Introduction
Welcome to the Trust Guard (TG) API!
You can use our API to access Trust Guard API endpoints, which can get information on various companies, users, scans & results in our database.
API Base URL
| Environment | URL |
|---|---|
| Testing | https://devapi.trust-guard.com |
| Production | https://api.trust-guard.com |
Notes
- TG API using TLS 1.2 protocol for securities.
- Use POSTMAN collection for reference API calls.
Getting Started
This chapter provides step-by-step instructions for using TrustGuard Third Party API and is divided in to the following sections:
Step 1. Web Portal: Obtaining API Key
Step 2. Server Request: Using API Key
Important Note
Web Portal: Obtaining API Key
First, login to trustguard portal.
After login, go to Management > API Account through the link on the left sidebar to go to API Account Management Page
To add a new user, press Add API Account button
Fill-in the fields then press Save
To obtain the API User's API Key press Edit Button
In the Edit API Account press the Show Button
A popup will show that will ask for your Password
Generate API Key text area will now be available which contains your API Key
Copy the generated API Key and save it for later use.
Server Request: Using API Key
An API Testing Tool such as Postman is required to interact with the API.
The API Key we generated will be used to obtain an ACCESS_TOKEN. This token is required to interact with the API.
Please refer to this section for instructions on how to obtain an ACCESS_TOKEN.
Errors
The Trust Guard API uses the following generic error codes:
| Error Code | Meaning |
|---|---|
| 200 | Successful -- OK request. |
| 201 | Created -- Your requested resource created. |
| 400 | Bad Request -- Your request is bad. |
| 401 | Unauthorized -- Your API key is wrong or insufficient client credentials. |
| 403 | Forbidden -- You don't have access to requested resource. |
| 404 | Not Found -- The specified resource could not be found |
| 500 | Internal Server Error -- We had a problem with our server. Try again later. |
| 503 | Service Unavailable -- We're temporarially offline for maintanance. Please try again later. |
- API response will return
errorsarray with errors in response. - API response will return
messagesarray with success messages in response.
Token
Get Refresh Token
This is the way to get API account token to authenticated API calls with TG portal. Admin of TG company can create new API account from TG portal and get token of particular API account.
Steps
- Login into TG portal.
- Go to “API Account” side menu option and click on “Add API Account”.
- Add required fields and save API account.
- Go to edit API account page and generate
REFRESH_TOKENand copy it. It will require password of admin to access it.
Get Access Token
Request:
curl -X POST "<api_url>/partner-api/auth/renew"
-H "Authorization: Bearer <REFRESH_TOKEN>"
Response:
{
"accessToken": "<token>",
"exp": "2019-07-29T09:32:51+00:00",
"messages": ["success"],
"success": true,
"status": 200
}
exp- Expiry date of access token
messages- Messages array will include success messages
errors- Errors array will include error messages
This API allows you to get ACCESS_TOKEN for particular API account so API account can access TG APIs for various operations. This API needs API Account Token generated from TG portal “Add API Account” page.
HTTP Request
POST <api_url>/partner-api/auth/renew
Replace api_url with API base URL.
Company
Add Company
Request:
curl -X POST "<api_url>/partner-api/companies"
-H "Authorization: Bearer <ACCESS_TOKEN>"
-d '{<json_request_parameters>}'
Response:
{
"success": true,
"cid": 535,
"mid": "A10921",
"adminID": 14927,
"securityID": 14928,
"name": "Testing Company A 101",
"messages": ["company created successfully"],
"status": 201
}
cid- Company ID assigned by TG
securityID- Security Officer ID
adminID- Admin User ID
This API allows you to create a new company.
HTTP Request
POST <api_url>/partner-api/companies
api_url - Replace api_url with API base URL.
