Customer Feed API

New
  • Published on Apr 24, 2025
  • 1 minute(s) read
Prev Next

The Customer Feed API provides customers with dedicated endpoints to automate feed creation, management, and enrichment. This capability improves integration with tools like Splunk and other third-party applications, ensuring that you can quickly import indicators into our system and build custom automation workflows.

Use this API to create, read, update, and delete feeds, and manage the indicators and the tags within those feeds.

What It Does

  • Automates Feed Creation: Eliminate manual processes by programmatically creating and managing feeds.

  • Facilitates Integration: Use the API to integrate with SIEM, SOAR, and other automation platforms.

  • Improves Efficiency: Streamline the ingestion of threat indicators, ensuring your security operations have timely and enriched intelligence.

Benefits

  • Enhances automation capabilities for your organization.

  • Consistent schema that complies with the OpenAPI specification.

  • Unlimited access for Enterprise customers, which reduces the reliance on timely manual processes.

  • Improved integration with your existing security workflows.

Endpoints

The API consists of the following endpoints:

Endpoint

Description

/api/v1/feeds/

Create a new feed by providing the required parameters in the request body.

/api/v1/feeds/{uuid}/

Retrieve, update, and delete a feed.

/api/v1/feeds/{uuid}/enrich/

Enrich feed data by appending additional information to indicators within a feed. This may involve integrating external data or applying internal risk scoring.

/api/v1/feeds/{feed_uuid}/indicators/

List the indicators in a feed.

/api/v1/feeds/{feed_uuid}/indicators/{name}/

List a specific indicator.

/api/v1/feeds/{feed_uuid}/indicators/bulk-delete/

Remove multiple indicators from a feed in a single API call by providing a list of indicator names or identifiers.

/api/v1/feeds/{feed_uuid}/indicators/{name}/update-tags/

Update the tags associated with a specific indicator.

/api/v1/feeds/{feed_uuid}/indicators/{name}/tags/

Retrieve, add, or remove tags for a specific indicator.

/api/v1/feeds/{feed_uuid}/tags/

Retrieve a list of tags for a feed or add a new tag to a feed.

/api/v1/feeds/{feed_uuid}/tags/{tag__name}/

Retrieve, update, or delete a specific tag within a feed.

/api/v1/feeds/{feed_uuid}/tags/bulk-delete/

Delete multiple tags from a feed in one operation by providing the relevant tag names or identifiers.

For more information about the endpoints, view our Customer Feed API Endpoints.

Methods

The API supports the following core operations:

Operations

Methods

Descriptions

Feed

  • GET

  • PATCH

  • POST

  • DELETE

Create, read, update, delete, and enrich feeds.

Indicator

  • GET

  • PATCH

  • PUT

  • DELETE

Add, remove, and manage indicators within feeds.

Tag

  • GET

  • PUT

Manage tags associated with indicators, including bulk deletion and updates.

Authentication

Enterprise customers authenticate Customer Feed API requests with the API key in their organization section of the Silent Push platform.

  • API Key Location: View your Customer Feed API Key

  • Usage: Input the API key in the request header:
    [insert exact example of authentication key]

Base URL and Versioning

The Customer Feed API is constructed with semantic versioning to ensure backward compatibility. Access all of the endpoints through the following base URL:

  • https://api.silentpush.com/api/v1/

Resources

For more information about the Customer Feed API, select one of the following articles: