advertiseAllRoutes": false,
"advertiseSummaryRoutes": false,
"summaryRoute": [
{
"id": "3832",
"route": "1.6.5.0/25",
"community": [{"from": 1, "to": 2}, {"from": 1, "to": 3}]
}
],
"defaultAction": "ACCEPT",
"performNat": false,
"md5AuthKey": "2313123",
"metric": 100,
"holdTime": 60,
"keepaliveInterval": 20,
"bfdEnabled": false,
"bfdSettings": {
"transmitInterval": 1000,
"receiveInterval": 1000,
"multiplier": 5
},
"tracking": {
"id": "1691",
"enabled": true,
"alertFrequency": "DAILY",
"subscriptionId": "-100"
}
}
}
}
}
}
updateBgpPeers
Beta
Description
Bulk updates BGP peer configuration for a site. Use bgpPeer to replace all peers, or use the delta fields to add, update, and remove peers in one request.
Response
Returns an UpdateBgpPeersPayload
Arguments
| Name | Description |
|---|---|
input - UpdateBgpPeersInput!
|
Example
Query
mutation updateBgpPeers($accountId: ID!, $input: UpdateBgpPeersInput!) {
site(accountId: $accountId) {
updateBgpPeers(input: $input){
bgpPeer{
site{
id
name
}
id
name
peerAsn
catoAsn
peerIp
catoIp
advertiseDefaultRoute
advertiseAllRoutes
advertiseSummaryRoutes
summaryRoute{
id
route
community{
from
to
}
}
defaultAction
performNat
md5AuthKey
metric
holdTime
keepaliveInterval
bfdEnabled
bfdSettings {
transmitInterval
receiveInterval
multiplier
}
tracking{
id
enabled
alertFrequency
subscriptionId
}
}
}
}
}
Variables
{
"accountId": 123,
"input": {
"site": {"input": "456", "by": "ID"},
"bgpPeer": [
{
"name": "peer-01",
"peerAsn": 65001,
"catoAsn": 65000,
"peerIp": "185.0.0.69",
"advertiseDefaultRoute": true,
"advertiseAllRoutes": false,
"advertiseSummaryRoutes": false,
"summaryRoute": [],
"defaultAction": "ACCEPT",
"defaultActionExclusion": [],
"performNat": false,
"metric": 100,
"holdTime": 60,
"keepaliveInterval": 20,
"bfdEnabled": false
},
{
"name": "peer-02",
"peerAsn": 65002,
"catoAsn": 65000,
"peerIp": "185.0.0.70",
"advertiseDefaultRoute": true,
"advertiseAllRoutes": false,
"advertiseSummaryRoutes": true,
"summaryRoute": [
{"route": "10.0.0.0/8", "community": [{"from": 1, "to": 2}]}
],
"defaultAction": "DROP",
"defaultActionExclusion": [],
"performNat": false,
"metric": 200,
"holdTime": 90,
"keepaliveInterval": 30,
"bfdEnabled": true,
"bfdSettings": {
"transmitInterval": 1000,
"receiveInterval": 1000,
"multiplier": 5
}
}
]
}
}
Response
{
"data": {
"site": {
"updateBgpPeers": {
"bgpPeer": [
{
"site": {"id": "456", "name": "example site"},
"id": "13372",
"name": "peer-01",
"peerAsn": 65001,
"catoAsn": 65000,
"peerIp": "185.0.0.69",
"catoIp": "185.0.0.1",
"advertiseDefaultRoute": true,
"advertiseAllRoutes": false,
"advertiseSummaryRoutes": false,
"summaryRoute": [],
"defaultAction": "ACCEPT",
"performNat": false,
"md5AuthKey": null,
"metric": 100,
"holdTime": 60,
"keepaliveInterval": 20,
"bfdEnabled": false,
"bfdSettings": null,
"tracking": null
},
{
"site": {"id": "456", "name": "example site"},
"id": "13373",
"name": "peer-02",
"peerAsn": 65002,
"catoAsn": 65000,
"peerIp": "185.0.0.70",
"catoIp": "185.0.0.2",
"advertiseDefaultRoute": true,
"advertiseAllRoutes": false,
"advertiseSummaryRoutes": true,
"summaryRoute": [
{
"id": "3831",
"route": "10.0.0.0/8",
"community": [{"from": 1, "to": 2}]
}
],
"defaultAction": "DROP",
"performNat": false,
"md5AuthKey": null,
"metric": 200,
"holdTime": 90,
"keepaliveInterval": 30,
"bfdEnabled": true,
"bfdSettings": {
"transmitInterval": 1000,
"receiveInterval": 1000,
"multiplier": 5
},
"tracking": null
}
]
}
}
}
}
updateCloudInterconnectPhysicalConnection
Beta
Description
Update an existing physical connection at a cloud interconnect site.
Response
Arguments
| Name | Description |
|---|---|
input - UpdateCloudInterconnectPhysicalConnectionInput!
|
Example
Query
mutation updateCloudInterconnectPhysicalConnection($accountId: ID!, $input: UpdateCloudInterconnectPhysicalConnectionInput!){
site(accountId: $accountId) {
updateCloudInterconnectPhysicalConnection( input: $input ) {
id
}
}
}
Variables
{
"accountId": 128782,
"input": {
"id": "NDAwOTU3LVBSSU1BUlk=",
"popLocation": {"input": "10005", "by": "ID"},
"serviceProviderName": "QnQPort",
"encapsulationMethod": "QINQ",
"subnet": "186.0.2.0/24",
"privateCatoIp": "186.0.2.19",
"privateSiteIp": "186.0.2.20",
"upstreamBwLimit": "30",
"downstreamBwLimit": "10"
}
}
Response
{
"data": {
"site": {
"updateCloudInterconnectPhysicalConnection": {
"id": "NDAwOTU3LVBSSU1BUlk="
}
}
}
}
updateHa
Response
Returns an UpdateHaPayload
Arguments
| Name | Description |
|---|---|
siteId - ID!
|
|
input - UpdateHaInput!
|
Example
Query
mutation updateHa($accountId:ID!,$siteId: ID!, $input: UpdateHaInput!) {
site(accountId:$accountId){
updateHa(siteId:$siteId, input:$input){
siteId
}
}
}
Variables
{
"accountId": "123",
"siteId": "456",
"input": {
"primaryManagementIp": "123.0.0.231",
"secondaryManagementIp": "123.0.0.232",
"vrid": 123
}
}
Response
{"data": {"site": {"updateHa": {"siteId": "456"}}}}
updateIpsecIkeV2SiteGeneralDetails
Beta
Response
Returns an UpdateIpsecIkeV2SiteGeneralDetailsPayload
Arguments
| Name | Description |
|---|---|
siteId - ID!
|
|
input - UpdateIpsecIkeV2SiteGeneralDetailsInput!
|
Example
Query
mutation updateIpsecIkeV2SiteGeneralDetails($accountId: ID!, $siteId: ID!, $input: UpdateIpsecIkeV2SiteGeneralDetailsInput!) {
site(accountId: $accountId) {
updateIpsecIkeV2SiteGeneralDetails(siteId: $siteId, input: $input) {
siteId
}
}
}
Variables
{
"accountId": "123",
"siteId": "456",
"input": {
"connectionMode": "RESPONDER_ONLY",
"identificationType": "FQDN",
"initMessage": {
"cipher": "AUTOMATIC",
"dhGroup": "DH_15_MODP3072",
"integrity": "SHA256",
"prf": "SHA256"
},
"authMessage": {
"cipher": "AES_GCM_256",
"dhGroup": "DH_16_MODP4096",
"integrity": "AUTOMATIC"
},
"networkRanges": "Service1:100.100.100.0/24"
}
}
Response
{"data": {"site": {"updateIpsecIkeV2SiteGeneralDetails": {"siteId": "456"}}}}
updateIpsecIkeV2SiteTunnels
Beta
Response
Returns an UpdateIpsecIkeV2SiteTunnelsPayload
Arguments
| Name | Description |
|---|---|
siteId - ID!
|
|
input - UpdateIpsecIkeV2SiteTunnelsInput!
|
Example
Query
mutation updateIpsecIkeV2SiteTunnels($accountId: ID!, $siteId: ID!, $input: UpdateIpsecIkeV2SiteTunnelsInput!) {
site(accountId: $accountId) {
updateIpsecIkeV2SiteTunnels(siteId: $siteId, input: $input) {
siteId
}
}
}
Variables
{
"accountId": "123",
"siteId": "456",
"input": {
"primary": {
"destinationType": "IPv4",
"publicCatoIpId": 1000,
"tunnels": {
"tunnelId": "PRIMARY1",
"lastMileBw": {"downstream": 100, "upstream": 100},
"psk": "TEst123456789"
}
},
"secondary": {
"destinationType": "FQDN",
"tunnels": {
"tunnelId": "SECONDARY1",
"publicSiteIp": "20.20.20.2",
"lastMileBw": {"downstream": 200, "upstream": 200},
"psk": "TEst123456789"
}
}
}
}
Response
{"data": {"site": {"updateIpsecIkeV2SiteTunnels": {"siteId": "456"}}}}
updateNetworkRange
Response
Returns an UpdateNetworkRangePayload
Arguments
| Name | Description |
|---|---|
networkRangeId - ID!
|
|
input - UpdateNetworkRangeInput!
|
Example
Query
mutation updateNetworkRange(
$accountId:ID!,
$networkRangeId: ID!,
$input:UpdateNetworkRangeInput!
) {
site(accountId:$accountId){
updateNetworkRange(networkRangeId:$networkRangeId, input:$input){
networkRangeId
}
}
}
Variables
{"accountId": "123", "networkRangeId": "UzQ3MDcw", "input": {"name": "Devs"}}
Response
{"data": {"site": {"updateNetworkRange": {"networkRangeId": "UzQ3MDcw"}}}}
updateSecondaryAwsVSocket
Beta
Description
Update the secondary AWS vSocket from in an existing site
Response
Returns an UpdateSecondaryAwsVSocketPayload
Arguments
| Name | Description |
|---|---|
input - UpdateSecondaryAwsVSocketInput!
|
Example
Query
mutation updateSecondaryAwsVSocket($accountId:ID!, $input:UpdateSecondaryAwsVSocketInput!){
site(accountId:$accountId) {
updateSecondaryAwsVSocket(input:$input) {
secondaryAwsVSocket {
site {
id
name
}
id
ipAddress
subnet
routeTableId
}
}
}
}
Variables
{
"accountId": "143762",
"input": {
"id": "631159",
"ipAddress": "55.45.45.76",
"routeTableId": "888",
"subnet": "55.45.45.0/24"
}
}
Response
{
"data": {
"site": {
"updateSecondaryAwsVSocket": {
"secondaryAwsVSocket": {
"site": {"id": 400376, "name": "aws"},
"id": "631159",
"ipAddress": "55.45.45.76",
"subnet": "55.45.45.0/24",
"routeTableId": "888"
}
}
}
}
}
updateSecondaryAzureVSocket
Beta
Description
Update the secondary Azure vSocket in an existing site
Response
Returns an UpdateSecondaryAzureVSocketPayload
Arguments
| Name | Description |
|---|---|
input - UpdateSecondaryAzureVSocketInput!
|
Example
Query
mutation updateSecondaryAzureVSocket($accountId:ID!, $input:UpdateSecondaryAzureVSocketInput!){
site(accountId:$accountId) {
updateSecondaryAzureVSocket(input:$input) {
secondaryAzureVSocket {
site {
id
name
}
id
interfaceIp
floatingIp
}
}
}
}
Variables
{
"accountId": "5018",
"input": {
"id": "654376",
"interfaceIp": "122.0.0.55",
"floatingIp": "122.0.0.56"
}
}
Response
{
"data": {
"site": {
"updateSecondaryAzureVSocket": {
"secondaryAzureVSocket": {
"site": {"id": "366082", "name": "azure"},
"id": "654376",
"interfaceIp": "122.0.0.55",
"floatingIp": "122.0.0.56"
}
}
}
}
}
Response
Returns an UpdateSecondaryGcpVSocketPayload
Arguments
| Name | Description |
|---|---|
input - UpdateSecondaryGcpVSocketInput!
|
Example
Query
mutation updateSecondaryGcpVSocket($accountId: ID!, $input: UpdateSecondaryGcpVSocketInput!) {
sites(accountId: $accountId) {
updateSecondaryGcpVSocket(input: $input) {
socketInfo {
site {
id
name
}
id
interfaceIp
loadBalancerIp
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"id": "789",
"gcpConfig": {"interfaceIp": "10.0.0.3", "loadBalancerIp": "10.0.0.4"}
}
}
Response
{
"data": {
"sites": {
"updateSecondaryGcpVSocket": {
"socketInfo": {
"site": {"id": "456", "name": "example site"},
"id": "789",
"interfaceIp": "10.0.0.3",
"loadBalancerIp": "10.0.0.4"
}
}
}
}
}
updateSiteBackhauling
Beta
Description
Update backhauling configuration for a site.
Response
Returns an UpdateSiteBackhaulingPayload
Arguments
| Name | Description |
|---|---|
input - UpdateSiteBackhaulingInput!
|
Example
Query
mutation updateSiteBackhauling($accountId:ID!, $input: UpdateSiteBackhaulingInput!) {
sites(accountId: $accountId){
updateSiteBackhauling(input:$input) {
site {
id
name
}
useAsBackhaulingGW
destination
nextHopIP
preferredSocketPort
}
}
}
Variables
{
"accountId": "123",
"input": {
"site": {"input": "456", "by": "ID"},
"useAsBackhaulingGW": true,
"destination": "LOCAL_GATEWAY_IP",
"nextHopIP": "192.168.0.1"
}
}
Response
{
"data": {
"sites": {
"updateSiteBackhauling": {
"site": {"id": "456", "name": "example site"},
"useAsBackhaulingGW": true,
"destination": "LOCAL_GATEWAY_IP",
"nextHopIP": "192.168.0.1",
"preferredSocketPort": null
}
}
}
}
updateSiteBwLicense
Beta
Description
Update the bandwidth allocation of an assigned pool license of an existing site (does not apply for site license allocation) // License-to-site assignment will be removed starting in 2026 with the transition to a new pricing model.
Response
Returns an UpdateSiteBwLicensePayload
Arguments
| Name | Description |
|---|---|
input - UpdateSiteBwLicenseInput!
|
Example
Query
mutation updateSiteBwLicense($accountId: ID!,$input: UpdateSiteBwLicenseInput!) {
sites(accountId: $accountId) {
updateSiteBwLicense(input: $input) {
license {
__typename
id
status
plan
sku
... on PooledBandwidthLicense {
siteLicenseType
siteLicenseGroup
total
sites {
allocatedBandwidth
site {
id
name
}
}
}
}
}
}
}
Variables
{
"accountId": "200113",
"input": {
"site": {"input": "453090"},
"licenseId": "4f494671-d345-4784-86a9-ac617c935391",
"bw": 60
}
}
Response
{
"data": {
"sites": {
"updateSiteBwLicense": {
"license": {
"__typename": "PooledBandwidthLicense",
"id": "4f494671-d345-4784-86a9-ac617c935391",
"status": "ACTIVE",
"plan": "COMMERCIAL",
"sku": "CATO_PB",
"siteLicenseType": "SASE",
"siteLicenseGroup": "GROUP_2",
"total": 1000,
"sites": [
{"allocatedBandwidth": 60, "site": {"id": "453090", "name": "HQ"}}
]
}
}
}
}
}
updateSiteGeneralDetails
Response
Returns an UpdateSiteGeneralDetailsPayload
Arguments
| Name | Description |
|---|---|
siteId - ID!
|
|
input - UpdateSiteGeneralDetailsInput!
|
Example
Query
mutation updateSiteGeneralDetails($accountId:ID!, $siteId:ID!, $input:UpdateSiteGeneralDetailsInput!) {
sites(accountId: $accountId){
updateSiteGeneralDetails(siteId:$siteId, input:$input) {
siteId
}
}
}
Variables
{
"accountId": "123",
"siteId": "456",
"input": {
"siteType": "BRANCH",
"workingHours": {
"override": false,
"fromTimeMinuteOffset": 540,
"toTimeMinuteOffset": 1080,
"workingDays": ["MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY"]
},
"disableAclForSip": false
}
}
Response
{"data": {"sites": {"updateSiteGeneralDetails": {"siteId": "456"}}}}
updateSiteNetworkRanges
Beta
Description
Bulk update network ranges by replacing the full collection or applying add/remove deltas.
Response
Returns an UpdateSiteNetworkRangesPayload
Arguments
| Name | Description |
|---|---|
input - UpdateSiteNetworkRangesInput!
|
Example
Query
mutation updateSiteNetworkRanges($accountId: ID!, $input: UpdateSiteNetworkRangesInput!) {
site(accountId: $accountId) {
updateSiteNetworkRanges(input: $input) {
networkRange {
networkRangeId
name
rangeType
subnet
localIp
gateway
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"site": {"input": "456", "by": "ID"},
"networkRange": [
{
"lanSocketInterfaceId": "789",
"name": "Office LAN",
"rangeType": "Direct",
"subnet": "10.0.1.0/24",
"localIp": "10.0.1.1"
},
{
"lanSocketInterfaceId": "789",
"name": "Servers",
"rangeType": "Routed",
"subnet": "10.0.2.0/24",
"gateway": "10.0.2.1"
}
]
}
}
Response
{
"data": {
"site": {
"updateSiteNetworkRanges": {
"networkRange": [
{
"networkRangeId": "UzQ3MDcw",
"name": "Native",
"rangeType": "Native",
"subnet": "10.0.0.0/24",
"localIp": "10.0.0.1",
"gateway": null
},
{
"networkRangeId": "UzQ3MDcy",
"name": "Office LAN",
"rangeType": "Direct",
"subnet": "10.0.1.0/24",
"localIp": "10.0.1.1",
"gateway": null
},
{
"networkRangeId": "UzQ3MDcz",
"name": "Servers",
"rangeType": "Routed",
"subnet": "10.0.2.0/24",
"localIp": null,
"gateway": "10.0.2.1"
}
]
}
}
}
}
updateSiteSocketConfiguration
Beta
Response
Returns an UpdateSiteSocketConfigurationPayload
Arguments
| Name | Description |
|---|---|
input - UpdateSiteSocketConfigurationInput!
|
Example
Query
mutation updateSiteSocketConfiguration($accountId: ID!, $input: UpdateSiteSocketConfigurationInput!) {
site(accountId: $accountId) {
updateSiteSocketConfiguration(input: $input) {
siteSocketConfiguration {
primarySocketConfiguration {
description
}
secondarySocketConfiguration {
description
}
}
}
}
}
Variables
{
"accountId": 8743,
"input": {
"site": {"by": "NAME", "input": "example"},
"primarySocketConfiguration": {"description": "primary"},
"secondarySocketConfiguration": {"description": "srcondary"}
}
}
Response
{
"data": {
"site": {
"updateSiteSocketConfiguration": {
"siteSocketConfiguration": {
"primarySocketConfiguration": {"description": "primary"},
"secondarySocketConfiguration": {"description": "srcondary"}
}
}
}
}
}
updateSiteStaticHosts
Beta
Description
Bulk update static hosts by replacing the full collection or applying add/remove deltas.
Response
Returns an UpdateSiteStaticHostsPayload
Arguments
| Name | Description |
|---|---|
input - UpdateSiteStaticHostsInput!
|
Example
Query
mutation updateSiteStaticHosts($accountId: ID!, $input: UpdateSiteStaticHostsInput!) {
sites(accountId: $accountId) {
updateSiteStaticHosts(input: $input) {
host {
hostId
name
ip
macAddress
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"site": {"input": "456", "by": "ID"},
"host": [
{
"name": "print-server-01",
"ip": "10.0.1.50",
"macAddress": "AA:BB:CC:DD:EE:FF"
},
{"name": "nas-storage", "ip": "10.0.1.51"}
]
}
}
Response
{
"data": {
"sites": {
"updateSiteStaticHosts": {
"host": [
{
"hostId": "1001",
"name": "print-server-01",
"ip": "10.0.1.50",
"macAddress": "AA:BB:CC:DD:EE:FF"
},
{
"hostId": "1002",
"name": "nas-storage",
"ip": "10.0.1.51",
"macAddress": null
}
]
}
}
}
}
updateSocketInterface
Response
Returns an UpdateSocketInterfacePayload
Arguments
| Name | Description |
|---|---|
siteId - ID!
|
|
socketInterfaceId - SocketInterfaceIDEnum!
|
|
input - UpdateSocketInterfaceInput!
|
Example
Query
mutation updateSocketInterface(
$accountId:ID!,
$siteId: ID!,
$socketInterfaceId: SocketInterfaceIDEnum!,
$input:UpdateSocketInterfaceInput!
) {
site(accountId:$accountId){
updateSocketInterface(siteId:$siteId, socketInterfaceId: $socketInterfaceId, input:$input){
siteId
socketInterfaceId
}
}
}
Variables
{
"accountId": "123",
"siteId": "456",
"socketInterfaceId": "INT_1",
"input": {
"destType": "CATO",
"bandwidth": {"upstreamBandwidth": 100, "downstreamBandwidth": 100}
}
}
Response
{
"data": {
"site": {
"updateSocketInterface": {"siteId": "456", "socketInterfaceId": "INT_1"}
}
}
}
updateSocketInterfaces
Beta
Description
Bulk updates the socket interface configuration of a site by replacing the configuration of all provided interfaces in a single request.