Request Attributes
| Attribute | Description | Max Length | Type | Required |
|---|---|---|---|---|
| mid | Merchant ID | 15 | String | true |
| name | Company name | 100 | String | true |
| city | Company office city | 30 | String | |
| state | Company office state or province | 30 | String | |
| zip | Company office zip | 20 | String | |
| country | Company office ISO country code | ISO 3166-1 alpha-2 | String | true |
| postalAddress | Company postal office address | 50 | String | |
| postalCity | Company postal office city | 30 | String | |
| postalState | Company postal office state or province | 30 | String | |
| postalZip | Company postal office zip | 20 | String | |
| postalCountry | Company postal office country code | ISO 3166-1 alpha-2 | String | |
| timezone | Database time zone | PHP Timezones | String | |
| vat | VAT No. European Only | 50 | String | |
| coc | COC No. European Only | 50 | String | |
| adminName | Company admin name | 50 | String | true |
| adminMail | Company admin email. Must be VALID email format | 100 | String | true |
| adminPhone | Company admin phone no | 20 | String | |
| adminJobTitle | Company admin job title | 30 | String | |
| adminLanguage | Company admin prefered language | ISO 639-1 | String | |
| securityName | Company security officer name | 50 | String | true |
| securityMail | Company security officer email. Must be VALID email format | 100 | String | true |
| securityPhone | Company security officer phone no. | 20 | String | |
| securityJobTitle | Company security officer job title | 30 | String | |
| securityLanguage | Company security officer prefered language | ISO 639-1 | String | |
| resellerID | Reseller Company ID(Trust Guard Company ID) | Number | ||
| internalID | B2U Billing ID | 50 | String |
Edit Company
Request:
curl -X PUT "<api_url>/partner-api/companies/535"
-H "Authorization: Bearer <ACCESS_TOKEN>"
-d '{<json_request_parameters>}'
Response:
{
"cid": 535,
"mid": "A10921",
"name": "Testing Company 101 A",
"messages": ["company updated successfully"],
"success": true,
"status": 200
}
Updates the specified company by setting the values of the parameters passed.
Any parameters not provided will be left unchanged. This request accepts the same arguments as the company creation call.
HTTP Request
PUT <api_url>/partner-api/companies/<cid>
cid - Company id assigned by TG
api_url - Replace api_url with API base URL.
Expiry Date Attributes
| Attribute | Description | Type |
|---|---|---|
| dailyexpiry | Daily Scan Expiry | String |
| weeklyexpiry | Weekly Scan Expiry | String |
| monthlyexpiry | Monthly Scan Expiry | String |
| quarterlyexpiry | Quarterly Scan Expiry | String |
| manualexpiry | Manual Scan Expiry | String |
Expiry Date Format : yyyy-mm-dd
Delete Company
Request:
curl -X DELETE "<api_url>/partner-api/companies/23"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"cid": 535,
"name": "Testing Company 101 A",
"messages": [
"company deleted successfully",
"note: company is now permanently deleted from our records"
],
"success": true,
"status": 200
}
Permanently deletes a company if company does not have additional regular user(s) and zero device(s).
Response:
{
"cid": 535,
"name": "Testing Company 101 A",
"messages": [
"company marked successfully as inactive",
"warning: subsequent [company delete] request on this company will permanently delete it from our records"
],
"success": true,
"status": 200
}
If company has active at least one additional regular user and device(s).
HTTP Request
DELETE <api_url>/partner-api/companies/<cid>
cid - Company id assigned by TG
api_url - Replace api_url with API base URL.