Response
Returns an UpdateSocketInterfacesPayload
Arguments
| Name | Description |
|---|---|
input - UpdateSocketInterfacesInput!
|
Example
Query
mutation updateSocketInterfaces($accountId: ID!, $input: UpdateSocketInterfacesInput!) {
sites(accountId: $accountId) {
updateSocketInterfaces(input: $input) {
siteId
socketInterfaceId
}
}
}
Variables
{
"accountId": "123",
"input": {
"site": {"input": "456", "by": "ID"},
"socketInterface": [
{
"socketInterfaceId": "WAN1",
"destType": "CATO",
"name": "Primary WAN",
"bandwidth": {"upstreamBandwidth": 100, "downstreamBandwidth": 100},
"wan": {"precedence": "ACTIVE", "role": "wan_1"}
},
{
"socketInterfaceId": "LAN1",
"destType": "LAN",
"name": "Office LAN",
"lan": {"localIp": "10.0.0.1", "subnet": "10.0.0.0/24"}
}
]
}
}
Response
{
"data": {
"sites": {
"updateSocketInterfaces": {
"siteId": "456",
"socketInterfaceId": ["WAN1", "LAN1"]
}
}
}
}
updateStaticHost
Response
Returns an UpdateStaticHostPayload
Arguments
| Name | Description |
|---|---|
hostId - ID!
|
|
input - UpdateStaticHostInput!
|
Example
Query
mutation updateStaticHost($accountId:ID!,$hostId: ID!, $input: UpdateStaticHostInput!) {
site(accountId:$accountId){
updateStaticHost(hostId:$hostId, input:$input){
hostId
}
}
}
Variables
{
"accountId": "123",
"hostId": "789",
"input": {"name": "Printer", "ip": "123.0.0.11"}
}
Response
{"data": {"site": {"updateStaticHost": {"hostId": "789"}}}}
Response
Returns an UpdateWifiRadioProfilePayload
Arguments
| Name | Description |
|---|---|
input - UpdateWifiRadioProfileInput!
|
Example
Query
mutation updateWifiRadioProfile($accountId: ID!, $input: UpdateWifiRadioProfileInput!) {
sites(accountId: $accountId) {
updateWifiRadioProfile(input: $input) {
wifiRadioProfile {
id
site {
id
name
}
band24 {
band
standard
channelWidth
dfsEnabled
channel
}
band5 {
band
standard
channelWidth
dfsEnabled
channel
}
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"id": "789",
"band24": {
"band": "BAND_2P4G",
"standard": "IEEE80211AX",
"channelWidth": "MHZ_40",
"dfsEnabled": false,
"channel": 11
},
"band5": {
"band": "BAND_5G",
"standard": "IEEE80211AC",
"channelWidth": "MHZ_80",
"dfsEnabled": true,
"channel": 44
}
}
}
Response
{
"data": {
"sites": {
"updateWifiRadioProfile": {
"wifiRadioProfile": {
"id": "789",
"site": {"id": "456", "name": "example site"},
"band24": {
"band": "BAND_2P4G",
"standard": "IEEE80211AX",
"channelWidth": "MHZ_40",
"dfsEnabled": false,
"channel": 11
},
"band5": {
"band": "BAND_5G",
"standard": "IEEE80211AC",
"channelWidth": "MHZ_80",
"dfsEnabled": true,
"channel": 44
}
}
}
}
}
}
Response
Returns an UpdateWifiSsidPayload
Arguments
| Name | Description |
|---|---|
input - UpdateWifiSsidInput!
|
Example
Query
mutation updateWifiSsid($accountId: ID!, $input: UpdateWifiSsidInput!) {
sites(accountId: $accountId) {
updateWifiSsid(input: $input) {
wifiSsid {
id
networkInterfaceId
site {
id
name
}
name
enabled
category
visible
subnet
localIp
dhcp {
dhcpSubnet
}
microsegmentationEnabled
internetOnly
mdnsEnabled
security {
mode
authProtocol
trackAuthentication
}
band
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"id": "789",
"name": "Corporate-WiFi-Updated",
"enabled": true,
"visible": true,
"security": {
"mode": "PSK",
"authProtocol": "WPA3",
"psk": {"passkey": "updated_passkey"}
}
}
}
Response
{
"data": {
"sites": {
"updateWifiSsid": {
"wifiSsid": {
"id": "789",
"networkInterfaceId": "101",
"site": {"id": "456", "name": "example site"},
"name": "Corporate-WiFi-Updated",
"enabled": true,
"category": "CORPORATE",
"visible": true,
"subnet": "10.0.0.0/24",
"localIp": "10.0.0.1",
"dhcp": {"dhcpSubnet": "10.0.0.0/24"},
"microsegmentationEnabled": false,
"internetOnly": false,
"mdnsEnabled": false,
"security": {
"mode": "PSK",
"authProtocol": "WPA3",
"trackAuthentication": false
},
"band": "BOTH"
}
}
}
}
}
SocketBypassPolicyMutations
addRule
Beta
Response
Returns a SocketBypassRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SocketBypassAddRuleInput!
|
Example
Query
mutation socketBypassAddRule($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
addRule(input: {rule: {
name: "bypass exmple",
description: "bypass exmple",
enabled: true,
source: {
floatingSubnet: [],
globalIpRange: [],
group: [],
host: [],
ip: [],
ipRange: [],
networkInterface: [],
subnet: [],
vlan: [],
siteNetworkSubnet: []
},
destination: {
application: [],
customApp: [],
domain: [
"google.com"
],
fqdn: [],
ipRange: [],
subnet: [],
ip: [],
globalIpRange: []
},
site: {
site: [],
group: []
},
exception: [],
service: {
custom: [],
simple: []
},
action: {
port: AUTOMATIC,
event: {
enabled: false
}
}
},
at: {
position: LAST_IN_POLICY
}}) {
rule {
rule {
id
enabled
name
description
destination {
application{
id
}
}
}
}
errors {
errorCode
errorMessage
__typename
}
status
__typename
}
__typename
}
__typename
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"socketBypass": {
"addRule": {
"rule": {
"rule": {
"id": "8caf2540-09b7-483c-8a01-6a8dbee76f0d",
"enabled": true,
"name": "bypass exmple",
"description": "bypass exmple",
"destination": {"application": []}
}
},
"errors": [],
"status": "SUCCESS",
"__typename": "SocketBypassRuleMutationPayload"
},
"__typename": "SocketBypassPolicyMutations"
},
"__typename": "PolicyMutations"
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation socketBypassAddSection($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
addSection(input: {
section: {
name: "My new section"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"socketBypass": {
"addSection": {
"section": {
"section": {
"id": "a9628977-cd07-401b-aed4-fdb35e60bd45",
"name": "My new section"
}
},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns a SocketBypassPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreateSocketBypassRevision($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
createPolicyRevision(input: {
name: "Socket Bypass Test Revision",
description: "Testing working with multiple Socket Bypass revisions"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"socketBypass": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Testing working with multiple Socket Bypass revisions",
"name": "Socket Bypass Test Revision",
"id": "b7f86535-eccc-4bad-9940-cb2b65260db8",
"createdTime": "2026-03-10T16:58:58.561",
"updatedTime": "2026-03-10T16:58:58.561"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns a SocketBypassPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardSocketBypassPolicy($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {"socketBypass": {"discardPolicyRevision": {"status": "SUCCESS"}}}
}
}
moveRule
Beta
Response
Returns a SocketBypassRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation socketBypassMoveRule($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
moveRule(input: {
id: "98dbea00-c49c-4fae-8493-362b6897d372",
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
id
section {
id
name
}
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"socketBypass": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "98dbea00-c49c-4fae-8493-362b6897d372",
"section": {
"id": "1bbee1c4-83e6-4286-8c57-2c2aa4e8317b",
"name": "test"
}
}
}
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation socketBypassMoveSection($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
moveSection(input: {
id: "1bbee1c4-83e6-4286-8c57-2c2aa4e8317b"
to: {
position: LAST_IN_POLICY
}
}) {
status
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"socketBypass": {
"moveSection": {
"status": "SUCCESS",
"section": {
"properties": ["MOVED"],
"section": {
"id": "1bbee1c4-83e6-4286-8c57-2c2aa4e8317b",
"name": "test"
}
}
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns a SocketBypassPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
# socketBypassPublishPolicy.graphql
mutation socketBypassPublishPolicy($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
publishPolicyRevision(input: {
name: "Ticket #456",
description: "Update network rules"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {"socketBypass": {"publishPolicyRevision": {"status": "FAILURE"}}}
}
}
removeRule
Beta
Response
Returns a SocketBypassRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SocketBypassRemoveRuleInput!
|
Example
Query
mutation socketBypassRemoveRule($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
removeRule(input: {
id: "98dbea00-c49c-4fae-8493-362b6897d372"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{"data": {"policy": {"socketBypass": {"removeRule": {"status": "SUCCESS"}}}}}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation socketBypassDeleteSection($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
removeSection(input: {
id: "1bbee1c4-83e6-4286-8c57-2c2aa4e8317b"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{"data": {"policy": {"socketBypass": {"removeSection": {"status": "SUCCESS"}}}}}
updatePolicy
Beta
Response
Returns a SocketBypassPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SocketBypassPolicyUpdateInput!
|
Example
Query
mutation UpdateSocketBypassPolicyState($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
updatePolicy(input: {
state: DISABLED
}) {
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"socketBypass": {"updatePolicy": {"status": "FAILURE", "policy": null}}
}
}
}
updateRule
Beta
Response
Returns a SocketBypassRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SocketBypassUpdateRuleInput!
|
Example
Query
mutation socketBypassUpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
updateRule(input: {rule: {
name: "update bypass exmple",
description: "update bypass exmple",
enabled: true,
source: {
subnet: [],
ip: [],
vlan: [],
ipRange: [],
group: [],
floatingSubnet: [],
globalIpRange: [],
networkInterface: [],
host: [],
siteNetworkSubnet: []
},
destination: {
domain: [
"google.com"
],
fqdn: [],
ipRange: [],
subnet: [],
ip: [],
application: [],
customApp: [],
globalIpRange: []
},
site: {
site: [],
group: []
},
exception: [],
service: {
simple: [],
custom: []
},
action: {
port: AUTOMATIC,
event: {
enabled: false
}
}
},
id: "98dbea00-c49c-4fae-8493-362b6897d372"
}) {
rule {
rule {
id
enabled
name
description
}
}
errors {
errorCode
errorMessage
}
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"socketBypass": {
"updateRule": {
"rule": {
"rule": {
"id": "98dbea00-c49c-4fae-8493-362b6897d372",
"enabled": true,
"name": "update bypass exmple",
"description": "update bypass exmple"
}
},
"errors": [],
"status": "SUCCESS"
}
}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation socketBypassUpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
socketBypass {
updateSection(input: {
id: "1bbee1c4-83e6-4286-8c57-2c2aa4e8317b",
section: {
name: "updated Socket bypass section name"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"socketBypass": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "1bbee1c4-83e6-4286-8c57-2c2aa4e8317b",
"name": "test"
}
}
}
}
}
}
}
SocketLanPolicyMutations
addRule
Beta
Response
Returns a SocketLanRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SocketLanAddRuleInput!
|
Example
Query
mutation socketLanAddRule($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
addRule(input: {
rule: {
name: "My LAN Network Rule Name",
description: "Network Rule Description",
enabled: true,
site: {
site: [],
group: []
},
source: {
vlan: [2],
ip: ["192.0.0.1"]
},
direction: TO,
destination: {},
service: {
simple: [
{
name: FTP
}
],
custom: []
},
nat: {
enabled: false
},
transport: LAN
},
at: {
position: FIRST_IN_POLICY
}
}) {
rule {
rule {
id
name
description
enabled
direction
}
}
errors {
errorCode
errorMessage
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"addRule": {
"rule": {
"rule": {
"id": "dc4045a0-d9d2-43e6-b025-474150600465",
"name": "My LAN Network Rule Name",
"description": "Network Rule Description",
"enabled": true,
"direction": "TO"
}
},
"errors": [],
"status": "SUCCESS"
}
}
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation socketLanAddSection($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
addSection(input: {
section: {
name: "New section"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
errors {
errorCode
errorMessage
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"addSection": {
"section": {
"section": {
"id": "fdf0d08a-93f2-43fd-8c96-c54f3321f8fa",
"name": "New section"
}
},
"errors": [],
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns a SocketLanPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreateSocketLanRevision($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
createPolicyRevision(input: {
name: "Socket LAN Test Revision",
description: "Testing working with multiple LAN firewall revisions"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Testing working with multiple LAN firewall revisions",
"name": "Socket LAN Test Revision",
"id": "0fa5ab9f-1df2-4fc6-9a4a-1305627f750f",
"createdTime": "2025-02-24T22:05:04.861",
"updatedTime": "2025-02-24T22:05:04.861"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns a SocketLanPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation socketLanDiscardPolicy($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"socketLan": {"discardPolicyRevision": {"status": "FAILURE"}}}
}
}
moveRule
Beta
Response
Returns a SocketLanRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation socketLanMoveRule($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
moveRule(input: {
id: "dc4045a0-d9d2-43e6-b025-474150600465",
to: {
position: FIRST_IN_POLICY
}
}) {
rule {
rule {
id
section {
id
name
}
}
}
errors {
errorCode
errorMessage
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"moveRule": {
"rule": {
"rule": {
"id": "dc4045a0-d9d2-43e6-b025-474150600465",
"section": {
"id": "fdf0d08a-93f2-43fd-8c96-c54f3321f8fa",
"name": "New section"
}
}
},
"errors": [],
"status": "SUCCESS"
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation socketLanAddSection($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
moveSection(input: {
id: "fdf0d08a-93f2-43fd-8c96-c54f3321f8fa"
to: {
position: LAST_IN_POLICY
}
}) {
section {
properties
section {
id
name
}
}
errors {
errorCode
errorMessage
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"moveSection": {
"section": {
"properties": ["MOVED"],
"section": {
"id": "fdf0d08a-93f2-43fd-8c96-c54f3321f8fa",
"name": "New section"
}
},
"errors": [],
"status": "SUCCESS"
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns a SocketLanPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation socketLanPublishPolicy($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
publishPolicyRevision(input: {}) {
errors {
errorCode
errorMessage
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"publishPolicyRevision": {"errors": [], "status": "SUCCESS"}
}
}
}
}
removeRule
Beta
Response
Returns a SocketLanRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SocketLanRemoveRuleInput!
|
Example
Query
mutation socketLanRemoveRule($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
removeRule(input: {
id: "dc4045a0-d9d2-43e6-b025-474150600465"
}) {
errors {
errorCode
errorMessage
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"socketLan": {"removeRule": {"errors": [], "status": "SUCCESS"}}}
}
}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation socketLanRemoveSection($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
removeSection(input: {
id: "fdf0d08a-93f2-43fd-8c96-c54f3321f8fa"
}) {
errors {
errorCode
errorMessage
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {"removeSection": {"errors": [], "status": "SUCCESS"}}
}
}
}
updatePolicy
Beta
Response
Returns a SocketLanPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SocketLanPolicyUpdateInput!
|
Example
Query
mutation UpdateSocketLanPolicyState($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
updatePolicy(input: {
state: DISABLED
}) {
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Response
Returns a SocketLanRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SocketLanUpdateRuleInput!
|
Example
Query
mutation socketLanUpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
updateRule(input: {
rule: {
name: "LAN Network Rule Name",
description: "LAN Network Rule Description",
enabled: true,
site: {
site: [],
group: []
},
source: {
vlan: [2],
},
direction: BOTH,
destination: {},
service: {
simple: [],
custom: []
},
nat: {
enabled: false
},
transport: LAN
},
id: "dc4045a0-d9d2-43e6-b025-474150600465"
}
) {
rule {
rule {
id
name
description
enabled
direction
}
}
errors {
errorCode
errorMessage
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"updateRule": {
"rule": {
"rule": {
"id": "dc4045a0-d9d2-43e6-b025-474150600465",
"name": "LAN Network Rule Name",
"description": "LAN Network Rule Description",
"enabled": true,
"direction": "BOTH"
}
},
"errors": [],
"status": "SUCCESS"
}
}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation socketLanUpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
updateSection(input: {
id: "fdf0d08a-93f2-43fd-8c96-c54f3321f8fa",
section: {
name: "My new section name"
}
}) {
section {
section {
id
name
}
}
errors {
errorCode
errorMessage
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"updateSection": {
"section": {
"section": {
"id": "fdf0d08a-93f2-43fd-8c96-c54f3321f8fa",
"name": "New section"
}
},
"errors": [],
"status": "SUCCESS"
}
}
}
}
}
SocketLanFirewallPolicyMutations
addRule
Beta
Response
Returns a SocketLanFirewallRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SocketLanFirewallAddRuleInput!
|
Example
Query
mutation socketLanFirewallAddRule($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
firewall {
addRule(input: {
rule: {
name: "My Firewall Sub Rule",
description: "My firewall sub rule",
enabled: true,
source: {},
direction: TO,
destination: {},
application: {},
service: {
simple: [
{
name: FTP
}
],
standard: [],
custom: []
},
action: BLOCK,
tracking: {
event: {
enabled: false
},
alert: {
enabled: false,
frequency: HOURLY,
mailingList: [],
subscriptionGroup: [],
webhook: []
}
}
},
at: {
position: LAST_IN_RULE,
ref: "dc4045a0-d9d2-43e6-b025-474150600465"
}
}) {
rule {
rule {
id
name
description
enabled
source {
ip
subnet
}
destination {
ip
subnet
}
direction
}
}
errors {
errorCode
errorMessage
}
status
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"firewall": {
"addRule": {
"rule": {
"rule": {
"id": "179f1883-b4c8-45af-8a91-0dbbb802d1fb",
"name": "My Firewall Sub Rule",
"description": "My firewall sub rule",
"enabled": true,
"source": {"ip": [], "subnet": []},
"destination": {"ip": [], "subnet": []},
"direction": "TO"
}
},
"errors": [],
"status": "SUCCESS"
}
}
}
}
}
}
moveRule
Beta
Response
Returns a SocketLanFirewallRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSubRuleInput!
|
Example
Query
mutation socketLanFirewallMoveRule($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
firewall {
moveRule(input: {
id: "179f1883-b4c8-45af-8a91-0dbbb802d1fb",
to: {
position: FIRST_IN_RULE,
ref: "dc4045a0-d9d2-43e6-b025-474150600465"
}
}
) {
rule {
rule {
id
}
}
errors {
errorCode
errorMessage
}
status
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"firewall": {
"moveRule": {
"rule": {"rule": {"id": "179f1883-b4c8-45af-8a91-0dbbb802d1fb"}},
"errors": [],
"status": "SUCCESS"
}
}
}
}
}
}
removeRule
Beta
Response
Returns a SocketLanFirewallRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SocketLanFirewallRemoveRuleInput!
|
Example
Query
mutation socketLanFirewallRemoveRule($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
firewall {
removeRule(input: {
id: "179f1883-b4c8-45af-8a91-0dbbb802d1fb"
}
) {
errors {
errorCode
errorMessage
}
status
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"firewall": {"removeRule": {"errors": [], "status": "SUCCESS"}}
}
}
}
}
updateRule
Beta
Response
Returns a SocketLanFirewallRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SocketLanFirewallUpdateRuleInput!
|
Example
Query
mutation socketLanFirewallUpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
socketLan {
firewall {
updateRule(input: {
rule: {
name: "Socket LAN Firewall Sub Rule 5",
description: "",
enabled: true,
source: {
vlan: [],
mac: [],
ipRange: [],
group: [],
subnet: [],
site: [],
networkInterface: [],
systemGroup: [],
host: [],
ip: [],
globalIpRange: [],
floatingSubnet: [],
siteNetworkSubnet: []
},
direction: TO,
destination: {
vlan: [],
ipRange: [],
subnet: [],
site: [],
networkInterface: [],
systemGroup: [],
host: [],
ip: [],
globalIpRange: [],
group: [],
floatingSubnet: [],
siteNetworkSubnet: []
},
application: {
application: [],
customApp: [],
fqdn: [],
domain: [],
ipRange: [],
ip: [],
subnet: [],
globalIpRange: []
},
service: {
simple: [],
standard: [],
custom: []
},
action: BLOCK,
tracking: {
event: {
enabled: false
},
alert: {
enabled: false,
frequency: HOURLY,
mailingList: [],
subscriptionGroup: [],
webhook: []
}
}
},
id: "179f1883-b4c8-45af-8a91-0dbbb802d1fb"
}) {
rule {
rule {
id
name
description
enabled
source {
ip
subnet
}
destination {
ip
subnet
}
direction
}
}
errors {
errorCode
errorMessage
}
status
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"socketLan": {
"firewall": {
"updateRule": {
"rule": {
"rule": {
"id": "179f1883-b4c8-45af-8a91-0dbbb802d1fb",
"name": "Socket LAN Firewall Sub Rule 5",
"description": "",
"enabled": true,
"source": {"ip": [], "subnet": []},
"destination": {"ip": [], "subnet": []},
"direction": "TO"
}
},
"errors": [],
"status": "SUCCESS"
}
}
}
}
}
}
SplitTunnelPolicyMutations
addRule
Beta
Response
Returns a SplitTunnelRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SplitTunnelAddRuleInput!
|
Example
Query
mutation AddRule($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
addRule(input: {
at: { position: LAST_IN_POLICY }
rule: {
enabled: true
name: "Second Example Rule"
description: "Second Example Description"
action: EXCLUDE
source: { }
platform: [WINDOWS]
country: []
destination: {
application: [{ by: ID, input: "googleApps" }]
}
sourceNetwork: { sourceNetworkType: ANY }
coverage: ALL
dnsExclusion: { domain: ["example.com"] }
routingPriority: TUNNEL
}
}) {
status
errors { errorCode errorMessage }
rule {
rule {
id
name
description
enabled
action
platform
country { id }
destination { application { id } }
sourceNetwork { sourceNetworkType }
coverage
dnsExclusion { domain }
routingPriority
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"splitTunnel": {
"addRule": {
"status": "SUCCESS",
"errors": [],
"rule": {
"rule": {
"id": "96f3efbc-1e5f-4bdc-93bd-c4777b70dc9b",
"name": "Second Example Rule",
"description": "Second Example Description",
"enabled": true,
"action": "EXCLUDE",
"platform": ["WINDOWS"],
"country": [],
"destination": {"application": [{"id": "googleApps"}]},
"sourceNetwork": {"sourceNetworkType": "ANY"},
"coverage": "ALL",
"dnsExclusion": {"domain": ["example.com"]},
"routingPriority": "TUNNEL"
}
}
}
}
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddSection($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
addSection(input: {
section: {
name: "New Section Name Example"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"splitTunnel": {
"addSection": {
"section": {
"section": {
"id": "83e54a6a-9998-4fcf-b1a1-5313e52cc5f0",
"name": "New section2"
}
},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns a SplitTunnelPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreatePolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
createPolicyRevision(input: {
name: "Revision Name Example"
description: "Revision Description Example"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"splitTunnel": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Revision Description Example",
"name": "Revision Name Example",
"id": "b901ec37-b5fb-475e-897c-13bc9a499dd1",
"createdTime": "2025-11-05T12:51:32.142",
"updatedTime": "2025-11-05T12:51:32.142"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns a SplitTunnelPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation SplitTunnelDiscardPolicy($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {"splitTunnel": {"discardPolicyRevision": {"status": "FAILURE"}}}
}
}
moveRule
Beta
Response
Returns a SplitTunnelRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveRule($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
moveRule(input: { id: "b0bda711-b998-4c6d-9939-e0730d3d2ba3" to: { position: FIRST_IN_POLICY } }) {
status
rule { rule { index id } }
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"splitTunnel": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {"index": 1, "id": "b0bda711-b998-4c6d-9939-e0730d3d2ba3"}
}
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId:ID!) {
policy(accountId: $accountId) {
splitTunnel {
moveSection(input: {
id: "0495cf5e-1598-4f34-8c01-94970620c68f"
to: {
position: LAST_IN_POLICY
}
}) {
status
errors {
errorMessage
errorCode
}
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"splitTunnel": {
"moveSection": {
"status": "SUCCESS",
"errors": [],
"section": {
"properties": ["MOVED"],
"section": {
"id": "0495cf5e-1598-4f34-8c01-94970620c68f",
"name": "New section 2"
}
}
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns a SplitTunnelPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation PublishPolicy($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
publishPolicyRevision(input: { name: "IT Group SDP Users Split Tunnel Example" description: "Publish Split Tunnel policy revision Example" }) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {"splitTunnel": {"publishPolicyRevision": {"status": "SUCCESS"}}}
}
}
removeRule
Beta
Response
Returns a SplitTunnelRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SplitTunnelRemoveRuleInput!