View Company
Request:
curl -X GET "<api_url>/partner-api/companies/469"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"FullName": "Testing TP Company",
"cid": 469,
"partnerID": 1,
"resellerID": null,
"accountType": "trial",
"name": "Testing TP Company",
"canceldate": "",
"address": null,
"city": null,
"state": null,
"zip": null,
"country": "NL",
"postalAddress": null,
"postalCity": null,
"postalState": null,
"postalZip": null,
"postalCountry": "NL",
"timezone": "",
"vat": "NL005835070B01",
"coc": "32083680",
"adminName": "Beta Admin Name",
"adminMail": "beta@admin",
"adminPhone": null,
"userType": {
"merchant": true,
"reseller": true,
"acquirer": true
},
"isVIP": false,
"isNoSeals": 0,
"internalID": "11",
"mid": "2",
"scanVendor": "beyond-security",
"daily": 0,
"weekly": 0,
"monthly": 0,
"quarterly": 0,
"quarterlyNoSeal": 0,
"manual": 0,
"dailyexpiry": null,
"weeklyexpiry": null,
"monthlyexpiry": null,
"quarterlyexpiry": null,
"manualexpiry": null,
"isTP": false,
"tpid": 1,
"created": "2019-03-14",
"website": "www.testing-company.test",
"messages": ["company details returned successfully"],
"success": true,
"status": 200
}
This API allows you to get particular company.
HTTP Request
GET <api_url>/partner-api/companies/469
View Companies
Request:
curl -X GET "<api_url>/partner-api/companies"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"data": [
{
"FullName": "Testing TP Company",
"cid": 469,
"partnerID": 1,
"resellerID": null,
"accountType": "trial",
"name": "Testing TP Company",
"canceldate": "",
"address": null,
"city": null,
"state": null,
"zip": null,
"country": "NL",
"postalAddress": null,
"postalCity": null,
"postalState": null,
"postalZip": null,
"postalCountry": "NL",
"timezone": "",
"vat": "NL005835070B01",
"coc": "32083680",
"adminName": "Beta Admin Name",
"adminMail": "beta@admin",
"adminPhone": null,
"userType": {
"merchant": true,
"reseller": true,
"acquirer": true
},
"isVIP": false,
"isNoSeals": 0,
"internalID": "11",
"mid": "2",
"scanVendor": "beyond-security",
"daily": 0,
"weekly": 0,
"monthly": 0,
"quarterly": 0,
"quarterlyNoSeal": 0,
"manual": 0,
"dailyexpiry": null,
"weeklyexpiry": null,
"monthlyexpiry": null,
"quarterlyexpiry": null,
"manualexpiry": null,
"isTP": false,
"tpid": 1,
"created": "2019-03-14",
"website": "www.testing-company.test"
}
],
"messages": ["all companies returned succesfully"],
"success": true,
"status": 200
}
This API allows you to get all companies.
HTTP Request
GET <api_url>/partner-api/companies
User
Add User
Request:
curl -X POST "<api_url>/partner-api/companies/26/users"
-H "Authorization: Bearer <ACCESS_TOKEN>"
-d '{<json_request_parameters>}'
Response:
{
"uid": 14918,
"name": "Test User 121",
"email": "user@trust-guard.com",
"messages": ["user created succesfully"],
"success": true,
"status": 201
}
uid- User id assigned by TG
This API allows you to add a new user under particular company.
HTTP Request
<api_url>/partner-api/companies/<cid>/users
cid - Company id assigned by TG
Request Attributes
| Attribute | Description | Max Length | Type | Required |
|---|---|---|---|---|
| department | Department the user belongs | 20 | String | |
| Email used for sign in | 100 | String | true | |
| groups | Current Group(s) in the company the user belongs. See table below. | Array | ||
| job | The job title of the user | 30 | String | |
| language | Prefered language. options: ( en / nl ) | ISO 639-1 | String | |
| name | Full name of the user | 50 | String | true |
| notificationEmail | Email which receives the notifications. If not provided, default sign in email will be used. | 100 | String | |
| phone | Contact number | 20 | String | |
| permissions | Permissions assigned on the user.See permissions option below. Default permission will be all | Array | ||
| isAdmin | Set user role to admin of company | Boolean | ||
| isSecurityOfficer | Set user role to security officer of company | Boolean |
Groups Array
- Groups array will include group ids(gid) and can be added using Add Group API.
- Check Group APIs for more information.
Example - groups: [12, 23]
Permissions Array Options
- all – all permissions. (If this value is provided, no need to specify other values.)