|
Example
Query
mutation RemoveRule($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
removeRule(input: { id: "b0bda711-b998-4c6d-9939-e0730d3d2ba3" }) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{"data": {"policy": {"splitTunnel": {"removeRule": {"status": "SUCCESS"}}}}}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveSection($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
removeSection(input: {
id: "f4d0862d-cd2f-47fa-9a94-ce418130ce1f"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{"data": {"policy": {"splitTunnel": {"removeSection": {"status": "SUCCESS"}}}}}
updatePolicy
Beta
Response
Returns a SplitTunnelPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SplitTunnelPolicyUpdateInput!
|
Example
Query
mutation UpdatePolicyState($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
updatePolicy(input: { state: DISABLED }) {
status
policy { enabled }
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"splitTunnel": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Response
Returns a SplitTunnelRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - SplitTunnelUpdateRuleInput!
|
Example
Query
mutation UpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
updateRule(input: {
id: "b0bda711-b998-4c6d-9939-e0730d3d2ba3"
rule: {
name: "Updated Rule Name Example"
action: INCLUDE
}
}) {
status
rule {
rule {
id
name
description
enabled
action
platform
destination { application { id } }
routingPriority
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"splitTunnel": {"updateRule": {"status": "FAILURE", "rule": null}}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
splitTunnel {
updateSection(input: {
id: "5fe053cd-69fc-443d-ab14-5e838100d3c3"
section: {
name: "Updated Section Name Example"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"splitTunnel": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "5fe053cd-69fc-443d-ab14-5e838100d3c3",
"name": "New section"
}
}
}
}
}
}
}
TerminalServerPolicyMutations
addRule
Beta
Response
Returns a TerminalServerRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - TerminalServerAddRuleInput!
|
Example
Query
mutation AddRule($accountId: ID!) {
policy(accountId: $accountId) {
terminalServer {
addRule(input: {
at: {
position: LAST_IN_POLICY
}
rule: {
enabled:true
name: "Example Rule"
description: "Example description"
allowedHostIP: {
by: NAME
input: "12.22.18.0/24"
}
}
})
{
status
rule {
rule {
id
name
description
enabled
allowedHostIP {
id
}
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"terminalServer": {
"addRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "5fe053cd-69fc-443d-ab14-5e838100d3c3",
"name": "Example Rule",
"description": "Example description",
"enabled": true,
"allowedHostIP": {"id": "1927110"}
}
}
}
}
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddSection($accountId: ID!) {
policy(accountId: $accountId) {
terminalServer {
addSection(input: {
section: {
name: "New Section Name Example"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {
"addSection": {
"section": {
"section": {
"id": "83e54a6a-9998-4fcf-b1a1-5313e52cc5f0",
"name": "New section2"
}
},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns a TerminalServerPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreatePolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
terminalServer {
createPolicyRevision(input: {
name: "Revision Name Example"
description: "Revision Description Example"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"dynamicIpAllocation": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Test working with multiple revisions",
"name": "Test Revision",
"id": "ce815213-ec04-435a-8bf9-3ef5ada025e6",
"createdTime": "2024-09-25T14:31:07.605",
"updatedTime": "2024-09-25T14:31:07.605"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns a TerminalServerPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardPolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
terminalServer {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"terminalServer": {"discardPolicyRevision": {"status": "FAILURE"}}
}
}
}
moveRule
Beta
Response
Returns a TerminalServerRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveRule($accountId: ID!) {
policy(accountId: $accountId) {
terminalServer {
moveRule(input: {
id: "3c345055-4f14-48dc-ab8c-5b5db9d778fc"
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
index
id
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"terminalServer": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {"index": 1, "id": "3c345055-4f14-48dc-ab8c-5b5db9d778fc"}
}
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId:ID!) {
policy(accountId: $accountId) {
terminalServer {
moveSection(input: {
id: "0495cf5e-1598-4f34-8c01-94970620c68f"
to: {
position: LAST_IN_POLICY
}
}) {
status
errors {
errorMessage
errorCode
}
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"terminalServer": {
"moveSection": {
"status": "SUCCESS",
"errors": [],
"section": {
"properties": ["MOVED"],
"section": {
"id": "0495cf5e-1598-4f34-8c01-94970620c68f",
"name": "New section 2"
}
}
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns a TerminalServerPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation PublishPolicy($accountId:ID!) {
policy(accountId: $accountId) {
terminalServer {
publishPolicyRevision(input: {
name: "Terminal Server Example"
description : "Terminal Server Example"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"terminalServer": {"publishPolicyRevision": {"status": "SUCCESS"}}
}
}
}
removeRule
Beta
Response
Returns a TerminalServerRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - TerminalServerRemoveRuleInput!
|
Example
Query
mutation RemoveRule($accountId:ID!) {
policy(accountId: $accountId) {
terminalServer {
removeRule(input: {
id: "60ba1383-04ce-4a1f-8c61-5e5a3c2eabb1"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{"data": {"policy": {"terminalServer": {"removeRule": {"status": "SUCCESS"}}}}}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveSection($accountId: ID!) {
policy(accountId: $accountId) {
terminalServer {
removeSection(input: {
id: "f4d0862d-cd2f-47fa-9a94-ce418130ce1f"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"terminalServer": {"removeSection": {"status": "SUCCESS"}}}
}
}
updatePolicy
Beta
Response
Returns a TerminalServerPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - TerminalServerPolicyUpdateInput!
|
Example
Query
mutation UpdatePolicyState($accountId: ID!) {
policy(accountId: $accountId) {
terminalServer {
updatePolicy(input: {
state: DISABLED
}){
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"terminalServer": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Response
Returns a TerminalServerRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - TerminalServerUpdateRuleInput!
|
Example
Query
mutation UpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
terminalServer {
updateRule(input: {
id: "5fe053cd-69fc-443d-ab14-5e838100d3c3"
rule: {
name: "Updated Rule Name Example"
}
}) {
status
rule {
rule {
id
name
description
enabled
allowedHostIP {
id
}
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"terminalServer": {
"updateRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "5fe053cd-69fc-443d-ab14-5e838100d3c3",
"name": "Updated rule name",
"description": "Example description",
"enabled": true,
"allowedHostIP": {"id": "1927110"}
}
}
}
}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
terminalServer {
updateSection(input: {
id: "5fe053cd-69fc-443d-ab14-5e838100d3c3"
section: {
name: "Updated Section Name Example"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"terminalServer": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "5fe053cd-69fc-443d-ab14-5e838100d3c3",
"name": "New section"
}
}
}
}
}
}
}
TlsInspectPolicyMutations
addRule
Beta
Response
Returns a TlsInspectRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - TlsInspectAddRuleInput!
|
Example
Query
mutation AddTlsInspectRule($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
addRule(input: {
rule: {
enabled: true,
name: "TLS Example Rule",
description: "TLS Example description",
source: {
ip: ["192.0.2.1", "198.51.100.1"],
subnet: ["10.0.0.0/24"]
},
application: {
ip: ["203.0.113.1"],
domain: ["example.com"]
},
action: INSPECT,
},
at: {
position: LAST_IN_POLICY
}
}) {
status
rule {
rule {
id
name
description
enabled
source {
ip
subnet
}
action
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"tlsInspect": {
"addRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "2384ef6d-3a3f-4ce6-853b-c81454d1d8a6",
"name": "TLS Example Rule",
"description": "TLS Example description",
"enabled": true,
"source": {
"ip": ["192.0.2.1", "198.51.100.1"],
"subnet": ["10.0.0.0/24"]
},
"action": "INSPECT"
}
}
}
}
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddTlsInspectSection($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
addSection(input: {
section: {
name: "My new section"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"tlsInspect": {
"addSection": {
"section": {
"section": {
"id": "71bfef26-ad7b-460b-b793-dae1fd94b5da",
"name": "My new section"
}
},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns a TlsInspectPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreateTlsInspectRevision($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
createPolicyRevision(input: {
name: "TLS Test Revision",
description: "Testing working with multiple TLS Inspection revisions"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"tlsInspect": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Testing working with multiple TLS Inspection revisions",
"name": "TLS Test Revision",
"id": "77df1551-8b46-4530-8f1c-68dfe7b003df",
"createdTime": "2025-09-14T10:09:12.120",
"updatedTime": "2025-09-14T10:09:12.120"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns a TlsInspectPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardTlsInspectPolicy($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {"tlsInspect": {"discardPolicyRevision": {"status": "FAILURE"}}}
}
}
moveRule
Beta
Response
Returns a TlsInspectRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveTlsInspectRule($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
moveRule(input: {
id: "2384ef6d-3a3f-4ce6-853b-c81454d1d8a6",
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
id
section {
id
name
}
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"tlsInspect": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "2384ef6d-3a3f-4ce6-853b-c81454d1d8a6",
"section": {
"id": "cab89258-646c-4ce8-8a91-9f13108d1e73",
"name": "updated TLS section name"
}
}
}
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
moveSection(input: {
id: "71bfef26-ad7b-460b-b793-dae1fd94b5da"
to: {
position: LAST_IN_POLICY
}
}) {
status
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"tlsInspect": {
"moveSection": {
"status": "SUCCESS",
"section": {
"properties": ["MOVED"],
"section": {
"id": "71bfef26-ad7b-460b-b793-dae1fd94b5da",
"name": "My new section"
}
}
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns a TlsInspectPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation PublishTlsInspectPolicy($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
publishPolicyRevision(input: {
name: "Ticket #456",
description: "Update access rules for remote offices"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {"tlsInspect": {"publishPolicyRevision": {"status": "SUCCESS"}}}
}
}
removeRule
Beta
Response
Returns a TlsInspectRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - TlsInspectRemoveRuleInput!
|
Example
Query
mutation RemoveTlsInspectRule($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
removeRule(input: {
id: "2384ef6d-3a3f-4ce6-853b-c81454d1d8a6"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{"data": {"policy": {"tlsInspect": {"removeRule": {"status": "SUCCESS"}}}}}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveTlsInspectSection($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
removeSection(input: {
id: "71bfef26-ad7b-460b-b793-dae1fd94b5da"
}) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{"data": {"policy": {"tlsInspect": {"removeSection": {"status": "SUCCESS"}}}}}
updatePolicy
Beta
Response
Returns a TlsInspectPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - TlsInspectPolicyUpdateInput!
|
Example
Query
mutation UpdateTlsInspectPolicyState($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
updatePolicy(input: {
state: DISABLED
}) {
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"tlsInspect": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Response
Returns a TlsInspectRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - TlsInspectUpdateRuleInput!
|
Example
Query
mutation UpdateTlsInspectRule($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
updateRule(input: {
id: "2384ef6d-3a3f-4ce6-853b-c81454d1d8a6",
rule: {
enabled: true,
name: "Updated Tls Inspect Rule",
description: "Updated Tls Inspect description",
source: {
ip: ["192.0.2.2"]
},
action: INSPECT
}
}) {
status
rule {
rule {
id
name
description
enabled
source {
ip
subnet
}
action
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"tlsInspect": {"updateRule": {"status": "FAILURE", "rule": null}}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateTlsInspectSection($accountId: ID!) {
policy(accountId: $accountId) {
tlsInspect {
updateSection(input: {
id: "71bfef26-ad7b-460b-b793-dae1fd94b5da",
section: {
name: "updated TLS section name"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"tlsInspect": {"updateSection": {"status": "FAILURE", "section": null}}
}
}
}
UserMutations
Description
Creates a new manual user in the account.
Response
Returns a CreateUserPayload
Arguments
| Name | Description |
|---|---|
input - CreateUserInput!
|
Example
Query
mutation createUser($accountId: ID!, $input: CreateUserInput!) {
user(accountId: $accountId) {
createUser(input: $input) {
user {
id
userId
firstName
lastName
displayName
phone
email
department
jobTitle
userStatus
creationDate
lastModified
importType
hasRemoteAccessEligibility
authInfo {
authMethod
authStatus
}
riskScore
}
}
}
}
Variables
{
"accountId": "123456",
"input": {
"firstName": "John",
"lastName": "Doe",
"email": "john.doe@company.com",
"department": "Engineering",
"jobTitle": "Software Engineer",
"phoneNumber": "+1 555 123 4567"
}
}
Response
{
"data": {
"user": {
"createUser": {
"user": {
"id": "789",
"userId": "john.doe",
"firstName": "John",
"lastName": "Doe",
"displayName": "John Doe",
"phone": "+1 555 123 4567",
"email": "john.doe@company.com",
"department": "Engineering",
"jobTitle": "Software Engineer",
"userStatus": "ACTIVE",
"creationDate": "2024-03-09T10:30:00.000Z",
"lastModified": "2024-03-09T10:30:00.000Z",
"importType": "MANUAL",
"hasRemoteAccessEligibility": true,
"authInfo": {"authMethod": "MFA", "authStatus": "PWD_NOT_SET"},
"riskScore": "LOW"
}
}
}
}
}
Description
Deletes one or more users from the account. Operation is atomic - either all succeed or all fail.
Response
Returns a DeleteUserPayload
Arguments
| Name | Description |
|---|---|
input - DeleteUserInput!
|
Example
Query
mutation deleteUser($accountId: ID!, $input: DeleteUserInput!) {
user(accountId: $accountId) {
deleteUser(input: $input) {
status
}
}
}
Variables
{"accountId": "123456", "input": {"userId": [789, 790]}}
Response
{"data": {"user": {"deleteUser": {"status": "SUCCESS"}}}}
Description
Revokes the sessions for one or more users in the account. If the request is unable to revoke the session for any user, the operation is canceled for all users.
Response
Returns a RevokeUserSessionPayload
Arguments
| Name | Description |
|---|---|
input - RevokeUserSessionInput!
|
Example
Query
mutation revokeUserSession($accountId: ID!, $input: RevokeUserSessionInput!) {
user(accountId: $accountId) {
revokeUserSession(input: $input) {
status
}
}
}
Variables
{"accountId": "123456", "input": {"userId": [0, 1]}}
Response
{"data": {"user": {"revokeUserSession": {"status": "SUCCESS"}}}}
Description
Updates an existing manual user in the account.
Response
Returns an UpdateUserPayload
Arguments
| Name | Description |
|---|---|
input - UpdateUserInput!
|
Example
Query
mutation updateUser($accountId: ID!, $input: UpdateUserInput!) {
user(accountId: $accountId) {
updateUser(input: $input) {
user {
id
userId
firstName
lastName
displayName
phone
email
department
jobTitle
userStatus
creationDate
lastModified
importType
hasRemoteAccessEligibility
authInfo {
authMethod
authStatus
}
riskScore
}
}
}
}
Variables
{
"accountId": "123456",
"input": {
"id": "789",
"firstName": "John",
"lastName": "Doe",
"email": "john.doe@company.com",
"department": "Platform Engineering",
"jobTitle": "Senior Software Engineer",
"phoneNumber": "+1 555 987 6543"
}
}
Response
{
"data": {
"user": {
"updateUser": {
"user": {
"id": "789",
"userId": "john.doe",
"firstName": "John",
"lastName": "Doe",
"displayName": "John Doe",
"phone": "+1 555 987 6543",
"email": "john.doe@company.com",
"department": "Platform Engineering",
"jobTitle": "Senior Software Engineer",
"userStatus": "ACTIVE",
"creationDate": "2024-03-09T10:30:00.000Z",
"lastModified": "2024-03-10T15:45:00.000Z",
"importType": "MANUAL",
"hasRemoteAccessEligibility": true,
"authInfo": {"authMethod": "MFA", "authStatus": "COMPLETED"},
"riskScore": "LOW"
}
}
}
}
}
WanFirewallPolicyMutations
addRule
Beta
Description
Add a new rule to the Wan Firewall policy.
Response
Returns a WanFirewallRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - WanFirewallAddRuleInput!
|
Example
Query
mutation AddWanFirewallRule($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
addRule(input: {
rule: {
enabled: true,
name: "WAN Example Rule",
description: "WAN Example description",
source: {
ip: ["192.0.2.1", "198.51.100.1"],
subnet: ["10.0.0.0/24"]
},
destination: {
ip: ["203.0.113.1"],
subnet: ["172.16.0.0/24"]
},
action: BLOCK,
direction: TO
},
at: {
position: LAST_IN_POLICY
}
}) {
status
rule {
rule {
id
name
description
enabled
source {
ip
subnet
}
destination {
ip
subnet
}
action
direction
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanFirewall": {
"addRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "28dc619b-c27b-4c46-9e23-d149c9dd4fbe",
"name": "WAN Example Rule",
"description": "WAN Example description",
"enabled": true,
"source": {
"ip": ["192.0.2.1", "198.51.100.1"],
"subnet": ["10.0.0.0/24"]
},
"destination": {
"ip": ["203.0.113.1"],
"subnet": ["172.16.0.0/24"]
},
"action": "BLOCK",
"direction": "TO"
}
}
}
}
}
}
}
addSection
Beta
Description
Add a new section to the policy. First section behaves as follows: When the first section is created, all the rules in the policy, including the default system rules, are automatically added to it. The first section containing the default system rules can be modified but not deleted. The first section will always remain first-in-policy, i.e. it cannot be moved, and not other sections can be moved or created before it.
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddWanFirewallSection($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
addSection(input: {
section: {
name: "My new section"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanFirewall": {
"addSection": {
"section": {
"section": {
"id": "3b01b175-0098-45ea-a503-707463d01781",
"name": "My new section"
}
},
"status": "SUCCESS"
}
}
}
}
}
addSubPolicy
Beta
Description
Add a new sub-policy to the Wan Firewall policy.
Response
Returns a WanFirewallAddSubPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - WanFirewallAddSubPolicyInput!
|
Example
Query
mutation AddSubPolicy($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
addSubPolicy(input: {
scope: {
enabled: true
name: "Sub-policy 1"
description: "Example sub policy"
source: {
ip: ["192.0.2.1", "198.51.100.1"]
subnet: ["10.0.0.0/24"]
},
direction: BOTH
},
at: {
position: LAST_IN_POLICY
}
}) {
status
policy {
id
name
description
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanFirewall": {
"addSubPolicy": {
"status": "SUCCESS",
"policy": {
"id": "106ee457-4406-4ea4-a163-36aa247de48f",
"name": "Sub-policy 1",
"description": "Example sub policy",
"enabled": true
}
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns a WanFirewallPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreateWanFirewallRevision($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
createPolicyRevision(input: {
name: "WAN Test Revision",
description: "Testing working with multiple WAN firewall revisions"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanFirewall": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Testing working with multiple WAN firewall revisions",
"name": "WAN Test Revision",
"id": "6a496eda-b7c1-455e-820e-e839a0dcd2c0",
"createdTime": "2024-09-10T09:21:37.208",
"updatedTime": "2024-09-10T09:21:37.208"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns a WanFirewallPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardWanFirewallPolicy($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"wanFirewall": {"discardPolicyRevision": {"status": "FAILURE"}}}
}
}
moveRule
Beta
Description
Change the relative location of an existing rule within the Wan Firewall policy.
Response
Returns a WanFirewallRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveWanFirewallRule($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
moveRule(input: {
id: "28dc619b-c27b-4c46-9e23-d149c9dd4fbe",
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
id
section {
id
name
}
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanFirewall": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "28dc619b-c27b-4c46-9e23-d149c9dd4fbe",
"section": {"id": "363808", "name": "Example Wan Section"}
}
}
}
}
}
}
}
moveSection
Beta
Description
Move a section to a new position within the policy. The section will be anchored in the new position, i.e. other admins will not be able to move it, or reference it when moving other sections, until the modified policy revision is published.
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
moveSection(input: {
id: "3b01b175-0098-45ea-a503-707463d01781"
to: {
position: LAST_IN_POLICY
}
}) {
status
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanFirewall": {
"moveSection": {
"status": "SUCCESS",
"section": {
"properties": ["MOVED"],
"section": {
"id": "3b01b175-0098-45ea-a503-707463d01781",
"name": "My new section"
}
}
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns a WanFirewallPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
# PublishWanFirewallPolicy.graphql
mutation PublishWanFirewallPolicy($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
publishPolicyRevision(input: {
name: "Ticket #456",
description: "Update access rules for remote offices"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"wanFirewall": {"publishPolicyRevision": {"status": "SUCCESS"}}}
}
}
removeRule
Beta
Description
Remove an existing rule from the Wan Firewall policy.
Response
Returns a WanFirewallRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - WanFirewallRemoveRuleInput!
|
Example
Query
mutation RemoveWanFirewallRule($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
removeRule(input: {
id: "28dc619b-c27b-4c46-9e23-d149c9dd4fbe"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{"data": {"policy": {"wanFirewall": {"removeRule": {"status": "SUCCESS"}}}}}
removeSection
Beta
Description
Delete an existing section. The first section in policy cannot be deleted.
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveWanFirewallSection($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
removeSection(input: {
id: "3b01b175-0098-45ea-a503-707463d01781"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{"data": {"policy": {"wanFirewall": {"removeSection": {"status": "SUCCESS"}}}}}
removeSubPolicy
Beta
Description
Remove an existing sub-policy from the Wan Firewall policy.
Response
Arguments
| Name | Description |
|---|---|
input - WanFirewallRemoveSubPolicyInput!
|
Example
Query
mutation RemoveSubPolicy($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
removeSubPolicy(input: {
ref: {
input: "5b1716a1-95c1-4206-9ffd-a53e34307bb9"
by: ID
}
}) {
status
policy {
id
name
description
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanFirewall": {
"removeSubPolicy": {
"status": "SUCCESS",
"policy": {
"id": "106ee457-4406-4ea4-a163-36aa247de48f",
"name": "Sub-policy 1",
"description": "Example sub policy",
"enabled": true
}
}
}
}
}
}
updatePolicy
Beta
Description
Change the state of the policy, e.g. enable or disable the policy. Applicable to the published policy only. State changes are applied immediately and not as part of publishing a policy revision.
Response
Returns a WanFirewallPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - WanFirewallPolicyUpdateInput!
|
Example
Query
mutation UpdateWanFirewallPolicyState($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
updatePolicy(input: {
state: DISABLED
}) {
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanFirewall": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Description
Update an existing rule of the Wan Firewall policy.
Response
Returns a WanFirewallRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - WanFirewallUpdateRuleInput!
|
Example
Query
mutation UpdateWanFirewallRule($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
updateRule(input: {
id: "28dc619b-c27b-4c46-9e23-d149c9dd4fbe",
rule: {
enabled: true,
name: "Updated WAN Rule",
description: "Updated WAN description",
source: {
ip: ["192.0.2.2"]
},
destination: {
subnet: ["172.16.0.0/16"]
},
action: ALLOW,
direction: BOTH
}
}) {
status
rule {
rule {
id
name
description
enabled
source {
ip
subnet
}
destination {
ip
subnet
}
action
direction
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanFirewall": {
"updateRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "28dc619b-c27b-4c46-9e23-d149c9dd4fbe",
"name": "Updated WAN Rule",
"description": "Updated WAN description",
"enabled": true,
"source": {"ip": ["192.0.2.2"], "subnet": ["10.0.0.0/24"]},
"destination": {
"ip": ["203.0.113.1"],
"subnet": ["172.16.0.0/16"]
},
"action": "ALLOW",
"direction": "BOTH"
}
}
}
}
}
}
}
updateSection
Beta
Description
Update policy section attributes
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateWanFirewallSection($accountId: ID!) {
policy(accountId: $accountId) {
wanFirewall {
updateSection(input: {
id: "3b01b175-0098-45ea-a503-707463d01781",
section: {
name: "updated WAN section name"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanFirewall": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "3b01b175-0098-45ea-a503-707463d01781",
"name": "My new section"
}
}
}
}
}
}
}
WanNetworkPolicyMutations
addRule
Beta
Response
Returns a WanNetworkRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - WanNetworkAddRuleInput!
|
Example
Query
mutation wanNetworkAddRule($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
addRule(input: {
rule: {
enabled: true,
name: "my WAN network rule",
description: "my WAN network rule description example",
bandwidthPriority: {
input: "-1",
by: ID
},
ruleType: INTERNET,
configuration: {
primaryTransport: {
transportType: WAN,
primaryInterfaceRole: WAN1,
secondaryInterfaceRole: WAN2
},
activeTcpAcceleration: true,
packetLossMitigation: false,
preserveSourcePort: false
}
},
at: {
position: LAST_IN_POLICY
}
}) {
rule {
rule {
id
enabled
name
description
bandwidthPriority {
id
}
ruleType
configuration {
primaryTransport {
transportType
primaryInterfaceRole
secondaryInterfaceRole
}
activeTcpAcceleration
packetLossMitigation
preserveSourcePort
}
}
}
errors {
errorCode
errorMessage
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanNetwork": {
"addRule": {
"rule": {
"rule": {
"id": "b1d1c229-b010-460a-8afd-d09e44b8e237",
"enabled": true,
"name": "my WAN network rule",
"description": "my WAN network rule description example",
"bandwidthPriority": {"id": "-1"},
"ruleType": "INTERNET",
"configuration": {
"primaryTransport": {
"transportType": "WAN",
"primaryInterfaceRole": "WAN1",
"secondaryInterfaceRole": "WAN2"
},
"activeTcpAcceleration": true,
"packetLossMitigation": false,
"preserveSourcePort": false
}
}
},
"errors": [],
"status": "SUCCESS"
}
}
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation wanNetworkAddSection($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
addSection(input: {
section: {
name: "My new section"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanNetwork": {
"addSection": {
"section": {
"section": {
"id": "d10c20fe-256c-4780-8239-7b432c9f8fc3",
"name": "My new section"
}
},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns a WanNetworkPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreateWanNetworkRevision($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
createPolicyRevision(input: {
name: "WAN network Test Revision",
description: "Testing working with multiple WAN network revisions"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanNetwork": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Testing working with multiple WAN network revisions",
"name": "WAN network Test Revision",
"id": "fa62d870-ccc6-45e1-af66-bf78c29bee68",
"createdTime": "2025-03-03T08:58:52.707",
"updatedTime": "2025-03-03T08:58:52.707"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns a WanNetworkPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation DiscardWanNetworkPolicy($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
discardPolicyRevision {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"wanNetwork": {"discardPolicyRevision": {"status": "FAILURE"}}}
}
}
moveRule
Beta
Response
Returns a WanNetworkRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation wanNetworkMoveRule($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
moveRule(input: {
id: "b1d1c229-b010-460a-8afd-d09e44b8e237",
to: {
position: FIRST_IN_POLICY
}
}) {
status
rule {
rule {
id
section {
id
name
}
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanNetwork": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "b1d1c229-b010-460a-8afd-d09e44b8e237",
"section": {
"id": "52bd561b-2877-4941-a3d0-5c7219e8e7b7",
"name": "Wan network example section"
}
}
}
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation wanNetworkMoveSection($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
moveSection(input: {
id: "d10c20fe-256c-4780-8239-7b432c9f8fc3"
to: {
position: LAST_IN_POLICY
}
}) {
status
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanNetwork": {
"moveSection": {
"status": "SUCCESS",
"section": {
"properties": ["MOVED"],
"section": {
"id": "d10c20fe-256c-4780-8239-7b432c9f8fc3",
"name": "My new section"
}
}
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns a WanNetworkPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
# wanNetworkPublishPolicy.graphql
mutation wanNetworkPublishPolicy($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
publishPolicyRevision(input: {
name: "Ticket #456",
description: "Update network rules"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {"wanNetwork": {"publishPolicyRevision": {"status": "SUCCESS"}}}
}
}
removeRule
Beta
Response
Returns a WanNetworkRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - WanNetworkRemoveRuleInput!
|
Example
Query
mutation wanNetworkRemoveRule($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
removeRule(input: {
id: "b1d1c229-b010-460a-8afd-d09e44b8e237"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{"data": {"policy": {"wanNetwork": {"removeRule": {"status": "SUCCESS"}}}}}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation wanNetworkDeleteSection($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
removeSection(input: {
id: "d10c20fe-256c-4780-8239-7b432c9f8fc3"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{"data": {"policy": {"wanNetwork": {"removeSection": {"status": "SUCCESS"}}}}}
updatePolicy
Beta
Response
Returns a WanNetworkPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - WanNetworkPolicyUpdateInput!
|
Example
Query
mutation UpdateWanNetworkPolicyState($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
updatePolicy(input: {
state: DISABLED
}) {
status
policy {
enabled
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanNetwork": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Response
Returns a WanNetworkRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - WanNetworkUpdateRuleInput!
|
Example
Query
mutation wanNetworkUpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
updateRule(input: {
id: "b1d1c229-b010-460a-8afd-d09e44b8e237",
rule: {
enabled: true,
name: "Update my WAN network rule example",
description: "Updated my WAN network rule description example",
bandwidthPriority: {
input: "1436786",
by: ID
},
ruleType: INTERNET,
configuration: {
primaryTransport: {
transportType: WAN,
primaryInterfaceRole: WAN1,
secondaryInterfaceRole: WAN2
},
activeTcpAcceleration: true,
packetLossMitigation: false,
preserveSourcePort: false
}
}
}) {
rule {
rule {
id
enabled
name
description
bandwidthPriority {
id
}
ruleType
configuration {
primaryTransport {
transportType
primaryInterfaceRole
secondaryInterfaceRole
}
activeTcpAcceleration
packetLossMitigation
preserveSourcePort
}
}
}
errors {
errorCode
errorMessage
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanNetwork": {
"updateRule": {
"rule": {
"rule": {
"id": "b1d1c229-b010-460a-8afd-d09e44b8e237",
"enabled": true,
"name": "Update my WAN network rule example",
"description": "Updated my WAN network rule description example",
"bandwidthPriority": {"id": "1436786"},
"ruleType": "INTERNET",
"configuration": {
"primaryTransport": {
"transportType": "WAN",
"primaryInterfaceRole": "WAN1",
"secondaryInterfaceRole": "WAN2"
},
"activeTcpAcceleration": true,
"packetLossMitigation": false,
"preserveSourcePort": false
}
}
},
"errors": [],
"status": "SUCCESS"
}
}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation wanNetworkUpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
wanNetwork {
updateSection(input: {
id: "d10c20fe-256c-4780-8239-7b432c9f8fc3",
section: {
name: "updated WAN network section name"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"wanNetwork": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "d10c20fe-256c-4780-8239-7b432c9f8fc3",
"name": "My new section"
}
}
}
}
}
}
}
XdrMutations
addStoryComment
Beta
Description
Post comments that help track the story investigation
Response
Returns an AddStoryCommentPayload
Arguments
| Name | Description |
|---|---|
input - AddStoryCommentInput!
|
Example
Query
mutation addStoryComment(
$accountId: ID!,
$input: AddStoryCommentInput!) {
xdr(accountId: $accountId) {
addStoryComment(
input: $input) {
comment {
id
createdAt
text
actor {
id
name
__typename
}
}
}
}
}
Variables
{
"accountId": "123",
"input": {"storyId": "012345678901234567890123", "text": "This is a comment"}
}
Response
{
"data": {
"xdr": {
"addStoryComment": {
"comment": {
"id": "01234567-0123-0123-0123-012345678901",
"createdAt": "2024-01-01T00:00:00Z",
"text": "This is a comment",
"actor": {"id": 1, "name": "Actor1", "__typename": "AdminRef"}
}
}
}
}
}
analystFeedback
Beta
Description
Manage Story Actions, such as the story Verdict, Type, and Classification. You can also enter Additional Info that is relevant to the story.
Response
Returns an AnalystFeedbackPayload
Arguments
| Name | Description |
|---|---|
input - AnalystFeedbackInput!
|
Example
Query
mutation analystFeedback(
$accountId: ID!,
$input: AnalystFeedbackInput!) {
xdr(accountId: $accountId) {
analystFeedback(
input: $input) {
story {
id
accountId
analystName
analystEmail
accountName
updatedAt
createdAt
summary
incident {
id
firstSignal
lastSignal
engineType
vendor
producer
producerName
connectionType
indication
queryName
criticality
source
ticket
status
research
storyDuration
description
sourceIp
analystFeedback {
verdict
severity
threatType {
name
recommendedAction
details
}
threatClassification
additionalInfo
}
site {
id
name
}
user {
id
name
}
predictedVerdict
predictedThreatType
}
timeline {
createdAt
description
context
type
descriptions
category
additionalInfo
analystInfo {
name
email
}
}
playbook
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"storyId": "012345678901234567890123",
"verdict": "Suspicious",
"severity": "High",
"threatType": {
"name": "threatTypeName",
"recommendedAction": "recommendedAction",
"details": "details"
},
"threatClassification": "threatClassification",
"additionalInfo": "additionalInfo",
"status": "Open"
}
}
Response
{
"data": {
"xdr": {
"analystFeedback": {
"id": "012345678901234567890123",
"accountId": "123",
"analystName": "analystName",
"analystEmail": "analyst@email.com",
"accountName": "accountName",
"updatedAt": "2024-02-29T09:00:00Z",
"createdAt": "2024-02-29T09:00:00Z",
"playbook": null,
"summary": "summary",
"incident": {
"__typename": "Threat",
"id": "id",
"firstSignal": "2024-02-29T09:00:00Z",
"lastSignal": "2024-02-29T09:00:00Z",
"engineType": "ANOMALY",
"vendor": "CATO",
"producer": "AnomalyStats",
"producerName": "producerName",
"connectionType": "Site",
"indication": "indication",
"queryName": "queryName",
"criticality": 1,
"source": "source",
"ticket": null,
"status": "Open",
"research": false,
"siteName": "siteName",
"storyDuration": 1000,
"description": "description",
"sourceIp": "1.2.3.4",
"analystFeedback": {
"verdict": "Suspicious",
"severity": "High",
"threatType": {
"name": "PuP",
"details": null,
"recommendedAction": null
},
"threatClassification": null,
"additionalInfo": null
},
"site": {"id": "id", "name": "name"},
"user": {"id": "id", "name": "name"},
"predictedVerdict": null,
"predictedThreatType": null
},
"timeline": [
{
"createdAt": "2024-03-27T08:22:51Z",
"description": "description",
"context": "Story created",
"type": "Diff",
"descriptions": [],
"category": null,
"additionalInfo": null,
"analystInfo": {"name": "name", "email": "email@email.com"}
}
]
}
}
}
}
deleteStoryComment
Beta
Description
Delete a previously posted comment using the comment ID.
Response
Returns a DeleteStoryCommentPayload
Arguments
| Name | Description |
|---|---|
input - DeleteStoryCommentInput!
|
Example
Query
mutation deleteStoryComment(
$accountId: ID!,
$input: DeleteStoryCommentInput!) {
xdr(accountId: $accountId) {
deleteStoryComment(
input: $input) {
comment {
id
createdAt
text
actor {
id
name
__typename
}
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"storyId": "012345678901234567890123",
"commentId": "01234567-0123-0123-0123-012345678901"
}
}
Response
{
"data": {
"xdr": {
"deleteStoryComment": {
"comment": {
"id": "01234567-0123-0123-0123-012345678901",
"createdAt": "2024-01-01T00:00:00Z",
"text": "This is a comment",
"actor": {"id": 1, "name": "Actor1", "__typename": "AdminRef"}
}
}
}
}
}
updateInvestigationDetails
Beta
Response
Returns an UpdateInvestigationDetailsPayload
Arguments
| Name | Description |
|---|---|
input - UpdateInvestigationDetailsInput!
|
Example
Query
mutation updateInvestigationDetails(
$accountId: ID!,
$input: UpdateInvestigationDetailsInput!) {
xdr(accountId: $accountId) {
updateInvestigationDetails(
input: $input) {
investigationDetails {
investigationStatus
managedServiceTicketLink
lastUserComment {
id
createdAt
text
actor {
id
name
__typename
}
}
lastManagedComment {
id
createdAt
text
actor {
id
name
__typename
}
}
}
}
}
}
Variables
{
"accountId": "123",
"input": {
"storyId": "012345678901234567890123",
"investigationStatus": "In Progress",
"managedServiceTicketLink": "https://example.com/ticket/12345"
}
}
Response
{
"data": {
"xdr": {
"updateInvestigationDetails": {
"investigationDetails": {
"investigationStatus": "In Progress",
"managedServiceTicketLink": "https://example.com/ticket/12345",
"lastUserComment": {
"id": "01234567-0123-0123-0123-012345678901",
"createdAt": "2024-02-29T09:00:00Z",
"text": "User comment text",
"actor": {"id": "1", "name": "John Doe", "__typename": "AdminRef"}
},
"lastManagedComment": {
"id": "01234567-0123-0123-0123-012345678902",
"createdAt": "2024-02-29T10:00:00Z",
"text": "Managed service comment text",
"actor": {"id": "2", "name": "Jane Smith", "__typename": "AdminRef"}
}
}
}
}
}
}
ZtnaAlwaysOnPolicyMutations
addRule
Beta
Response
Returns a ZtnaAlwaysOnRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - ZtnaAlwaysOnAddRuleInput!
|
Example
Query
mutation AddRule($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
addRule(input: {
at: { position: LAST_IN_POLICY }
rule: {
enabled: true
name: "Rule Example "
description: "Description Example"
action: ENFORCE
platform: [WINDOWS]
bypassDuration: { time: 15, unit: MINUTES }
antiTamperMode: OFF
allowUserBypass: false
allowFailOpen: true
}
}) {
status
errors { errorCode errorMessage }
rule {
rule {
id
name
description
enabled
action
platform
bypassDuration { time unit }
antiTamperMode
allowUserBypass
allowFailOpen
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"ztnaAlwaysOn": {
"addRule": {
"status": "SUCCESS",
"errors": [],
"rule": {
"rule": {
"id": "dc86486d-1377-4b51-b38f-7911da8f962c",
"name": "Rule Example ",
"description": "Description Example",
"enabled": true,
"action": "ENFORCE",
"platform": ["WINDOWS"],
"bypassDuration": {"time": 15, "unit": "MINUTES"},
"antiTamperMode": "OFF",
"allowUserBypass": false,
"allowFailOpen": true
}
}
}
}
}
}
}
addSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyAddSectionInput!
|
Example
Query
mutation AddSection($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
addSection(input: {
section: {
name: "New Section Name Example"
},
at: {
position: LAST_IN_POLICY
}
}) {
section {
section {
id
name
}
}
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"ztnaAlwaysOn": {
"addSection": {
"section": {
"section": {
"id": "83e54a6a-9998-4fcf-b1a1-5313e52cc5f0",
"name": "New section2"
}
},
"status": "SUCCESS"
}
}
}
}
}
createPolicyRevision
Beta
Response
Returns a ZtnaAlwaysOnPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyCreateRevisionInput!
|
Example
Query
mutation CreatePolicyRevision($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
createPolicyRevision(input: {
name: "Revision Name Example"
description: "Revision Description Example"
}) {
status
policy {
revision {
description
name
id
createdTime
updatedTime
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"ztnaAlwaysOn": {
"createPolicyRevision": {
"status": "SUCCESS",
"policy": {
"revision": {
"description": "Revision Description Example",
"name": "Revision Name Example",
"id": "89914c1d-3fe5-4398-9488-8373ca619411",
"createdTime": "2025-11-09T12:20:21.100",
"updatedTime": "2025-11-09T12:20:21.100"
}
}
}
}
}
}
}
discardPolicyRevision
Beta
Response
Returns a ZtnaAlwaysOnPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyDiscardRevisionInput
|
Example
Query
mutation ztnaAlwaysOnDiscardPolicy($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
discardPolicyRevision {
status
errors {
errorCode
errorMessage
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"ztnaAlwaysOn": {
"discardPolicyRevision": {
"status": "FAILURE",
"errors": [
{
"errorCode": "PolicyRevisionNotFound",
"errorMessage": "Revision was not found"
}
]
}
}
}
}
}
moveRule
Beta
Response
Returns a ZtnaAlwaysOnRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveRuleInput!
|
Example
Query
mutation MoveRule($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
moveRule(input: { id: "601d474a-9843-4511-8c65-cc3885f9e449" to: { position: FIRST_IN_POLICY } }) {
status
rule { rule { index id } }
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"ztnaAlwaysOn": {
"moveRule": {
"status": "SUCCESS",
"rule": {
"rule": {"index": 1, "id": "601d474a-9843-4511-8c65-cc3885f9e449"}
}
}
}
}
}
}
moveSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyMoveSectionInput!
|
Example
Query
mutation MoveSection($accountId:ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
moveSection(input: {
id: "0495cf5e-1598-4f34-8c01-94970620c68f"
to: {
position: LAST_IN_POLICY
}
}) {
status
errors {
errorMessage
errorCode
}
section {
properties
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"ztnaAlwaysOn": {
"moveSection": {
"status": "SUCCESS",
"errors": [],
"section": {
"properties": ["MOVED"],
"section": {
"id": "0495cf5e-1598-4f34-8c01-94970620c68f",
"name": "New section 2"
}
}
}
}
}
}
}
publishPolicyRevision
Beta
Response
Returns a ZtnaAlwaysOnPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyPublishRevisionInput
|
Example
Query
mutation PublishPolicy($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
publishPolicyRevision(input: { name: "IT Group SDP Users Always On Example" description: "Publish Always On policy revision Example" }) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {"ztnaAlwaysOn": {"publishPolicyRevision": {"status": "SUCCESS"}}}
}
}
removeRule
Beta
Response
Returns a ZtnaAlwaysOnRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - ZtnaAlwaysOnRemoveRuleInput!
|
Example
Query
mutation RemoveRule($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
removeRule(input: { id: "b0bda711-b998-4c6d-9939-e0730d3d2ba3" }) {
status
}
}
}
}
Variables
{"accountId": 203337}
Response
{"data": {"policy": {"ztnaAlwaysOn": {"removeRule": {"status": "FAILURE"}}}}}
removeSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyRemoveSectionInput!
|
Example
Query
mutation RemoveSection($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
removeSection(input: {
id: "f4d0862d-cd2f-47fa-9a94-ce418130ce1f"
}) {
status
}
}
}
}
Variables
{"accountId": 12345}
Response
{"data": {"policy": {"ztnaAlwaysOn": {"removeSection": {"status": "SUCCESS"}}}}}
updatePolicy
Beta
Response
Returns a ZtnaAlwaysOnPolicyMutationPayload!
Arguments
| Name | Description |
|---|---|
input - ZtnaAlwaysOnPolicyUpdateInput!
|
Example
Query
mutation UpdatePolicyState($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
updatePolicy(input: { state: DISABLED }) {
status
policy { enabled }
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"ztnaAlwaysOn": {
"updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
}
}
}
}
updateRule
Beta
Response
Returns a ZtnaAlwaysOnRuleMutationPayload!
Arguments
| Name | Description |
|---|---|
input - ZtnaAlwaysOnUpdateRuleInput!
|
Example
Query
mutation UpdateRule($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
updateRule(input: {
id: "601d474a-9843-4511-8c65-cc3885f9e449"
rule: {
name: "Updated Rule Name Example"
platform: [MACOS]
}
}) {
status
rule {
rule {
id
name
platform
}
}
}
}
}
}
Variables
{"accountId": 203337}
Response
{
"data": {
"policy": {
"ztnaAlwaysOn": {
"updateRule": {
"status": "SUCCESS",
"rule": {
"rule": {
"id": "601d474a-9843-4511-8c65-cc3885f9e449",
"name": "Updated Rule Name Example",
"platform": ["MACOS"]
}
}
}
}
}
}
}
updateSection
Beta
Response
Returns a PolicySectionMutationPayload!