- user-management – allows user to view/delete/edit other users
- group-management – allows user to view/delete/edit groups
- domain-management - allows user to view/delete/edit domains
- view-scans – allows user to view all scans under the company
- submit-scans – allows user to start/stop scans
- view-partners – allows user to view partner companies
Example - permissions: ["user-management","domain-management"]
Edit User
Request:
curl -X PUT "/partner-api/companies/26/users/14867"
-H "Authorization: Bearer <ACCESS_TOKEN>"
-d '{<json_request_parameters>}'
Response:
{
"uid": 14928,
"name": "Security 101",
"messages": ["user updated successfully"],
"success": true,
"status": 200
}
Updates the specified user by setting the values of the parameters passed.
Any parameters not provided will be left unchanged. This request accepts the same arguments as the user creation call.
HTTP Request
PUT <api_url>/partner-api/companies/<cid>/users/<uid>
cid - Company id assigned by TG
uid - User id assigned by TG
Delete User
Request:
curl -X DELETE "<api_url>/partner-api/companies/26/users/14836"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"uid": 14918,
"name": "Test User 121",
"messages": ["user deleted successfully"],
"success": true,
"status": 200
}
Permanently deletes a user.
HTTP Request
DELETE <api_url>/partner-api/companies/<cid>/users/<uid>
cid - Company id assigned by TG
uid - User id assigned by TG
View User
Request:
curl -X GET "<api_url>/partner-api/companies/535/users/14927"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"success": true,
"data": {
"uid": 14927,
"name": "Admin 101",
"email": "admin101@trust-guard.com",
"phone": "",
"password": "",
"department": null,
"job": "",
"notification": "all",
"notificationEmail": null,
"groups": [
{
"name": "All Groups",
"gid": 538,
"allDomains": "1"
}
],
"permissions": ["all"],
"login": "N/A",
"language": "",
"isAdmin": false,
"isSecurityOfficer": false,
"homeCompany": true,
"multiCompany": 1,
"ip": "103.249.234.142"
},
"messages": ["user details returned successfully"],
"status": 200
}
This API allows you to get particular user under company.
HTTP Request
GET <api_url>/partner-api/companies/<cid>/users/<uid>
cid - Company id assigned by TG
uid - User id assigned by TG
View Users
Request:
curl -X GET "<api_url>/partner-api/companies/535/users"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"success": true,
"data": [
{
"uid": 14928,
"name": "Security 101",
"email": "security101@trust-guard.com",
"phone": null,
"password": "",
"department": null,
"job": null,
"notification": "all",
"notificationEmail": null,
"groups": [
{
"name": "All Groups",
"gid": 538,
"all": "1"
}
],
"permissions": ["all"],
"login": "n/a",
"isAdmin": true,
"isSecurityOfficer": true
}
],
"messages": ["all users returned successfully"],
"status": 200
}
This API allows you to get users under particular company.
HTTP Request
GET <api_url>/partner-api/companies/<cid>/users
cid - Company id assigned by TG
Device
Add Device
Request:
curl -X POST "<api_url>/partner-api/devices"
-H "Authorization: Bearer <ACCESS_TOKEN>"
-d '{<json_request_parameters>}'
Response:
{
"did": 14246,
"name": "www.testingdeletedomain.com",
"messages": ["device created successfully"],
"success": true,
"status": 201
}
did- Device id assigned by TG
This API allows you to add a new device under particular company.