Arguments
| Name | Description |
|---|---|
input - PolicyUpdateSectionInput!
|
Example
Query
mutation UpdateSection($accountId: ID!) {
policy(accountId: $accountId) {
ztnaAlwaysOn {
updateSection(input: {
id: "5fe053cd-69fc-443d-ab14-5e838100d3c3"
section: {
name: "Updated Section Name Example"
}
}) {
status
section {
section {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"policy": {
"ztnaAlwaysOn": {
"updateSection": {
"status": "SUCCESS",
"section": {
"section": {
"id": "5fe053cd-69fc-443d-ab14-5e838100d3c3",
"name": "New section"
}
}
}
}
}
}
}
ZtnaAppConnectorMutations
Description
Create a new ZTNA App Connector
Response
Returns an AddZtnaAppConnectorPayload!
Arguments
| Name | Description |
|---|---|
input - AddZtnaAppConnectorInput!
|
Example
Query
mutation AddZtnaAppConnector($accountId: ID!) {
ztnaAppConnector(accountId: $accountId) {
addZtnaAppConnector(input: {
name: "DC-West-Connector-1"
description: "Connector for the west data center"
groupName: "West-DC-Group"
type: VIRTUAL
location: {
countryCode: "US"
stateCode: "California"
city: "Los Angeles"
timezone: "America/Los_Angeles"
}
}) {
ztnaAppConnector {
id
name
description
type
groupName
location {
countryCode
countryName
cityName
stateCode
timezone
}
createdAt
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"ztnaAppConnector": {
"addZtnaAppConnector": {
"ztnaAppConnector": {
"id": "1500000003",
"name": "DC-West-Connector-1",
"description": "Connector for the west data center",
"type": "VIRTUAL",
"groupName": "West-DC-Group",
"location": {
"countryCode": "US",
"countryName": "United States",
"cityName": "Los Angeles",
"stateCode": "California",
"timezone": "America/Los_Angeles"
},
"createdAt": "2025-08-20T09:15:00Z"
}
}
}
}
}
Description
Create ZTNA App Connectors configuration. Creates default ranges if not provided.
Response
Returns an AddZtnaAppConnectorsConfigurationPayload!
Arguments
| Name | Description |
|---|---|
input - AddZtnaAppConnectorsConfigurationInput!
|
Example
Query
mutation AddZtnaAppConnectorsConfiguration($accountId: ID!) {
ztnaAppConnector(accountId: $accountId) {
addZtnaAppConnectorsConfiguration(input: {
privateAppsServiceRange: "100.64.0.0/16"
appConnectorManagementRange: "100.65.0.0/16"
}) {
ztnaAppConnectorsConfiguration {
privateAppsServiceRange
appConnectorManagementRange
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"ztnaAppConnector": {
"addZtnaAppConnectorsConfiguration": {
"ztnaAppConnectorsConfiguration": {
"privateAppsServiceRange": "100.64.0.0/16",
"appConnectorManagementRange": "100.65.0.0/16"
}
}
}
}
}
Description
Remove an existing ZTNA App Connector by reference Returns the removed resource
Response
Returns a RemoveZtnaAppConnectorPayload!
Arguments
| Name | Description |
|---|---|
input - RemoveZtnaAppConnectorInput!
|
Example
Query
mutation RemoveZtnaAppConnector($accountId: ID!) {
ztnaAppConnector(accountId: $accountId) {
removeZtnaAppConnector(input: {
ztnaAppConnector: { by: ID, input: "1500000003" }
}) {
ztnaAppConnector {
id
name
type
groupName
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"ztnaAppConnector": {
"removeZtnaAppConnector": {
"ztnaAppConnector": {
"id": "1500000003",
"name": "DC-West-Connector-1",
"type": "VIRTUAL",
"groupName": "West-DC-Group"
}
}
}
}
}
Description
Remove ZTNA App Connectors configuration. Fails if any IPs are currently allocated.
Response
Example
Query
mutation RemoveZtnaAppConnectorsConfiguration($accountId: ID!) {
ztnaAppConnector(accountId: $accountId) {
removeZtnaAppConnectorsConfiguration {
ztnaAppConnectorsConfiguration {
privateAppsServiceRange
appConnectorManagementRange
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"ztnaAppConnector": {
"removeZtnaAppConnectorsConfiguration": {
"ztnaAppConnectorsConfiguration": {
"privateAppsServiceRange": "100.64.0.0/16",
"appConnectorManagementRange": "100.65.0.0/16"
}
}
}
}
}
Description
Unassign a socket from a ZTNA App Connector
Response
Returns an UnassignSocketFromZtnaAppConnectorPayload!
Arguments
| Name | Description |
|---|---|
input - UnassignSocketFromZtnaAppConnectorInput!
|
Example
Query
mutation UnassignSocketFromZtnaAppConnector($accountId: ID!) {
ztnaAppConnector(accountId: $accountId) {
unassignSocketFromZtnaAppConnector(input: {
ztnaAppConnector: { by: ID, input: "1500000001" }
}) {
ztnaAppConnector {
id
name
serialNumber
socketId
socketModel
type
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"ztnaAppConnector": {
"unassignSocketFromZtnaAppConnector": {
"ztnaAppConnector": {
"id": "1500000001",
"name": "DC-East-Connector-1",
"serialNumber": null,
"socketId": null,
"socketModel": null,
"type": "PHYSICAL"
}
}
}
}
}
Description
Update an existing ZTNA App Connector
Response
Returns an UpdateZtnaAppConnectorPayload!
Arguments
| Name | Description |
|---|---|
input - UpdateZtnaAppConnectorInput!
|
Example
Query
mutation UpdateZtnaAppConnector($accountId: ID!) {
ztnaAppConnector(accountId: $accountId) {
updateZtnaAppConnector(input: {
id: "1500000001"
name: "DC-East-Connector-Primary"
description: "Primary connector for east data center - updated"
location: {
countryCode: "US"
stateCode: "New York"
city: "New York"
timezone: "America/New_York"
}
preferredPopLocation: {
automatic: false
preferredOnly: true
primary: { by: ID, input: "123" }
secondary: { by: ID, input: "456" }
}
}) {
ztnaAppConnector {
id
name
description
groupName
location {
countryCode
countryName
cityName
stateCode
timezone
}
preferredPopLocation {
automatic
preferredOnly
primary {
id
name
}
secondary {
id
name
}
}
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"ztnaAppConnector": {
"updateZtnaAppConnector": {
"ztnaAppConnector": {
"id": "1500000001",
"name": "DC-East-Connector-Primary",
"description": "Primary connector for east data center - updated",
"groupName": "East-DC-Group",
"location": {
"countryCode": "US",
"countryName": "United States",
"cityName": "New York",
"stateCode": "New York",
"timezone": "America/New_York"
},
"preferredPopLocation": {
"automatic": false,
"preferredOnly": true,
"primary": {"id": "123", "name": "New York"},
"secondary": {"id": "456", "name": "Tel Aviv"}
}
}
}
}
}
}
Description
Update ZTNA App Connectors configuration.
Response
Returns an UpdateZtnaAppConnectorsConfigurationPayload!
Arguments
| Name | Description |
|---|---|
input - UpdateZtnaAppConnectorsConfigurationInput!
|
Example
Query
mutation UpdateZtnaAppConnectorsConfiguration($accountId: ID!) {
ztnaAppConnector(accountId: $accountId) {
updateZtnaAppConnectorsConfiguration(input: {
privateAppsServiceRange: "100.66.0.0/16"
}) {
ztnaAppConnectorsConfiguration {
privateAppsServiceRange
appConnectorManagementRange
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"ztnaAppConnector": {
"updateZtnaAppConnectorsConfiguration": {
"ztnaAppConnectorsConfiguration": {
"privateAppsServiceRange": "100.66.0.0/16",
"appConnectorManagementRange": "100.65.0.0/16"
}
}
}
}
}
Response
Returns an UpgradeZtnaAppConnectorPayload!
Arguments
| Name | Description |
|---|---|
input - UpgradeZtnaAppConnectorInput!
|
Example
Query
mutation UpgradeZtnaAppConnector($accountId: ID!) {
ztnaAppConnector(accountId: $accountId) {
upgradeZtnaAppConnector(input: {
upgrades: [
{
ztnaAppConnector: { by: ID, input: "1500000001" }
targetVersion: "23.0.19481"
}
]
}) {
upgrades {
ztnaAppConnector {
id
name
}
targetVersion
}
}
}
}
Variables
{"accountId": 12345}
Response
{
"data": {
"ztnaAppConnector": {
"upgradeZtnaAppConnector": {
"upgrades": [
{
"ztnaAppConnector": {
"id": "1500000001",
"name": "DC-East-Connector-1"
},
"targetVersion": "23.0.19481"
}
]
}
}
}
}
Types
AISecurityApplicationsLicense
BetaDescription
AI Security Applications service license details
Fields
| Field Name | Description |
|---|---|
description - String
|
|
expirationDate - DateTime!
|
License expiration date |
id - ID
|
The unique identifier for the license. If this value is not available, you can contact Cato Support, who may be able to assist in retrieving it. |
lastUpdated - DateTime
|
The date of the last update to the license |
plan - LicensePlan!
|
License plan type |
sku - LicenseSku!
|
The license SKU |
startDate - DateTime
|
License start date |
status - LicenseStatus!
|
License activation status |
total - Int!
|
License quantity |
Example
{
"description": "abc123",
"expirationDate": "2007-12-03T10:15:30Z",
"id": 4,
"lastUpdated": "2007-12-03T10:15:30Z",
"plan": "COMMERCIAL",
"sku": "CATO_ADSP",
"startDate": "2007-12-03T10:15:30Z",
"status": "ACTIVE",
"total": 987
}
AISecurityUsersLicense
BetaDescription
AI Security Users service license details
Fields
| Field Name | Description |
|---|---|
description - String
|
|
expirationDate - DateTime!
|
License expiration date |
id - ID
|
The unique identifier for the license. If this value is not available, you can contact Cato Support, who may be able to assist in retrieving it. |
lastUpdated - DateTime
|
The date of the last update to the license |
plan - LicensePlan!
|
License plan type |
sku - LicenseSku!
|
The license SKU |
startDate - DateTime
|
License start date |
status - LicenseStatus!
|
License activation status |
total - Int!
|
License quantity |
Example
{
"description": "xyz789",
"expirationDate": "2007-12-03T10:15:30Z",
"id": "4",
"lastUpdated": "2007-12-03T10:15:30Z",
"plan": "COMMERCIAL",
"sku": "CATO_ADSP",
"startDate": "2007-12-03T10:15:30Z",
"status": "ACTIVE",
"total": 123
}
AccessRequestSortInput
BetaDescription
Sort settings for managed account access requests.
Fields
| Input Field | Description |
|---|---|
activeDate - SortOrderInput
|
Sort by activation date. |
expirationDate - SortOrderInput
|
Sort by expiration date. |
id - SortOrderInput
|
Sort by request ID. |
requestedDate - SortOrderInput
|
Sort by requested date. |
status - SortOrderInput
|
Sort by status. |
Example
{
"activeDate": SortOrderInput,
"expirationDate": SortOrderInput,
"id": SortOrderInput,
"requestedDate": SortOrderInput,
"status": SortOrderInput
}
AccessRequestStatus
BetaValues
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"ACTIVE"
AccessRequestStatusFilterInput
BetaDescription
Filter criteria for access request status.
Fields
| Input Field | Description |
|---|---|
eq - AccessRequestStatus
|
Equals. |
in - [AccessRequestStatus!]
|
In list. |
neq - AccessRequestStatus
|
Not equals. |
nin - [AccessRequestStatus!]
|
Not in list. |
Example
{"eq": "ACTIVE", "in": ["ACTIVE"], "neq": "ACTIVE", "nin": ["ACTIVE"]}
AccessRequestTypeFilterInput
BetaDescription
Filter criteria for access request type.
Fields
| Input Field | Description |
|---|---|
eq - ExternalAccessRequestType
|
Equals. |
in - [ExternalAccessRequestType!]
|
In list. |
neq - ExternalAccessRequestType
|
Not equals. |
nin - [ExternalAccessRequestType!]
|
Not in list. |
Example
{"eq": "AUTOMATE", "in": ["AUTOMATE"], "neq": "AUTOMATE", "nin": ["AUTOMATE"]}
AccessTokenRef
BetaAccountAuditData
AccountDataPayload
AccountFilter
BetaFields
| Input Field | Description |
|---|---|
accountInclusion - AccountInclusion
|
|
in - [ID!]
|
Example
{
"accountInclusion": "ALL_ACCOUNTS",
"in": ["4"]
}
AccountIdPredicate
BetaAccountInclusion
BetaValues
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"ALL_ACCOUNTS"
AccountInfo
Fields
| Field Name | Description |
|---|---|
audit - AccountAuditData!
|
Audit data for the account |
description - String
|
User-defined information as defined by an account admin |
id - ID!
|
The ID of the account |
name - String!
|
The name of the account |
plan - AccountPlan
|
The account plan |
status - AccountStatus!
|
The account status |
tenancy - AccountTenancy!
|
The account tenancy e.g. single-tenant / multi-tenant |
timeZone - TimeZone!
|
The time zone of the account. Default: UTC (GMT + 0). |
type - AccountProfileType!
|
The account type e.g. Partner or Customer |
Example
{
"audit": AccountAuditData,
"description": "abc123",
"id": 4,
"name": "abc123",
"plan": "COMMERCIAL",
"status": "ACTIVE",
"tenancy": "MULTI_TENANT",
"timeZone": "Etc/UTC",
"type": "CUSTOMER"
}
AccountMetrics
Fields
| Field Name | Description |
|---|---|
from - DateTime
|
Starting time |
granularity - Int
|
The size of a single time bucket in seconds |
id - ID
|
Unique Identifier of Account. |
sites - [SiteMetrics!]
|
Site connectivity metrics for the requested sites. |
Arguments
|
|
timeseries - [Timeseries!]
|
|
Arguments
|
|
to - DateTime
|
Ending time |
users - [SiteMetrics!]
|
Connectivity metrics for the requested users connecting remotely with the Client. Doesn’t include user traffic behind a site. |
Arguments
|
|
Example
{
"from": "2007-12-03T10:15:30Z",
"granularity": 987,
"id": 4,
"sites": [SiteMetrics],
"timeseries": [Timeseries],
"to": "2007-12-03T10:15:30Z",
"users": [SiteMetrics]
}
AccountOperationsIncident
Fields
| Field Name | Description |
|---|---|
incidentTimeline - [AccountOperationsTimelineBase!]!
|
|
metadata - [AccountOperationsMetadata!]!
|
|
playbooks - [AiOperationsPlaybook!]!
|
Example
{
"incidentTimeline": [AccountOperationsTimelineBase],
"metadata": [AccountOperationsMetadata],
"playbooks": [AiOperationsPlaybook]
}
AccountOperationsMetadata
Fields
| Field Name | Description |
|---|---|
key - String!
|
|
type - MetadataType!
|
|
value - String!
|
Example
{
"key": "xyz789",
"type": "TXT",
"value": "xyz789"
}
AccountOperationsTimelineBase
Fields
| Field Name | Description |
|---|---|
id - ID!
|
|
created - Time!
|
|
validated - Time!
|
|
description - String!
|
|
type - AccountOperationsTimelineType!
|
Possible Types
| AccountOperationsTimelineBase Types |
|---|
Example
{
"id": "4",
"created": "10:15:30Z",
"validated": "10:15:30Z",
"description": "abc123",
"type": "Action"
}
AccountOperationsTimelineEvent
Fields
| Field Name | Description |
|---|---|
created - Time!
|
|
description - String!
|
|
eventIds - [String!]!
|
|
id - ID!
|
|
muted - Boolean!
|
|
type - AccountOperationsTimelineType!
|
|
validated - Time!
|
Example
{
"created": "10:15:30Z",
"description": "abc123",
"eventIds": ["abc123"],
"id": "4",
"muted": true,
"type": "Action",
"validated": "10:15:30Z"
}
AccountOperationsTimelineType
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"Action"
AccountPlan
Description
enum that shows account license status
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"COMMERCIAL"
AccountProfileType
Description
enum for account type
Values
| Enum Value | Description |
|---|---|
|
|
A customer account |
|
|
A partner account |
Example
"CUSTOMER"
AccountRef
BetaAccountRefInput
BetaFields
| Input Field | Description |
|---|---|
by - ObjectRefBy!
|
|
input - String!
|
Example
{"by": "ID", "input": "xyz789"}
AccountRolesResult
Fields
| Field Name | Description |
|---|---|
items - [RBACRole!]!
|
|
total - Int!
|
Example
{"items": [RBACRole], "total": 987}
AccountSnapshot
Fields
| Field Name | Description |
|---|---|
id - ID
|
Unique Identifier of Account |
sites - [SiteSnapshot!]
|
Sites includes information about online as well as offline sites |
Arguments
|
|
timestamp - DateTime
|
|
users - [UserSnapshot!]
|
VPN users information includes only connected users by default (Unlike sites), unless specific ID is requested |
Arguments
|
|
Example
{
"id": "4",
"sites": [SiteSnapshot],
"timestamp": "2007-12-03T10:15:30Z",
"users": [UserSnapshot]
}
AccountStatus
Description
enum that shows account license status
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"ACTIVE"
AccountTenancy
Description
enum for account tenancy
Values
| Enum Value | Description |
|---|---|
|
|
Multi tenant account - default for partner accounts |
|
|
Single tenant account - default for customer accounts |
Example
"MULTI_TENANT"
AccountType
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"ALL"
Activity
Possible Types
| Activity Types |
|---|
Example
{
"id": "4",
"resourceId": "4",
"parentResourceId": 4
}
ActorRef
BetaActorRefInput
BetaFields
| Input Field | Description |
|---|---|
by - ObjectRefBy!
|
|
input - String!
|
Example
{"by": "ID", "input": "abc123"}
AddAccountInput
Fields
| Input Field | Description |
|---|---|
description - String
|
User-defined information as defined by an account admin |
name - String!
|
The name of the account |
tenancy - AccountTenancy!
|
The account tenancy (single-tenant / multi-tenant) |
timezone - TimeZone!
|
The time zone of the account. Default: UTC (GMT + 0). |
type - AccountProfileType!
|
The account type (Partner / customer) |
Example
{
"description": "abc123",
"name": "abc123",
"tenancy": "MULTI_TENANT",
"timezone": "Etc/UTC",
"type": "CUSTOMER"
}
AddAdminInput
Fields
| Input Field | Description |
|---|---|
adminType - AdminType
|
|
email - String
|
|
firstName - String!
|
|
lastName - String!
|
|
managedRoles - [UpdateAdminRoleInput!]
|
|
passwordNeverExpires - Boolean!
|
|
resellerRoles - [UpdateAdminRoleInput!]
|
Example
{
"adminType": "LOGIN",
"email": "xyz789",
"firstName": "abc123",
"lastName": "xyz789",
"managedRoles": [UpdateAdminRoleInput],
"passwordNeverExpires": true,
"resellerRoles": [UpdateAdminRoleInput]
}
AddAdminPayload
Fields
| Field Name | Description |
|---|---|
adminID - ID!
|
Example
{"adminID": 4}
AddBgpPeerInput
BetaFields
| Input Field | Description |
|---|---|
advertiseAllRoutes - Boolean!
|
Advertise all routes if true. Default |
advertiseDefaultRoute - Boolean!
|
Advertise the default route (0.0.0.0/0) if true. Default |
advertiseSummaryRoutes - Boolean!
|
Advertise summarized routes if true. Default |
bfdEnabled - Boolean!
|
Enable BFD for session failure detection if true. Default |
bfdSettings - BfdSettingsInput
|
Required BFD configuration if BFD is enabled. |
catoAsn - Asn16!
|
The AS number of Cato's BGP endpoint. |
defaultAction - BgpDefaultAction!
|
Default action for routes not matching filters (ACCEPT or DROP). |
defaultActionExclusion - [BgpFilterRuleInput!]!
|
Excluded rules from the default action. Default |
defaultRouteCommunities - [BgpCommunityInput!]!
|
Community values to associate with the default route. Default |
holdTime - Int!
|
Time (in seconds) before declaring the peer unreachable. Default |
keepaliveInterval - Int!
|
Time (in seconds) between keepalive messages. Default |
md5AuthKey - String
|
MD5 authentication key for secure sessions. |
metric - Int!
|
Route preference metric; lower values are given precedence. Default |
name - String!
|
Name of the BGP configuration entity. |
peerAsn - Asn32!
|
The AS number of the peer BGP endpoint. |
peerIp - IPAddress!
|
IP address of the peer BGP endpoint. |
performNat - Boolean!
|
Perform NAT if true. Default |
site - SiteRefInput!
|
Information about the site where the BGP peer is being added. |
summaryRoute - [BgpSummaryRouteInput!]!
|
Summarized routes to advertise. Default |
tracking - BgpTrackingInput
|
Configuration for tracking the health and status of the BGP peer. |
Example
{
"advertiseAllRoutes": true,
"advertiseDefaultRoute": false,
"advertiseSummaryRoutes": true,
"bfdEnabled": true,
"bfdSettings": BfdSettingsInput,
"catoAsn": Asn16,
"defaultAction": "ACCEPT",
"defaultActionExclusion": [BgpFilterRuleInput],
"defaultRouteCommunities": [BgpCommunityInput],
"holdTime": 123,
"keepaliveInterval": 123,
"md5AuthKey": "abc123",
"metric": 987,
"name": "xyz789",
"peerAsn": Asn32,
"peerIp": IPAddress,
"performNat": false,
"site": SiteRefInput,
"summaryRoute": [BgpSummaryRouteInput],
"tracking": BgpTrackingInput
}
AddBgpPeerPayload
BetaFields
| Field Name | Description |
|---|---|
bgpPeer - BgpPeer!
|
The BGP peer that was successfully added. |
Example
{"bgpPeer": BgpPeer}
AddCloudInterconnectPhysicalConnectionInput
BetaDescription
Input for adding a new physical connection to a cloud interconnect site.
Fields
| Input Field | Description |
|---|---|
downstreamBwLimit - NetworkBandwidth!
|
Downstream bandwidth limit. |
encapsulationMethod - TaggingMethod!
|
Method of encapsulation.Wither .1Q/QinQ |
haRole - HaRole!
|
High availability role of the connection. |
popLocation - PopLocationRefInput!
|
Identifying data for the POP location. |
privateCatoIp - IPAddress!
|
Private IP address of Cato. |
privateSiteIp - IPAddress!
|
Private IP address of the site. |
QinQVlanConfiguration - QinQVlanConfiguration
|
QinQ VLAN configuration for QinQ encapsulated connections. Applicable only to reseller accounts with private POPs. |
serviceProviderName - String!
|
Name of the service provider. Usually a partner, or a fabric service provider. |
site - SiteRefInput!
|
Identifying data for the site. |
subnet - NetworkSubnet!
|
Subnet for the connection, the BGP peering range. /30 CIDR. |
upstreamBwLimit - NetworkBandwidth!
|
Upstream bandwidth limit. |
vlan - Vlan
|
VLAN configuration for Dot1Q encapsulated connections. Applicable only to reseller accounts with private POPs. |
Example
{
"downstreamBwLimit": NetworkBandwidth,
"encapsulationMethod": "DOT1Q",
"haRole": "PRIMARY",
"popLocation": PopLocationRefInput,
"privateCatoIp": IPAddress,
"privateSiteIp": IPAddress,
"QinQVlanConfiguration": QinQVlanConfiguration,
"serviceProviderName": "abc123",
"site": SiteRefInput,
"subnet": NetworkSubnet,
"upstreamBwLimit": NetworkBandwidth,
"vlan": Vlan
}
AddCloudInterconnectPhysicalConnectionPayload
BetaDescription
Payload for adding a new physical connection to a cloud interconnect site.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
ID of the newly added connection. |
Example
{"id": 4}
AddCloudInterconnectSiteInput
BetaDescription
Input for adding a new cloud interconnect site.
Fields
| Input Field | Description |
|---|---|
description - String
|
Description of the site. |
name - String!
|
Name of the site. |
siteLocation - AddSiteLocationInput!
|
Location details of the site. |
siteType - SiteType!
|
Type of the site. Default |
Example
{
"description": "xyz789",
"name": "abc123",
"siteLocation": AddSiteLocationInput,
"siteType": "BRANCH"
}
AddCloudInterconnectSitePayload
BetaDescription
Payload for adding a new cloud interconnect site.
Fields
| Field Name | Description |
|---|---|
siteId - ID!
|
ID of the newly added site. |
Example
{"siteId": "4"}
Fields
| Input Field | Description |
|---|---|
category - [ApplicationCategoryRefInput!]
|
|
criteria - [CustomApplicationCriteriaInput!]!
|
|
description - String
|
|
name - String!
|
Example
{
"category": [ApplicationCategoryRefInput],
"criteria": [CustomApplicationCriteriaInput],
"description": "abc123",
"name": "abc123"
}
Fields
| Field Name | Description |
|---|---|
customApplication - CustomApplication!
|
Example
{"customApplication": CustomApplication}
AddIpsecIkeV2SiteInput
BetaFields
| Input Field | Description |
|---|---|
description - String
|
|
name - String!
|
The name of the site |
nativeNetworkRange - IPSubnet!
|
The native range of the site |
siteLocation - AddSiteLocationInput!
|
The location of the site |
siteType - SiteType!
|
Valid values are: BRANCH, HEADQUARTERS, CLOUD_DC, and DATACENTER. Default |
vlan - Vlan
|
VLAN ID for native range |
Example
{
"description": "abc123",
"name": "xyz789",
"nativeNetworkRange": IPSubnet,
"siteLocation": AddSiteLocationInput,
"siteType": "BRANCH",
"vlan": Vlan
}
AddIpsecIkeV2SiteMultiTunnelPayload
BetaFields
| Field Name | Description |
|---|---|
fqdn - Fqdn
|
Cato’s FQDN for the multi-tunnel |
tunnels - [AddIpsecIkeV2SiteTunnelPayload!]!
|
Example
{
"fqdn": Fqdn,
"tunnels": [AddIpsecIkeV2SiteTunnelPayload]
}
AddIpsecIkeV2SitePayload
BetaFields
| Field Name | Description |
|---|---|
siteId - ID!
|
The ID of the site |
Example
{"siteId": 4}
AddIpsecIkeV2SiteTunnelPayload
BetaFields
| Field Name | Description |
|---|---|
localId - String
|
The local ID for the tunnel |
tunnelId - IPSecV2InterfaceId
|
The ID of the tunnel |
Example
{
"localId": "abc123",
"tunnelId": "PRIMARY1"
}
AddIpsecIkeV2SiteTunnelsInput
BetaFields
| Input Field | Description |
|---|---|
primary - AddIpsecIkeV2TunnelsInput
|
The configuration of the site’s primary tunnel |
secondary - AddIpsecIkeV2TunnelsInput
|
The configuration of the site’s secondary tunnel |
Example
{
"primary": AddIpsecIkeV2TunnelsInput,
"secondary": AddIpsecIkeV2TunnelsInput
}
AddIpsecIkeV2SiteTunnelsPayload
BetaFields
| Field Name | Description |
|---|---|
primary - AddIpsecIkeV2SiteMultiTunnelPayload
|
Cato’s FQDN for the primary tunnel |
secondary - AddIpsecIkeV2SiteMultiTunnelPayload
|
Cato’s FQDN for the secondary tunnel |
siteId - ID!
|
The ID of the site |
Example
{
"primary": AddIpsecIkeV2SiteMultiTunnelPayload,
"secondary": AddIpsecIkeV2SiteMultiTunnelPayload,
"siteId": "4"
}
AddIpsecIkeV2TunnelInput
BetaFields
| Input Field | Description |
|---|---|
lastMileBw - LastMileBwInput
|
The maximum allowed bandwidth for the site. If not specified, it will be set according to the site license. If the ISP provided bandwidth is below the site bandwidth, set this parameter to the ISP bandwidth or below |
name - String
|
Tunnel name |
privateCatoIp - IPAddress
|
Cato’s private IP, used for BGP routing. Applicable for sites using BGP only |
privateSiteIp - IPAddress
|
Site private IP, used for BGP routing. Applicable for sites using BGP only |
psk - String!
|
Pre-shared key. This field is write-only. |
publicSiteIp - IPAddress
|
The public IP address where the IPsec tunnel is initiated |
role - IPSecV2TunnelRole
|
Tunnel role |
Example
{
"lastMileBw": LastMileBwInput,
"name": "xyz789",
"privateCatoIp": IPAddress,
"privateSiteIp": IPAddress,
"psk": "abc123",
"publicSiteIp": IPAddress,
"role": "WAN1"
}
AddIpsecIkeV2TunnelsInput
BetaFields
| Input Field | Description |
|---|---|
destinationType - DestinationType
|
The destination type of the IPsec tunnel |
popLocationId - ID
|
The PoP location ID |
publicCatoIpId - ID
|
The ID of the public IP (Allocated IP) of the Cato PoP to which the tunnel will connect. This will be the source-IP of the traffic transmitted to the Cato cloud over this tunnel when egressing the Cato Cloud |
tunnels - [AddIpsecIkeV2TunnelInput!]!
|
Example
{
"destinationType": "FQDN",
"popLocationId": "4",
"publicCatoIpId": "4",
"tunnels": [AddIpsecIkeV2TunnelInput]
}
AddNetworkRangeInput
Fields
| Input Field | Description |
|---|---|
azureFloatingIp - IPAddress
|
Only relevant for AZURE HA sites |
dhcpSettings - NetworkDhcpSettingsInput
|
Only relevant for NATIVE, VLAN rangeType |
gateway - IPAddress
|
Only relevant for ROUTED_ROUTE rangeType |
internetOnly - Boolean
|
|
localIp - IPAddress
|
Only relevant for NATIVE, SECONDARY_NATIVE, DIRECT_ROUTE, VLAN rangeType |
mdnsReflector - Boolean
|
BETA - Only relevant for NATIVE, DIRECT_ROUTE and VLAN rangeType |
name - String!
|
|
rangeType - SubnetType!
|
|
subnet - IPSubnet!
|
|
translatedSubnet - IPSubnet
|
|
vlan - Int
|
Only relevant for VLAN network rangeType |
Example
{
"azureFloatingIp": IPAddress,
"dhcpSettings": NetworkDhcpSettingsInput,
"gateway": IPAddress,
"internetOnly": true,
"localIp": IPAddress,
"mdnsReflector": false,
"name": "xyz789",
"rangeType": "Direct",
"subnet": IPSubnet,
"translatedSubnet": IPSubnet,
"vlan": 987
}
AddNetworkRangePayload
Fields
| Field Name | Description |
|---|---|
networkRangeId - ID!
|
Example
{"networkRangeId": 4}
AddPartnerAccessRequestInput
BetaDescription
Input for creating a partner account access request.
Fields
| Input Field | Description |
|---|---|
accounts - [AccountRefInput!]
|
Target accounts. |
admins - [AdminRefInput!]
|
Admins included in the request. |
expirationDate - DateTime!
|
Expiration date. |
groups - [UsersGroupRefInput]!
|
User groups included in the request. Default |
isAppliedOnAllFullyManagedAccounts - Boolean
|
Apply to all fully managed accounts. |
partner - AccountRefInput!
|
Partner account. |
partnerNote - String
|
Note from the partner. |
reason - String
|
Reason for the request. |
roles - [RBACRoleRefInput!]!
|
Roles included in the request. |
supportLink - String
|
Support link. |
Example
{
"accounts": [AccountRefInput],
"admins": [AdminRefInput],
"expirationDate": "2007-12-03T10:15:30Z",
"groups": [UsersGroupRefInput],
"isAppliedOnAllFullyManagedAccounts": true,
"partner": AccountRefInput,
"partnerNote": "abc123",
"reason": "xyz789",
"roles": [RBACRoleRefInput],
"supportLink": "abc123"
}
AddPartnerAccessRequestPayload
BetaDescription
Output for creating a partner account access request.
Fields
| Field Name | Description |
|---|---|
invitation - [ExternalAccessRequest!]!
|
Created access requests. |
Example
{"invitation": [ExternalAccessRequest]}
AddSecondaryAwsVSocketInput
BetaFields
| Input Field | Description |
|---|---|
eniIpAddress - IPAddress!
|
The IP address of LAN interface |
eniIpSubnet - NetworkSubnet!
|
The subnet of the LAN interface |
routeTableId - String!
|
The ID of the LAN route table |
site - SiteRefInput!
|
Information about the site where the secondary AWS VSocket is being added. |
Example
{
"eniIpAddress": IPAddress,
"eniIpSubnet": NetworkSubnet,
"routeTableId": "xyz789",
"site": SiteRefInput
}
AddSecondaryAwsVSocketPayload
BetaFields
| Field Name | Description |
|---|---|
id - ID!
|
The secondary socket id |
Example
{"id": "4"}
AddSecondaryAzureVSocketInput
BetaFields
| Input Field | Description |
|---|---|
floatingIp - IPAddress!
|
The floating IP address |
interfaceIp - IPAddress!
|
The IP address of the interface |
site - SiteRefInput!
|
Information about the site where the secondary Azure VSocket is being added. |
Example
{
"floatingIp": IPAddress,
"interfaceIp": IPAddress,
"site": SiteRefInput
}
AddSecondaryAzureVSocketPayload
BetaFields
| Field Name | Description |
|---|---|
id - ID!
|
The secondary socket id |
Example
{"id": 4}
Fields
| Input Field | Description |
|---|---|
gcpConfig - GcpConfigInput!
|
|
site - SiteRefInput!
|
Example
{
"gcpConfig": GcpConfigInput,
"site": SiteRefInput
}
Fields
| Field Name | Description |
|---|---|
socketInfo - GcpVSocketInfo!
|
Example
{"socketInfo": GcpVSocketInfo}
AddServicePrincipalAdminInput
Fields
| Input Field | Description |
|---|---|
email - String
|
|
managedRoles - [UpdateAdminRoleInput!]
|
|
name - String!
|
|
resellerRoles - [UpdateAdminRoleInput!]
|
Example
{
"email": "xyz789",
"managedRoles": [UpdateAdminRoleInput],
"name": "abc123",
"resellerRoles": [UpdateAdminRoleInput]
}
AddServicePrincipalAdminPayload
Fields
| Field Name | Description |
|---|---|
adminID - ID!
|
Example
{"adminID": 4}
AddSiteLocationInput
Example
{
"address": "xyz789",
"city": "abc123",
"countryCode": "abc123",
"stateCode": "xyz789",
"timezone": "abc123"
}
AddSocketAddOnCardInput
BetaFields
| Input Field | Description |
|---|---|
addOns - [SocketAddOnCardInput!]!
|
|
site - SiteRefInput!
|
Example
{
"addOns": [SocketAddOnCardInput],
"site": SiteRefInput
}
AddSocketAddOnCardPayload
BetaFields
| Field Name | Description |
|---|---|
addOns - [SocketAddOnCard!]!
|
Example
{"addOns": [SocketAddOnCard]}
AddSocketSiteInput
Fields
| Input Field | Description |
|---|---|
connectionType - SiteConnectionTypeEnum!
|
|
description - String
|
|
name - String!
|
The name of the site |
nativeNetworkRange - IPSubnet!
|
The native range of the site |
siteLocation - AddSiteLocationInput!
|
The location of the site |
siteType - SiteType!
|
Valid values are: BRANCH, HEADQUARTERS, CLOUD_DC, and DATACENTER. Default |
translatedSubnet - IPSubnet
|
|
vlan - Vlan
|
VLAN ID for native range |
Example
{
"connectionType": "SOCKET_AWS1500",
"description": "abc123",
"name": "xyz789",
"nativeNetworkRange": IPSubnet,
"siteLocation": AddSiteLocationInput,
"siteType": "BRANCH",
"translatedSubnet": IPSubnet,
"vlan": Vlan
}
AddSocketSitePayload
Fields
| Field Name | Description |
|---|---|
siteId - ID!
|
Example
{"siteId": "4"}
AddStaticHostInput
Fields
| Input Field | Description |
|---|---|
ip - IPAddress!
|
|
macAddress - String
|
|
name - String!
|
Example
{
"ip": IPAddress,
"macAddress": "xyz789",
"name": "abc123"
}
AddStaticHostPayload
Fields
| Field Name | Description |
|---|---|
hostId - ID!
|
Example
{"hostId": "4"}
AddStoryCommentInput
BetaFields
| Input Field | Description |
|---|---|
author - String
|
The author of the comment |
storyId - ID!
|
The relevant Story |
text - String!
|
Enter the text for the XDR story comment |
type - CommentType
|
The comment type Default |
Example
{
"author": "xyz789",
"storyId": "4",
"text": "xyz789",
"type": "MANAGED_SERVICE"
}
AddStoryCommentPayload
BetaFields
| Field Name | Description |
|---|---|
comment - StoryComment!
|
Add a new comment to the XDR story |
Example
{"comment": StoryComment}
Description
Input for creating a new ZTNA App Connector
Fields
| Input Field | Description |
|---|---|
description - String
|
Optional description of the ZTNA App Connector (max 250 characters) |
groupName - String!
|
name of the ZTNA App Connector group. if not exists, it will be created |
location - ZtnaAppConnectorLocationInput!
|
Physical location of the connector |
name - String!
|
|
preferredPopLocation - ZtnaAppConnectorPreferredPopLocationInput!
|
Preferred PoP locations settings Default |
type - ZtnaAppConnectorType!
|
Connector type |
Example
{
"description": "abc123",
"groupName": "xyz789",
"location": ZtnaAppConnectorLocationInput,
"name": "xyz789",
"preferredPopLocation": ZtnaAppConnectorPreferredPopLocationInput,
"type": "PHYSICAL"
}
Fields
| Field Name | Description |
|---|---|
ztnaAppConnector - ZtnaAppConnector!
|
Example
{"ztnaAppConnector": ZtnaAppConnector}
Description
Input for creating ZTNA App Connectors configuration. If not provided, default ranges will be used (100.64.0.0/16 for Private Apps Service, 100.65.0.0/16 for App Connector Service).
Fields
| Input Field | Description |
|---|---|
appConnectorManagementRange - NetworkSubnet!
|
App Connector Management range (must be /16, e.g., 100.65.0.0/16). Defaults to 100.65.0.0/16 if not provided. |
privateAppsServiceRange - NetworkSubnet!
|
Private Apps Service range (must be /16, e.g., 100.64.0.0/16). Defaults to 100.64.0.0/16 if not provided. |
Example
{
"appConnectorManagementRange": NetworkSubnet,
"privateAppsServiceRange": NetworkSubnet
}
Description
Payload returned after creating ZTNA App Connectors configuration.
Fields
| Field Name | Description |
|---|---|
ztnaAppConnectorsConfiguration - ZtnaAppConnectorsConfiguration!
|
Created configuration |
Example
{
"ztnaAppConnectorsConfiguration": ZtnaAppConnectorsConfiguration
}
AddressValidationStatus
BetaValues
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"INVALID"
Admin
Description
A CC2 administrator
Fields
| Field Name | Description |
|---|---|
adminType - AdminType
|
|
allowedItems - [Entity!]
|
|
creationDate - DateTime
|
|
email - String
|
|
firstName - String
|
|
id - ID!
|
|
lastName - String
|
|
managedRoles - [AdminRole!]
|
|
mfaEnabled - Boolean
|
|
modifyDate - DateTime
|
|
nativeAccountID - ID
|
|
passwordNeverExpires - Boolean
|
|
presentUsageAndEvents - Boolean
|
|
resellerRoles - [AdminRole!]
|
|
role - UserRole
|
|
status - OperationalStatus
|
|
version - String!
|
Example
{
"adminType": "LOGIN",
"allowedItems": [Entity],
"creationDate": "2007-12-03T10:15:30Z",
"email": "abc123",
"firstName": "abc123",
"id": "4",
"lastName": "xyz789",
"managedRoles": [AdminRole],
"mfaEnabled": false,
"modifyDate": "2007-12-03T10:15:30Z",
"nativeAccountID": 4,
"passwordNeverExpires": true,
"presentUsageAndEvents": true,
"resellerRoles": [AdminRole],
"role": "EDITOR",
"status": "active",
"version": "abc123"
}
AdminRef
BetaAdminRefInput
Fields
| Input Field | Description |
|---|---|
by - ObjectRefBy!
|
|
input - String!
|
Example
{"by": "ID", "input": "abc123"}
AdminRole
AdminType
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"LOGIN"
AdminsResult
AdspLicense
BetaDescription
App & Data Security Package (ADSP) service license details
Fields
| Field Name | Description |
|---|---|
description - String
|
|
expirationDate - DateTime!
|
License expiration date |
id - ID
|
The unique identifier for the license. If this value is not available, you can contact Cato Support, who may be able to assist in retrieving it. |
lastUpdated - DateTime
|
The date of the last update to the license |
plan - LicensePlan!
|
License plan type |
sku - LicenseSku!
|
The license SKU |
startDate - DateTime
|
License start date |
status - LicenseStatus!
|
License activation status |
Example
{
"description": "abc123",
"expirationDate": "2007-12-03T10:15:30Z",
"id": 4,
"lastUpdated": "2007-12-03T10:15:30Z",
"plan": "COMMERCIAL",
"sku": "CATO_ADSP",
"startDate": "2007-12-03T10:15:30Z",
"status": "ACTIVE"
}
AdvancedStringFilterInput
BetaAggregationType
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"any"
AiOperationsIncident
BetaFields
| Field Name | Description |
|---|---|
accountOperationIncident - AccountOperationsIncident
|
|
analystFeedback - AnalystFeedback
|
|
categories - [IncidentCategory!]!
|
|
connectionType - ConnectionTypeEnum
|
|
criticality - Int
|
|
description - String
|
|
engineType - StoryEngineTypeEnum
|
|
entities - [IncidentEntity!]!
|
|
eventsGraphQuery - EventsGraphQuery
|
|
firstSignal - DateTime!
|
|
flowLastTime - DateTime!
|
use 'lastSignal' instead |
flowStartTime - DateTime!
|
use 'firstSignal' instead |
id - ID!
|
|
indication - String!
|
|
ioa - String!
|
'ioa' is deprecated, use 'indication' instead |
lastSignal - DateTime!
|
|
muted - Boolean!
|
|
occurrences - Int
|
|
predictedThreatType - String
|
|
predictedVerdict - StoryVerdictEnum
|
|
producer - StoryProducerEnum!
|
use 'producerType' instead |
producerName - String!
|
|
producerType - StoryProducerEnum!
|
|
queryName - String
|
|
research - Boolean
|
|
riskScore - Int!
|
'riskScore' is deprecated, use 'criticality' instead |
similarStoriesData - [SimilarStoryData!]!