HTTP Request
POST <api_url>/partner-api/devices
Request Attributes
| Attribute | Description | Max Length | Type | Required |
|---|---|---|---|---|
| cid | Company Id assigned By TG | Number | true | |
| name | Name of site/domain | 100 | String | true |
| device | Url/IP of site/domain | 100 | String | true |
| description | Description of site/domain | 200 | String | |
| frequency | How frequent a site/domain is scanned. Check Frequency options below | String | true | |
| scanHour | Hour of the day the scan starts. format: hh (00 - 23) | String | ||
| timeZone | Timezone to apply in setting schedule | PHP Timezones | String | |
| pciScope | Include PCI status for this device | Boolean |
Frequency Attribute Options
- daily - scans of 24 hours interval
- weekly - scans of 7 days interval
- monthly - scans of 1 month interval
- quarterly - scans of 3 months interval
- manual - no particular interval and is manually started by user
Edit Device
Request:
curl -X PUT "<api_url>/partner-api/devices/14209"
-H "Authorization: Bearer <ACCESS_TOKEN>"
-d '{<json_request_parameters>}'
Response:
{
"name": "B Site",
"did": 14246,
"device": "www.testingdeletedomain.com",
"messages": ["device updated successfully"],
"success": true,
"status": 200
}
Updates the specified device by setting the values of the parameters passed.
Any parameters not provided will be left unchanged. This request accepts the same arguments as the device creation call.
HTTP Request
PUT <api_url>/partner-api/devices/<did>
did - Device id assigned by TG
Delete Device
Request:
curl -X DELETE "<api_url>/partner-api/devices/14209"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response - First Delete Request:
{
"did": 14245,
"device": "www.testingdeletedomain.com",
"messages": [
"device marked successfully as inactive",
"warning: subsequent [device delete] request on this device will permanently delete it from our records"
],
"success": true,
"status": 200
}
Inactive Status: Device will be kept in our records with scan results but it will not scan anymore with schedule.
Response - Second Delete Request:
{
"did": 14245,
"device": "www.testingdeletedomain.com",
"messages": [
"device deleted successfully",
"note: device is now permanently deleted from our records"
],
"success": true,
"status": 200
}
Permanently Delete: Device will be permanently deleted from our records with scan results.
Permanently deletes a device. It will deactivate the device on first API call and will permanently delete device after second API call.
HTTP Request
DELETE <api_url>/partner-api/devices/<did>
did - Device id assigned by TG
View Device
Request:
curl -X GET "<api_url>/partner-api/devices/14246"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"success": true,
"data": {
"name": "B Site",
"description": "",
"device": "www.testingdeletedomain.com",
"did": 14246,
"status": "unverified",
"frequency": "manual",
"partnerLogin": "0",
"partnerName": "aubrey",
"reseller": [],
"scanWeekly": "",
"scanDate": "",
"scanHour": "",
"scanMinute": "",
"timeZone": "",
"scanVendor": "beyond-security",
"entryPoint": null,
"formName": null,
"formID": null,
"authenticationURL": null,
"formInputNames": null,
"formInputTypes": null,
"formInputValues": null,
"formButtonName": null,
"scanningApplication": "0",
"pciScope": "1",
"isTP": true,
"tpid": "",
"tpName": "Trust Guard",
"mid": "23"
},
"legalText": "",
"legalBool": true,
"messages": ["device details returned successfully"],
"status": 200
}
This API allows you to get particular device under company.
HTTP Request
GET <api_url>/partner-api/devices/<did>
did - Device id assigned by TG
View Devices
Request:
curl -X GET "<api_url>/partner-api/companies/26/devices"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"success": true,
"data": [
{
"name": "B Site",
"device": "www.testingdeletedomain.com",
"groups": [],
"description": "",
"did": 14246,
"status": "unverified",
"frequency": "manual",
"vendor": "BS",
"requestDelete": false,
"requestDeleteBy": "",
"requestExpired": false,
"created": "Jul 29th, 2019",
"nextReview": null,
"pciScope": null,
"partnerLogin": "0"
}
],
"messages": ["all devices returned successfully"],
"status": 200
}
This API allows you to get devices under particular company.
HTTP Request
GET <api_url>/partner-api/companies/<cid>/devices
cid - Company id assigned by TG
Group
Add Group
Request:
curl -X POST "<api_url>/partner-api/groups"
-H "Authorization: Bearer <ACCESS_TOKEN>"
-d '{<json_request_parameters>}'
Response:
{
"gid": 542,
"name": "API Test Group D",
"messages": ["group created succesfully"],
"success": true,
"status": 201
}
gid- Group id assigned by TG
This API allows you to add new group for particular company.