|
|
site - SiteRef
|
|
siteName - String
|
'siteName' is deprecated, use 'site.name' instead |
source - String
|
|
sourceIp - String
|
|
status - StoryStatusEnum
|
|
storyDuration - Int
|
|
ticket - String
|
|
type - AiOperationsIncidentTypeEnum
|
|
user - UserRef
|
|
vendor - VendorEnum
|
Example
{
"accountOperationIncident": AccountOperationsIncident,
"analystFeedback": AnalystFeedback,
"categories": ["OPERATIONAL"],
"connectionType": "Host",
"criticality": 987,
"description": "xyz789",
"engineType": "ANOMALY",
"entities": [IncidentEntity],
"eventsGraphQuery": EventsGraphQuery,
"firstSignal": "2007-12-03T10:15:30Z",
"flowLastTime": "2007-12-03T10:15:30Z",
"flowStartTime": "2007-12-03T10:15:30Z",
"id": 4,
"indication": "xyz789",
"ioa": "abc123",
"lastSignal": "2007-12-03T10:15:30Z",
"muted": false,
"occurrences": 987,
"predictedThreatType": "xyz789",
"predictedVerdict": "Benign",
"producer": "AnomalyEvents",
"producerName": "xyz789",
"producerType": "AnomalyEvents",
"queryName": "abc123",
"research": false,
"riskScore": 123,
"similarStoriesData": [SimilarStoryData],
"site": SiteRef,
"siteName": "abc123",
"source": "abc123",
"sourceIp": "xyz789",
"status": "Closed",
"storyDuration": 987,
"ticket": "xyz789",
"type": "Account",
"user": UserRef,
"vendor": "CATO"
}
AiOperationsIncidentTypeEnum
Values
| Enum Value | Description |
|---|---|
|
|
Example
"Account"
AiOperationsPlaybook
AiSecurityAttributes
BetaFields
| Field Name | Description |
|---|---|
dataUsagePolicy - AiSecurityDataUsagePolicy
|
|
risk - AiSecurityRisk
|
|
scope - AiSecurityScope
|
Example
{
"dataUsagePolicy": AiSecurityDataUsagePolicy,
"risk": "CRITICAL",
"scope": "EMBEDDED"
}
AiSecurityDataProfileRef
BetaAiSecurityDataUsagePolicy
BetaFields
| Field Name | Description |
|---|---|
description - String
|
|
reference - String
|
|
referenceType - String
|
|
referenceUrl - String
|
|
type - AiSecurityDataUsagePolicyType
|
Example
{
"description": "xyz789",
"reference": "xyz789",
"referenceType": "abc123",
"referenceUrl": "xyz789",
"type": "GENERAL_DATA_USAGE"
}
AiSecurityDataUsagePolicyType
BetaValues
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"GENERAL_DATA_USAGE"
AiSecurityGuardRef
BetaAiSecurityRisk
BetaValues
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"CRITICAL"
AiSecurityScope
BetaValues
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"EMBEDDED"
AlertClassificationEnum
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"FALSE_POSITIVE"
AlertDeterminationEnum
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"APT"
AllocatedIpRef
BetaAllocatedIpRefInput
BetaFields
| Input Field | Description |
|---|---|
by - ObjectRefBy!
|
|
input - String!
|
Example
{"by": "ID", "input": "xyz789"}
AllowlistRuleRef
BetaAnalystFeedback
BetaFields
| Field Name | Description |
|---|---|
additionalInfo - String
|
|
severity - SeverityEnum
|
|
threatClassification - String
|
|
threatType - AnalystFeedbackThreatType
|
|
verdict - StoryVerdictEnum
|
Example
{
"additionalInfo": "xyz789",
"severity": "High",
"threatClassification": "xyz789",
"threatType": AnalystFeedbackThreatType,
"verdict": "Benign"
}
AnalystFeedbackInput
BetaFields
| Input Field | Description |
|---|---|
additionalInfo - String
|
Free text for the analyst to enter additional information about the XDR story |
severity - SeverityEnum
|
Enum for analyst to assign the severity of a Malicious XDR story |
status - StoryStatusEnum
|
Enum for the current status of the XDR story. |
storyId - ID!
|
The relevant Story |
threatClassification - String
|
More detailed description of the type of threat. For example, the Anonymizer threatType can be assigned the Bitorrent Client threatClassification. |
threatType - StoryThreatType
|
Type of threat for the XDR story that is assigned by the analyst |
verdict - StoryVerdictEnum
|
Enum for analyst to assign the verdict of the XDR story |
Example
{
"additionalInfo": "abc123",
"severity": "High",
"status": "Closed",
"storyId": 4,
"threatClassification": "abc123",
"threatType": StoryThreatType,
"verdict": "Benign"
}
AnalystFeedbackPayload
BetaFields
| Field Name | Description |
|---|---|
story - Story
|
Data related to the actions and information that an analyst adds to the XDR story |
Example
{"story": Story}
AnalystFeedbackThreatType
BetaAnalystInfo
BetaAnnotationType
Values
| Enum Value | Description |
|---|---|
|
|
Other events that are included in annotations |
|
|
The site connects to a different PoP |
|
|
The ISP IP address (remote IP) changed |
|
|
Change for HA status role |
Example
"generic"
Anomalies
BetaFields
| Field Name | Description |
|---|---|
id - ID!
|
|
firstSignal - DateTime!
|
|
lastSignal - DateTime!
|
|
engineType - StoryEngineTypeEnum
|
|
vendor - VendorEnum
|
|
producer - StoryProducerEnum!
|
use 'producerType' instead |
producerType - StoryProducerEnum!
|
|
producerName - String!
|
|
connectionType - ConnectionTypeEnum
|
|
indication - String!
|
|
queryName - String
|
|
source - String
|
|
criticality - Int
|
|
ticket - String
|
|
status - StoryStatusEnum
|
|
research - Boolean
|
|
siteName - String
|
'siteName' is deprecated, use 'site.name' instead |
storyDuration - Int
|
|
description - String
|
|
analystFeedback - AnalystFeedback
|
|
site - SiteRef
|
|
user - UserRef
|
|
sourceIp - String
|
|
similarStoriesData - [SimilarStoryData!]!
|
|
predictedVerdict - StoryVerdictEnum
|
|
predictedThreatType - String
|
|
categories - [IncidentCategory!]!
|
|
entities - [IncidentEntity!]!
|
|
muted - Boolean!
|
|
direction - String
|
Possible Types
| Anomalies Types |
|---|
Example
{
"id": "4",
"firstSignal": "2007-12-03T10:15:30Z",
"lastSignal": "2007-12-03T10:15:30Z",
"engineType": "ANOMALY",
"vendor": "CATO",
"producer": "AnomalyEvents",
"producerType": "AnomalyEvents",
"producerName": "abc123",
"connectionType": "Host",
"indication": "xyz789",
"queryName": "abc123",
"source": "abc123",
"criticality": 987,
"ticket": "abc123",
"status": "Closed",
"research": false,
"siteName": "abc123",
"storyDuration": 123,
"description": "abc123",
"analystFeedback": AnalystFeedback,
"site": SiteRef,
"user": UserRef,
"sourceIp": "xyz789",
"similarStoriesData": [SimilarStoryData],
"predictedVerdict": "Benign",
"predictedThreatType": "xyz789",
"categories": ["OPERATIONAL"],
"entities": [IncidentEntity],
"muted": false,
"direction": "xyz789"
}
AnomalyEvents
BetaDescription
The AnomalyEvents object represents a data structure used in GraphQL queries or mutations, containing fields related to security anomalies, such as analyst feedback, connection type, criticality, description, and various identifiers and metrics, to provide detailed information about potential security incidents.
Fields
| Field Name | Description |
|---|---|
analystFeedback - AnalystFeedback
|
|
breakdownField - String
|
|
categories - [IncidentCategory!]!
|
|
clientClass - [String!]!
|
|
connectionType - ConnectionTypeEnum
|
|
criticality - Int
|
|
description - String
|
|
deviceName - String
|
|
direction - String
|
|
drillDownFilter - [StoryDrillDownFilter!]
|
|
engineType - StoryEngineTypeEnum
|
|
entities - [IncidentEntity!]!
|
|
extra - [Extra!]
|
|
firstSignal - DateTime!
|
|
gaussian - Gaussian
|
|
id - ID!
|
|
indication - String!
|
|
lastSignal - DateTime!
|
|
logonName - String
|
|
macAddress - String
|
|
metric - Metric
|
|
metricDetails - MetricDetails
|
|
mitres - [Mitre!]
|
|
muted - Boolean!
|
|
os - String
|
|
predictedThreatType - String
|
|
predictedVerdict - StoryVerdictEnum
|
|
producer - StoryProducerEnum!
|
use 'producerType' instead |
producerName - String!
|
|
producerType - StoryProducerEnum!
|
|
queryName - String
|
|
research - Boolean
|
|
rules - [String!]
|
|
similarStoriesData - [SimilarStoryData!]!
|
|
site - SiteRef
|
|
siteName - String
|
'siteName' is deprecated, use 'site.name' instead |
source - String
|
|
sourceIp - String
|
|
srcSiteId - String
|
|
status - StoryStatusEnum
|
|
storyDuration - Int
|
|
subjectType - String
|
|
targets - [IncidentTargetRep!]!
|
|
ticket - String
|
|
timeSeries - [IncidentTimeseries!]
|
|
user - UserRef
|
|
vendor - VendorEnum
|
Example
{
"analystFeedback": AnalystFeedback,
"breakdownField": "abc123",
"categories": ["OPERATIONAL"],
"clientClass": ["xyz789"],
"connectionType": "Host",
"criticality": 987,
"description": "abc123",
"deviceName": "xyz789",
"direction": "xyz789",
"drillDownFilter": [StoryDrillDownFilter],
"engineType": "ANOMALY",
"entities": [IncidentEntity],
"extra": [Extra],
"firstSignal": "2007-12-03T10:15:30Z",
"gaussian": Gaussian,
"id": 4,
"indication": "xyz789",
"lastSignal": "2007-12-03T10:15:30Z",
"logonName": "xyz789",
"macAddress": "xyz789",
"metric": Metric,
"metricDetails": MetricDetails,
"mitres": [Mitre],
"muted": false,
"os": "xyz789",
"predictedThreatType": "xyz789",
"predictedVerdict": "Benign",
"producer": "AnomalyEvents",
"producerName": "abc123",
"producerType": "AnomalyEvents",
"queryName": "abc123",
"research": true,
"rules": ["xyz789"],
"similarStoriesData": [SimilarStoryData],
"site": SiteRef,
"siteName": "xyz789",
"source": "xyz789",
"sourceIp": "xyz789",
"srcSiteId": "abc123",
"status": "Closed",
"storyDuration": 987,
"subjectType": "abc123",
"targets": [IncidentTargetRep],
"ticket": "xyz789",
"timeSeries": [IncidentTimeseries],
"user": UserRef,
"vendor": "CATO"
}
AnomalyStats
BetaDescription
The AnomalyStats object is a GraphQL type that represents statistical data related to anomalies, including fields such as analyst feedback, connection type, criticality, device information, and various metrics, along with associated metadata like timestamps, status, and predicted verdicts.
Fields
| Field Name | Description |
|---|---|
analystFeedback - AnalystFeedback
|
|
breakdownField - String
|
|
categories - [IncidentCategory!]!
|
|
clientClass - [String!]!
|
|
connectionType - ConnectionTypeEnum
|
|
criticality - Int
|
|
description - String
|
|
deviceName - String
|
|
direction - String
|
|
drillDownFilter - [StoryDrillDownFilter!]
|
|
engineType - StoryEngineTypeEnum
|
|
entities - [IncidentEntity!]!
|
|
extra - [Extra!]
|
|
firstSignal - DateTime!
|
|
gaussian - Gaussian
|
|
id - ID!
|
|
indication - String!
|
|
lastSignal - DateTime!
|
|
logonName - String
|
|
macAddress - String
|
|
metric - Metric
|
|
metricDetails - MetricDetails
|
|
mitres - [Mitre!]
|
|
muted - Boolean!
|
|
os - String
|
|
predictedThreatType - String
|
|
predictedVerdict - StoryVerdictEnum
|
|
producer - StoryProducerEnum!
|
use 'producerType' instead |
producerName - String!
|
|
producerType - StoryProducerEnum!
|
|
queryName - String
|
|
research - Boolean
|
|
rules - [String!]
|
|
similarStoriesData - [SimilarStoryData!]!
|
|
site - SiteRef
|
|
siteName - String
|
'siteName' is deprecated, use 'site.name' instead |
source - String
|
|
sourceIp - String
|
|
srcSiteId - String
|
|
status - StoryStatusEnum
|
|
storyDuration - Int
|
|
subjectType - String
|
|
targets - [IncidentTargetRep!]!
|
|
ticket - String
|
|
timeSeries - [IncidentTimeseries!]
|
|
user - UserRef
|
|
vendor - VendorEnum
|
Example
{
"analystFeedback": AnalystFeedback,
"breakdownField": "xyz789",
"categories": ["OPERATIONAL"],
"clientClass": ["abc123"],
"connectionType": "Host",
"criticality": 987,
"description": "abc123",
"deviceName": "abc123",
"direction": "abc123",
"drillDownFilter": [StoryDrillDownFilter],
"engineType": "ANOMALY",
"entities": [IncidentEntity],
"extra": [Extra],
"firstSignal": "2007-12-03T10:15:30Z",
"gaussian": Gaussian,
"id": "4",
"indication": "abc123",
"lastSignal": "2007-12-03T10:15:30Z",
"logonName": "abc123",
"macAddress": "xyz789",
"metric": Metric,
"metricDetails": MetricDetails,
"mitres": [Mitre],
"muted": true,
"os": "abc123",
"predictedThreatType": "abc123",
"predictedVerdict": "Benign",
"producer": "AnomalyEvents",
"producerName": "xyz789",
"producerType": "AnomalyEvents",
"queryName": "abc123",
"research": false,
"rules": ["abc123"],
"similarStoriesData": [SimilarStoryData],
"site": SiteRef,
"siteName": "abc123",
"source": "abc123",
"sourceIp": "abc123",
"srcSiteId": "xyz789",
"status": "Closed",
"storyDuration": 987,
"subjectType": "xyz789",
"targets": [IncidentTargetRep],
"ticket": "xyz789",
"timeSeries": [IncidentTimeseries],
"user": UserRef,
"vendor": "CATO"
}
AntiMalwareFileHashAction
BetaValues
| Enum Value | Description |
|---|---|
|
|
Block file download by filehash action |
|
|
Bypass file download by filehash action |
Example
"BLOCK"
AntiMalwareFileHashAddRuleDataInput
BetaFields
| Input Field | Description |
|---|---|
action - AntiMalwareFileHashAction!
|
The action when the file hash is matched: [BLOCK | BYPASS] Default |
description - String!
|
|
enabled - Boolean!
|
|
expirationDate - DateTime!
|
The date when the block or bypass action expires |
fileName - String!
|
The name of the file |
name - String!
|
|
sha256 - SHA_256!
|
The file's unique SHA-256 hash identifier |
Example
{
"action": "BLOCK",
"description": "xyz789",
"enabled": false,
"expirationDate": "2007-12-03T10:15:30Z",
"fileName": "xyz789",
"name": "abc123",
"sha256": SHA_256
}
AntiMalwareFileHashAddRuleInput
BetaFields
| Input Field | Description |
|---|---|
at - PolicyRulePositionInput
|
Position of the rule in the policy |
rule - AntiMalwareFileHashAddRuleDataInput!
|
Parameters for the rule you are adding |
Example
{
"at": PolicyRulePositionInput,
"rule": AntiMalwareFileHashAddRuleDataInput
}
AntiMalwareFileHashPolicy
BetaFields
| Field Name | Description |
|---|---|
audit - PolicyAudit
|
|
enabled - Boolean!
|
|
revision - PolicyRevision
|
|
rules - [AntiMalwareFileHashRulePayload!]!
|
|
sections - [PolicySectionPayload!]!
|
Example
{
"audit": PolicyAudit,
"enabled": true,
"revision": PolicyRevision,
"rules": [AntiMalwareFileHashRulePayload],
"sections": [PolicySectionPayload]
}
AntiMalwareFileHashPolicyInput
BetaFields
| Input Field | Description |
|---|---|
revision - PolicyRevisionInput
|
A revision is a specific instance of the policy. Unpublished revisions are working copies of the policy available to a specific admin or a set of admins Published revisions are revisions that were applied to the account network. The last published revision is the active policy. |
Example
{"revision": PolicyRevisionInput}
AntiMalwareFileHashPolicyMutationInput
Fields
| Input Field | Description |
|---|---|
revision - PolicyMutationRevisionInput
|
Example
{"revision": PolicyMutationRevisionInput}
AntiMalwareFileHashPolicyMutationPayload
BetaFields
| Field Name | Description |
|---|---|
errors - [PolicyMutationError!]!
|
|
policy - AntiMalwareFileHashPolicy
|
|
status - PolicyMutationStatus!
|
Example
{
"errors": [PolicyMutationError],
"policy": AntiMalwareFileHashPolicy,
"status": "FAILURE"
}
AntiMalwareFileHashPolicyUpdateInput
BetaFields
| Input Field | Description |
|---|---|
state - PolicyToggleState
|
Example
{"state": "DISABLED"}
AntiMalwareFileHashRemoveRuleInput
BetaFields
| Input Field | Description |
|---|---|
id - ID!
|
Example
{"id": "4"}
AntiMalwareFileHashRule
BetaFields
| Field Name | Description |
|---|---|
action - AntiMalwareFileHashAction!
|
The action when the file hash is matched: [BLOCK | BYPASS] |
description - String!
|
Description for the rule |
enabled - Boolean!
|
TRUE = Rule is enabled FALSE = Rule is disabled |
expirationDate - DateTime!
|
The date when the block or bypass action expires |
fileName - String!
|
The name of the file |
id - ID!
|
Rule ID |
index - Int!
|
Position / priority of rule |
name - String!
|
Name of the rule |
section - PolicySectionInfo!
|
Policy section where the rule is located |
sha256 - SHA_256!
|
The file's unique SHA-256 hash identifier |
Example
{
"action": "BLOCK",
"description": "xyz789",
"enabled": false,
"expirationDate": "2007-12-03T10:15:30Z",
"fileName": "abc123",
"id": 4,
"index": 987,
"name": "xyz789",
"section": PolicySectionInfo,
"sha256": SHA_256
}
AntiMalwareFileHashRuleMutationPayload
BetaFields
| Field Name | Description |
|---|---|
errors - [PolicyMutationError!]!
|
|
rule - AntiMalwareFileHashRulePayload
|
|
status - PolicyMutationStatus!
|
Example
{
"errors": [PolicyMutationError],
"rule": AntiMalwareFileHashRulePayload,
"status": "FAILURE"
}
AntiMalwareFileHashRulePayload
BetaFields
| Field Name | Description |
|---|---|
audit - PolicyElementAudit!
|
|
properties - [PolicyElementPropertiesEnum!]!
|
|
rule - AntiMalwareFileHashRule!
|
Example
{
"audit": PolicyElementAudit,
"properties": ["ADDED"],
"rule": AntiMalwareFileHashRule
}
AntiMalwareFileHashUpdateRuleDataInput
BetaFields
| Input Field | Description |
|---|---|
action - AntiMalwareFileHashAction
|
The action when the file hash is matched: [BLOCK | BYPASS] |
description - String
|
|
enabled - Boolean
|
|
expirationDate - DateTime
|
The date when the block or bypass action expires |
fileName - String
|
The name of the file |
name - String
|
|
sha256 - SHA_256
|
The file's unique SHA-256 hash identifier |
Example
{
"action": "BLOCK",
"description": "xyz789",
"enabled": false,
"expirationDate": "2007-12-03T10:15:30Z",
"fileName": "xyz789",
"name": "xyz789",
"sha256": SHA_256
}
AntiMalwareFileHashUpdateRuleInput
BetaFields
| Input Field | Description |
|---|---|
id - ID!
|
|
rule - AntiMalwareFileHashUpdateRuleDataInput!
|
Example
{"id": 4, "rule": AntiMalwareFileHashUpdateRuleDataInput}
AntiTamperModeEnum
BetaDescription
Specifies the level of protection against tampering
Values
| Enum Value | Description |
|---|---|
|
|
Tampering attempts are logged, but changes are permitted |
|
|
No protection. Users are allowed to make changes |
|
|
Changes are blocked. Users are not allowed to make modifications |
Example
"MONITOR"
ApiKeyRef
BetaApnMethod
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"METHOD_AUTO"
AppStats
AppStatsField
Fields
| Field Name | Description |
|---|---|
name - AppStatsFieldName!
|
|
value - Value!