HTTP Request
<api_url>/partner-api/grops
Request Attributes
| Attribute | Description | Max Length | Type | Required |
|---|---|---|---|---|
| cid | Company ID assigned by TG | Number | true | |
| name | Group name | 30 | String | true |
| description | Group description | 150 | String | |
| devices | Device ids array | Array | ||
| users | User ids array | Array |
Devices Array
- Devices array will include ids(did) of device added in company to be added in group.
Example - devices: [1222, 3323]
Users Array
- Users array will include ids(uid) of user added in company to be added in group.
Example - users: [2323, 23234]
Edit Group
Request:
curl -X PUT "/partner-api/groups/542"
-H "Authorization: Bearer <ACCESS_TOKEN>"
-d '{<json_request_parameters>}'
Response:
{
"gid": 542,
"name": "API Test Group EDIT DD",
"messages": ["group updated successfully"],
"success": true,
"status": 200
}
Updates the specified group by setting the values of the parameters passed.
Any parameters not provided will be left unchanged. This request accepts the same arguments as the group creation call.
HTTP Request
PUT <api_url>/partner-api/groups/<gid>
gid - Group id assigned by TG
Delete Group
Request:
curl -X DELETE "<api_url>/partner-api/groups/542"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"gid": 542,
"messages": ["group deleted succesfully "],
"success": true,
"status": 200
}
Permanently deletes a group.
HTTP Request
DELETE <api_url>/partner-api/groups/<gid>
gid - Group id assigned by TG
View Group
Request:
curl -X GET "<api_url>/partner-api/groups/542"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"success": true,
"data": {
"name": "API Test Group EDIT DD",
"description": "group created via api EDIT",
"gid": 542,
"editable": "1",
"deletable": "1",
"devices": [
{
"name": "OV",
"device": "www.test.nl",
"did": 10528
},
{
"name": "zl",
"device": "z.nl",
"did": 12171
}
],
"allDomains": "0",
"users": [
{
"name": "Test",
"uid": 11501
},
{
"name": "Test",
"uid": 11504
}
]
},
"messages": ["group details returned successfully"],
"status": 200
}
This API allows you to get particular group.
HTTP Request
GET <api_url>/partner-api/groups/<gid>
gid - Group id assigned by TG
View Groups
Request:
curl -X GET "<api_url>}/partner-api/companies/26/groups"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"success": true,
"data": [
{
"name": "All Groups",
"did": null,
"gid": 42,
"description": "All Groups",
"devices": [],
"editable": "0",
"deletable": "0",
"allDomains": "1"
},
{
"name": "API Test Group EDIT DD",
"description": "group created via api EDIT",
"did": null,
"gid": 542,
"editable": "1",
"deletable": "1",
"devices": [
{
"name": "OV",
"device": "www.test.nl",
"did": 10528
},
{
"name": "zl",
"device": "z.nl",
"did": 12171
}
],
"allDomains": "0"
}
],
"messages": ["all company groups returned successfully"],
"status": 200
}
This API allows you to get groups under particular company.