|
Example
{"name": "account_id", "value": StringValue}
AppStatsFieldName
Values
| Enum Value | Description |
|---|---|
|
|
Account ID. CMA Name: Account ID |
|
|
Account name. CMA Name: Account Name |
|
|
Firewall decision on this flow (Block/Allow). CMA Name: Action |
|
|
Active Directory name. CMA Name: Ad Name |
|
|
AI Proxy rule name. CMA Name: AI Proxy Rule Name |
|
|
Application ID of the flow, in legacy format. CMA Name: Appid use application_id instead. Planned end-of-life (EoL) date: June 30, 2026. |
|
|
The application identifier. CMA Name: Application use application_name instead. Planned end-of-life (EoL) date: June 30, 2026. |
|
|
Description of the application. CMA Name: Application Description |
|
|
Application ID of the flow. CMA Name: Application ID |
|
|
Application of the flow. CMA Name: Application Name |
|
|
Application risk level based on the application risk score. CMA Name: Application Risk Level |
|
|
Risk score of the application, based on Cato's risk assessment. CMA Name: Application Risk Score |
|
|
Application type (Custom, Private or System). CMA Name: Application Type |
|
|
Cato system category. CMA Name: Categories |
|
|
Cato system category of the application. CMA Name: Category use categories instead. Planned end-of-life (EoL) date: June 30, 2026. |
|
|
Type of process generating this traffic. CMA Name: Client Class |
|
|
Socket or SDP Client version. CMA Name: Client Version |
|
|
For hosts configured with a static IP in the Cato Management Application, the host name. CMA Name: Configured Host Name |
|
|
Connection Origin. CMA Name: Connection Origin |
|
|
Application description. CMA Name: Description use application_description instead. Planned end-of-life (EoL) date: June 30, 2026. |
|
|
For Internet traffic, country where the destination host is located. CMA Name: Destination Country |
|
|
Destination domain (FQDN-like) based on the SSL SNI, HTTP host name, or DNS name. CMA Name: Dest Domain |
|
|
Destination endpoint type (Site, SDP User, App Connector, or OOB). CMA Name: Destination Endpoint Type |
|
|
For Internet traffic, destination host IP address. CMA Name: Dest Ip |
|
|
For WAN traffic, destination is site or SDP user. CMA Name: Dest Is Site Or Vpn |
|
|
Destination port. CMA Name: Destination Port |
|
|
Destination Site or VPN user ID (proto). CMA Name: Dest Site |
|
|
Unique internal Cato ID for the destination site or remote user. CMA Name: Dest Site ID |
|
|
For Internet traffic, destination host IP address. CMA Name: Dest Site Name |
|
|
Device Categories. CMA Name: Device Category |
|
|
The device compliance state at the time of the event, as reported by Intune. CMA Name: Device Compliance State |
|
|
Unique Cato ID for devices. CMA Name: Device ID |
|
|
Device Manufacturer. CMA Name: Device Manufacturer |
|
|
Device Model. CMA Name: Device Model |
|
|
Name for device related to the traffic. CMA Name: Device Name |
|
|
Device OS Type. CMA Name: Device OS Type |
|
|
Device posture profiles. CMA Name: Device Posture Profile |
|
|
Device Type. CMA Name: Device Type |
|
|
Total SaaS apps discovered ever until the To in the timeframe. CMA Name: Discovered App |
|
|
Domain name. CMA Name: Domain Name use tld instead. Planned end-of-life (EoL) date: July 1, 2026. |
|
|
Bytes sent from the destination to the host. CMA Name: Downstream |
|
|
Duration of the flow in ms. Only available for native flows data integration created in the CMA. Not available in the appstats or appstatsTimeSeries API. |
|
|
Egress PoP Name. CMA Name: Egress PoP Name |
|
|
Egress Site Name for backhauling traffic. CMA Name: Egress Site |
|
|
Experience Score Level. CMA Name: Experience Score Level. Requires license: CATO_DEM |
|
|
Total bytes sent from the destination to the host for the entire flow. Only available for native flows data integration created in the CMA. Not available in the appstats or appstatsTimeSeries API. |
|
|
Total bytes (upstream + downstream) for the entire flow. Only available for native flows data integration created in the CMA. Not available in the appstats or appstatsTimeSeries API. |
|
|
Total bytes sent from the host to the destination for the entire flow. Only available for native flows data integration created in the CMA. Not available in the appstats or appstatsTimeSeries API. |
|
|
Uniquely identifies a traffic flow and enables correlation of events and other records related to the same flow. Only available for native flows data integration created in the CMA. Not available in the appstats or appstatsTimeSeries API. |
|
|
Total packets sent from the destination to the host for the entire flow. Only available for native flows data integration created in the CMA. Not available in the appstats or appstatsTimeSeries API. |
|
|
Total packets (upstream + downstream) for the entire flow. Only available for native flows data integration created in the CMA. Not available in the appstats or appstatsTimeSeries API. |
|
|
Total packets sent from the host to the destination for the entire flow. Only available for native flows data integration created in the CMA. Not available in the appstats or appstatsTimeSeries API. |
|
|
Time stamp of the flow start (Linux epoch format). Only available for native flows data integration created in the CMA. Not available in the appstats or appstatsTimeSeries API. |
|
|
Number of flows created for this event. CMA Name: Flows Created |
|
|
Full path URL application activity. CMA Name: Full Path URL |
|
|
IP address of host related to event. CMA Name: Host IP |
|
|
MAC address of host related to event. CMA Name: Host MAC Address |
|
|
Country of the application headquarters. CMA Name: Hq Location |
|
|
Percentage of HTTP errors. CMA Name: Http Failures. Requires license: CATO_DEM |
|
|
Average of HTTP connection time. CMA Name: Http Latency. Requires license: CATO_DEM |
|
|
HTTP request method (ie. Get, Post). CMA Name: Request Method |
|
|
Local IP address of the host. CMA Name: Local Ip use src_ip/dest_ip instead. Planned end-of-life (EoL) date: July 1, 2026. |
|
|
Network protocol for this event. CMA Name: IP Protocol |
|
|
Is the application a cloud application? (True/False). CMA Name: Is Cloud App |
|
|
Is last sample for flow. Only available for native flows data integration created in the CMA. Not available in the appstats or appstatsTimeSeries API. |
|
|
Is the app for this event defined as a sanctioned app? (True/False). CMA Name: Is Sanctioned App |
|
|
The ISP related to this event (when the IP address isn't provided by the ISP, then the event message is IP Addresses are assigned statically). CMA Name: ISP Name |
|
|
Matched network rule. CMA Name: Network Rule |
|
|
new_app. CMA Name: New App |
|
|
OS version for the device (such as 14.3.0). CMA Name: OS Version |
|
|
Packets sent from the destination to the host. CMA Name: Packets Downstream |
|
|
Total packet count (upstream + downstream). CMA Name: Packets Total |
|
|
Packets sent from the host to the destination. CMA Name: Packets Upstream |
|
|
Name of PoP location. CMA Name: Pop Name |
|
|
QoS Priority value. CMA Name: QoS Priority |
|
|
risk_level. CMA Name: Risk Level use application_risk_level instead. Planned end-of-life (EoL) date: June 30, 2026. |
|
|
The application risk score assigned by Cato. CMA Name: Risk Score use application_risk_score instead. Planned end-of-life (EoL) date: June 30, 2026. |
|
|
Is the application defined as sanctioned?. CMA Name: Sanctioned use is_sanctioned_app instead. Planned end-of-life (EoL) date: June 30, 2026. |
|
|
Country in which the source host is located. CMA Name: Site Country |
|
|
State in which the source host is located. CMA Name: Site State |
|
|
Name for Socket interface. CMA Name: Socket Interface |
|
|
Country in which the source host is located (detected via public IP address). CMA Name: Source Country |
|
|
Country Code of country in which the source host is located (detected via public IP address). CMA Name: Source Country Code |
|
|
Source endpoint type (Site, SDP User, App Connector, API Client, or OOB). CMA Name: Source Endpoint Type |
|
|
IP for host or Cato Client. CMA Name: Src Ip |
|
|
Source type: site or remote user. CMA Name: Src Is Site Or Vpn |
|
|
IP address provided by ISP to site or Client. CMA Name: Source ISP IP |
|
|
Internal port number. CMA Name: Source Port |
|
|
Site country code alpha2. CMA Name: Src Site Country Code |
|
|
Unique internal Cato ID for the site or remote user. CMA Name: Src Site ID |
|
|
Source site or remote user. CMA Name: Src Site Name |
|
|
Site state code. CMA Name: Src Site State |
|
|
Name of subnet as defined in Cato Management Application. CMA Name: Subnet use subnet_name instead. Planned end-of-life (EoL) date: June 30, 2026. |
|
|
Name of subnet as defined in Cato Management Application. CMA Name: Subnet Name |
|
|
Shows if traffic was TCP accelerated or not. CMA Name: TCP Acceleration |
|
|
Average of TCP connection time. CMA Name: Tcp Handshake Duration. Requires license: CATO_DEM |
|
|
Time stamp of the flow update (Human-readable format). Only available for native flows data integration created in the CMA. Not available in the appstats or appstatsTimeSeries API. |
|
|
Top Level Domain of the host name. CMA Name: Tld |
|
|
Shows if traffic was TLS inspected or not. CMA Name: TLS Inspection |
|
|
Average of TLS connection time. CMA Name: Tls Handshake Duration. Requires license: CATO_DEM |
|
|
TLS Inspection rule name. CMA Name: TLS Rule Name |
|
|
The total sum of upstream and downstream data in bytes. CMA Name: Traffic |
|
|
Direction of network traffic for this event, values are inbound or outbound. CMA Name: Traffic Direction |
|
|
Translated Client IP. CMA Name: Translated Client IP |
|
|
Translated Server IP. CMA Name: Translated Server IP |
|
|
Average of Time To First Byte. CMA Name: Ttfb. Requires license: CATO_DEM |
|
|
Bytes sent from the host to the destination. CMA Name: Upstream |
|
|
Method used to get identity with User Awareness (such as Identity Agent). CMA Name: User Awareness Method |
|
|
User ID. CMA Name: User ID |
|
|
User that generated the event. CMA Name: User Name |
|
|
User’s email address. CMA Name: SDP User Email |
|
|
User ID. CMA Name: Vpn User ID use user_id instead. Planned end-of-life (EoL) date: June 30, 2026. |
Example
"account_id"
AppStatsFilter
Fields
| Input Field | Description |
|---|---|
fieldName - AppStatsFieldName!
|
|
operator - FilterOperator!
|
|
values - [String!]!
|
Example
{
"fieldName": "account_id",
"operator": "between",
"values": ["abc123"]
}
AppStatsPostAggFilter
Fields
| Input Field | Description |
|---|---|
aggType - AggregationType!
|
|
filter - AppStatsFilter!
|
Example
{"aggType": "any", "filter": AppStatsFilter}
AppStatsRecord
Fields
| Field Name | Description |
|---|---|
fields - [AppStatsField!]
|
|
fieldsMap - Map
|
fields in map format (see Map scalar) |
fieldsUnitTypes - [UnitType!]
|
|
flatFields - [String!]
|
Simplified fields, as array of name value tuples, e.g: [ [ "name", "val" ], [ "name2", "val2" ] ... ] |
prevTimeFrame - Map
|
|
trends - Map
|
Example
{
"fields": [AppStatsField],
"fieldsMap": Map,
"fieldsUnitTypes": ["bits"],
"flatFields": ["abc123"],
"prevTimeFrame": Map,
"trends": Map
}
AppStatsSort
Fields
| Input Field | Description |
|---|---|
alias - String
|
|
fieldName - AppStatsFieldName
|
|
order - DirectionEnum!
|
Example
{
"alias": "abc123",
"fieldName": "account_id",
"order": "asc"
}
AppStatsTimeSeries
AppTenantRestrictionActionEnum
BetaDescription
Allowed actions
Values
| Enum Value | Description |
|---|---|
|
|
Do not inject any Headers nor Values for outgoing traffic |
|
|
Inject Headers and Values for outgoing traffic |
Example
"BYPASS"
AppTenantRestrictionAddRuleDataInput
BetaFields
| Input Field | Description |
|---|---|
action - AppTenantRestrictionActionEnum!
|
The action applied by the App Tenant Restriction if the rule is matched Default |
application - ApplicationRefInput!
|
Applications for the rule (pre-defined) |
description - String!
|
|
enabled - Boolean!
|
|
headers - [AppTenantRestrictionHeaderValueInput!]!
|
Headers and Values to Inject Default |
name - String!
|
|
schedule - PolicyScheduleInput!
|
The time period specifying when the rule is enabled, otherwise it is disabled. Default |
severity - AppTenantRestrictionSeverityEnum!
|
Severity defined for the rule Default |
source - AppTenantRestrictionSourceInput!
|
Source traffic matching criteria. Logical ‘OR’ is applied within the criteria set. Logical ‘AND’ is applied between criteria sets. Default |
Example
{
"action": "BYPASS",
"application": ApplicationRefInput,
"description": "abc123",
"enabled": true,
"headers": [AppTenantRestrictionHeaderValueInput],
"name": "abc123",
"schedule": PolicyScheduleInput,
"severity": "HIGH",
"source": AppTenantRestrictionSourceInput
}
AppTenantRestrictionAddRuleInput
BetaFields
| Input Field | Description |
|---|---|
at - PolicyRulePositionInput
|
Position of the rule in the policy |
rule - AppTenantRestrictionAddRuleDataInput!
|
Parameters for the rule you are adding |
Example
{
"at": PolicyRulePositionInput,
"rule": AppTenantRestrictionAddRuleDataInput
}
AppTenantRestrictionHeaderValue
BetaDescription
pair of header name and value
Fields
| Field Name | Description |
|---|---|
name - HttpHeaderName!
|
Header to inject |
value - HttpHeaderValue!
|
Value to inject |
Example
{
"name": HttpHeaderName,
"value": HttpHeaderValue
}
AppTenantRestrictionHeaderValueInput
BetaDescription
pair of header name and value
Fields
| Input Field | Description |
|---|---|
name - HttpHeaderName!
|
Header to inject |
value - HttpHeaderValue!
|
Value to inject |
Example
{
"name": HttpHeaderName,
"value": HttpHeaderValue
}
AppTenantRestrictionPolicy
BetaFields
| Field Name | Description |
|---|---|
audit - PolicyAudit
|
|
enabled - Boolean!
|
|
revision - PolicyRevision
|
|
rules - [AppTenantRestrictionRulePayload!]!
|
|
sections - [PolicySectionPayload!]!
|
Example
{
"audit": PolicyAudit,
"enabled": false,
"revision": PolicyRevision,
"rules": [AppTenantRestrictionRulePayload],
"sections": [PolicySectionPayload]
}
AppTenantRestrictionPolicyInput
BetaFields
| Input Field | Description |
|---|---|
revision - PolicyRevisionInput
|
A revision is a specific instance of the policy. Unpublished revisions are working copies of the policy available to a specific admin or a set of admins Published revisions are revisions that were applied to the account network. The last published revision is the active policy. |
Example
{"revision": PolicyRevisionInput}
AppTenantRestrictionPolicyMutationInput
Fields
| Input Field | Description |
|---|---|
revision - PolicyMutationRevisionInput
|
Example
{"revision": PolicyMutationRevisionInput}
AppTenantRestrictionPolicyMutationPayload
BetaFields
| Field Name | Description |
|---|---|
errors - [PolicyMutationError!]!
|
|
policy - AppTenantRestrictionPolicy
|
|
status - PolicyMutationStatus!
|
Example
{
"errors": [PolicyMutationError],
"policy": AppTenantRestrictionPolicy,
"status": "FAILURE"
}
AppTenantRestrictionPolicyUpdateInput
BetaFields
| Input Field | Description |
|---|---|
state - PolicyToggleState
|
Example
{"state": "DISABLED"}
AppTenantRestrictionRemoveRuleInput
BetaFields
| Input Field | Description |
|---|---|
id - ID!
|
Example
{"id": "4"}
AppTenantRestrictionRule
BetaFields
| Field Name | Description |
|---|---|
action - AppTenantRestrictionActionEnum!
|
The action applied by the App Tenant Restriction if the rule is matched |
application - ApplicationRef!
|
Applications for the rule (pre-defined) |
description - String!
|
Description for the rule |
enabled - Boolean!
|
TRUE = Rule is enabled FALSE = Rule is disabled |
headers - [AppTenantRestrictionHeaderValue!]!
|
Headers and Values to Inject |
id - ID!
|
Rule ID |
index - Int!
|
Position / priority of rule |
name - String!
|
Name of the rule |
schedule - PolicySchedule!
|
The time period specifying when the rule is enabled, otherwise it is disabled. |
section - PolicySectionInfo!
|
Policy section where the rule is located |
severity - AppTenantRestrictionSeverityEnum!
|
Severity defined for the rule |
source - AppTenantRestrictionSource!
|
Source traffic matching criteria. Logical ‘OR’ is applied within the criteria set. Logical ‘AND’ is applied between criteria sets. |
Example
{
"action": "BYPASS",
"application": ApplicationRef,
"description": "xyz789",
"enabled": true,
"headers": [AppTenantRestrictionHeaderValue],
"id": 4,
"index": 123,
"name": "abc123",
"schedule": PolicySchedule,
"section": PolicySectionInfo,
"severity": "HIGH",
"source": AppTenantRestrictionSource
}
AppTenantRestrictionRuleMutationPayload
BetaFields
| Field Name | Description |
|---|---|
errors - [PolicyMutationError!]!
|
|
rule - AppTenantRestrictionRulePayload
|
|
status - PolicyMutationStatus!
|
Example
{
"errors": [PolicyMutationError],
"rule": AppTenantRestrictionRulePayload,
"status": "FAILURE"
}
AppTenantRestrictionRulePayload
BetaFields
| Field Name | Description |
|---|---|
audit - PolicyElementAudit!
|
|
properties - [PolicyElementPropertiesEnum!]!
|
|
rule - AppTenantRestrictionRule!
|
Example
{
"audit": PolicyElementAudit,
"properties": ["ADDED"],
"rule": AppTenantRestrictionRule
}
AppTenantRestrictionSeverityEnum
BetaDescription
Severity options
Values
| Enum Value | Description |
|---|---|
|
|
High severity |
|
|
Low severity |
|
|
Medium severity |
Example
"HIGH"
AppTenantRestrictionSource
BetaDescription
Returns the settings for Source of an App Tenant Restriction rule
Fields
| Field Name | Description |
|---|---|
country - [CountryRef!]!
|
Source country traffic matching criteria. |
floatingSubnet - [FloatingSubnetRef!]!
|
Floating Subnets (ie. Floating Ranges) are used to identify traffic exactly matched to the route advertised by BGP. They are not associated with a specific site. This is useful in scenarios such as active-standby high availability routed via BGP. |
globalIpRange - [GlobalIpRangeRef!]!
|
Globally defined IP range, IP and subnet objects |
group - [GroupRef!]!
|
Groups defined for your account |
host - [HostRef!]!
|
Hosts and servers defined for your account |
ip - [IPAddress!]!
|
IPv4 address |
ipRange - [IpAddressRange!]!
|
Multiple separate IP addresses or an IP range |
networkInterface - [NetworkInterfaceRef!]!
|
Network range defined for a site |
site - [SiteRef!]!
|
Site defined for the account |
siteNetworkSubnet - [SiteNetworkSubnetRef!]!
|
GlobalRange + InterfaceSubnet |
subnet - [NetworkSubnet!]!
|
Subnets and network ranges defined for the LAN interfaces of a site |
systemGroup - [SystemGroupRef!]!
|
Predefined Cato groups |
user - [UserRef!]!
|
Individual users defined for the account |
usersGroup - [UsersGroupRef!]!
|
Group of users |
Example
{
"country": [CountryRef],
"floatingSubnet": [FloatingSubnetRef],
"globalIpRange": [GlobalIpRangeRef],
"group": [GroupRef],
"host": [HostRef],
"ip": [IPAddress],
"ipRange": [IpAddressRange],
"networkInterface": [NetworkInterfaceRef],
"site": [SiteRef],
"siteNetworkSubnet": [SiteNetworkSubnetRef],
"subnet": [NetworkSubnet],
"systemGroup": [SystemGroupRef],
"user": [UserRef],
"usersGroup": [UsersGroupRef]
}
AppTenantRestrictionSourceInput
BetaDescription
Input of the settings for Source of an App Tenant Restriction rule
Fields
| Input Field | Description |
|---|---|
country - [CountryRefInput!]!
|
Source country traffic matching criteria. Default |
floatingSubnet - [FloatingSubnetRefInput!]!
|
Floating Subnets (ie. Floating Ranges) are used to identify traffic exactly matched to the route advertised by BGP. They are not associated with a specific site. This is useful in scenarios such as active-standby high availability routed via BGP. Default |
globalIpRange - [GlobalIpRangeRefInput!]!
|
Globally defined IP range, IP and subnet objects Default |
group - [GroupRefInput!]!
|
Groups defined for your account Default |
host - [HostRefInput!]!
|
Hosts and servers defined for your account Default |
ip - [IPAddress!]!
|
IPv4 address Default |
ipRange - [IpAddressRangeInput!]!
|
Multiple separate IP addresses or an IP range Default |
networkInterface - [NetworkInterfaceRefInput!]!
|
Network range defined for a site Default |
site - [SiteRefInput!]!
|
Site defined for the account Default |
siteNetworkSubnet - [SiteNetworkSubnetRefInput!]!
|
GlobalRange + InterfaceSubnet Default |
subnet - [NetworkSubnet!]!
|
Subnets and network ranges defined for the LAN interfaces of a site Default |
systemGroup - [SystemGroupRefInput!]!
|
Predefined Cato groups Default |
user - [UserRefInput!]!
|
Individual users defined for the account Default |
usersGroup - [UsersGroupRefInput!]!
|
Group of users Default |
Example
{
"country": [CountryRefInput],
"floatingSubnet": [FloatingSubnetRefInput],
"globalIpRange": [GlobalIpRangeRefInput],
"group": [GroupRefInput],
"host": [HostRefInput],
"ip": [IPAddress],
"ipRange": [IpAddressRangeInput],
"networkInterface": [NetworkInterfaceRefInput],
"site": [SiteRefInput],
"siteNetworkSubnet": [SiteNetworkSubnetRefInput],
"subnet": [NetworkSubnet],
"systemGroup": [SystemGroupRefInput],
"user": [UserRefInput],
"usersGroup": [UsersGroupRefInput]
}
AppTenantRestrictionSourceUpdateInput
BetaDescription
Input of the settings for Source of an App Tenant Restriction rule
Fields
| Input Field | Description |
|---|---|
country - [CountryRefInput!]
|
Source country traffic matching criteria. |
floatingSubnet - [FloatingSubnetRefInput!]
|
Floating Subnets (ie. Floating Ranges) are used to identify traffic exactly matched to the route advertised by BGP. They are not associated with a specific site. This is useful in scenarios such as active-standby high availability routed via BGP. |
globalIpRange - [GlobalIpRangeRefInput!]
|
Globally defined IP range, IP and subnet objects |
group - [GroupRefInput!]
|
Groups defined for your account |
host - [HostRefInput!]
|
Hosts and servers defined for your account |
ip - [IPAddress!]
|
IPv4 address |
ipRange - [IpAddressRangeInput!]
|
Multiple separate IP addresses or an IP range |
networkInterface - [NetworkInterfaceRefInput!]
|
Network range defined for a site |
site - [SiteRefInput!]
|
Site defined for the account |
siteNetworkSubnet - [SiteNetworkSubnetRefInput!]
|
GlobalRange + InterfaceSubnet |
subnet - [NetworkSubnet!]
|
Subnets and network ranges defined for the LAN interfaces of a site |
systemGroup - [SystemGroupRefInput!]
|
Predefined Cato groups |
user - [UserRefInput!]
|
Individual users defined for the account |
usersGroup - [UsersGroupRefInput!]
|
Group of users |
Example
{
"country": [CountryRefInput],
"floatingSubnet": [FloatingSubnetRefInput],
"globalIpRange": [GlobalIpRangeRefInput],
"group": [GroupRefInput],
"host": [HostRefInput],
"ip": [IPAddress],
"ipRange": [IpAddressRangeInput],
"networkInterface": [NetworkInterfaceRefInput],
"site": [SiteRefInput],
"siteNetworkSubnet": [SiteNetworkSubnetRefInput],
"subnet": [NetworkSubnet],
"systemGroup": [SystemGroupRefInput],
"user": [UserRefInput],
"usersGroup": [UsersGroupRefInput]
}
AppTenantRestrictionUpdateRuleDataInput
BetaFields
| Input Field | Description |
|---|---|
action - AppTenantRestrictionActionEnum
|
The action applied by the App Tenant Restriction if the rule is matched |
application - ApplicationRefInput
|
Applications for the rule (pre-defined) |
description - String
|
|
enabled - Boolean
|
|
headers - [AppTenantRestrictionHeaderValueInput!]
|
Headers and Values to Inject |
name - String
|
|
schedule - PolicyScheduleUpdateInput
|
The time period specifying when the rule is enabled, otherwise it is disabled. |
severity - AppTenantRestrictionSeverityEnum
|
Severity defined for the rule |
source - AppTenantRestrictionSourceUpdateInput
|
Source traffic matching criteria. Logical ‘OR’ is applied within the criteria set. Logical ‘AND’ is applied between criteria sets. |