HTTP Request
GET <api_url>/partner-api/companies/<cid>/groups
cid - Company id assigned by TG
Scan
View Scans
Request:
curl -X GET "<api_url>/partner-api/companies/26/scans"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response - Scan Results Per Company:
{
"success": true,
"data": [
{
"scanResultID": 2123609,
"did": 14946,
"device": "maurine.reagan.info",
"name": "maurine.reagan.info",
"frequency": "manual",
"pciStatus": "",
"status": "fail",
"progress": 100,
"created": "2020-11-07 14:53:25",
"finished": "2020-11-07 14:59:25",
"serious": 2,
"high": 2,
"medium": 96,
"low": 1128,
"info": 11,
"total": 1239,
"sslDate": "2022-01-19 23:59:59",
"malwareScanStatus": "pass"
}
],
"messages": ["scans returned"],
"status": 200
}
Response - Scan Results Per Device:
{
"did": 14246,
"device": "www.testingdeletedomain.com",
"name": "B Site",
"frequency": "manual",
"data": [
{
"scanResultID": 184572,
"pciStatus": "pass",
"status": "pass",
"progress": 100,
"created": "2017-01-23 17:22:27",
"finished": "2018-11-21 07:23:56",
"serious": 8,
"high": 6,
"medium": 5,
"low": 5,
"info": 6,
"total": 30,
"sslDate": "2022-01-19 23:59:59",
"malwareScanStatus": "pass"
}
],
"messages": ["scans returned"],
"success": true,
"status": 200
}
This API allows you to get scans results.
HTTP Request
- Get scans by company id
GET <api_url>/partner-api/companies/<cid>/scans
cid - Company id assigned by TG
- Get scans by device id
GET <api_url>/partner-api/devices/<did>/scans?limit=3
did - Device id assigned by TG
View Scan Status per Device
Request:
curl -X GET "<api_url>/partner-api/devices/10528/scanstatus"
-H "Authorization: Bearer <ACCESS_TOKEN>"
curl -X GET "<api_url>/partner-api/www.yourwebsite.com/scanstatus"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"did": 14930,
"device": "testing.deleteme.com",
"name": "testing deleteme",
"frequency": "daily",
"scanResultID": 2257152,
"pciStatus": null,
"scanStatus": "fail",
"progress": 100,
"created": "Dec 22, 2020 05:56",
"finished": "Dec 22, 2020 06:51",
"serious": 0,
"high": 0,
"medium": 1,
"low": 33,
"info": 0,
"total": 34,
"sslDate": "2022-01-19 23:59:59",
"malwareScanStatus": "pass",
"messages": ["scan returned"],
"success": true,
"status": 200
}
This API allows you to get the last scan of particular device.
Notes
HTTP Request
GET <api_url>/partner-api/devices/<did>/scanstatus
GET <api_url>/partner-api/devices/<url>/scanstatus
did - Device id assigned by TG
url - Device URL
Start Scan
Request:
curl -X GET "<api_url>/partner-api/scans/start/10528"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"success": true,
"scanStatus": "requested",
"id": 1228286,
"messages": [
"request to scan www.testingdeletedomain.com has been submitted"
],
"status": 200
}
This API allows you to start scan of particular device.
HTTP Request
GET <api_url>/partner-api/scans/start/<did>
did - Device id assigned by TG
Get Recent Scans
Request:
curl -X GET "<api_url>/partner-api/scans?range=2month"
-H "Authorization: Bearer <ACCESS_TOKEN>"
Response:
{
"total": 3959,
"currentPage": 1,
"totalPage": 40,
"data": [
{
"cid": 26,
"companyName": "Test Company",
"did": 13195,
"mid": "A0192",
"device": "test.com",
"scanResultID": 254788,
"status": "failed",
"progress": 100,
"created": "2019-01-24 22:29:02",
"finished": null,
"serious": null,
"high": null,
"medium": null,
"low": null,
"info": null
}
],
"messages": ["recent scans returned"],
"success": true,
"status": 200
}
This API allows you to get multiple scan results based on range and limit. This API will return all scan results from all companies under requested API account.
HTTP Request
GET <api_url>/partner-api/scans?range=2month
GET <api_url>/partner-api/scans?range=2month&page=1
GET <api_url>/partner-api/scans?from=2024-01-01&to=2024-01-20
Request Parameters
- range
Results from NOW – interval.
?range=numberunit
i.e. 3month
unit values: • minute • hour • day • week • month • quarter
- page
Offset of result. 1 page yields 100 results at most.
- from | to
Results from DATE1 to DATE2.
?from=YYYY-MM-DD&to=YYYY-MM-DD
i.e. ?from=2024-01-15&to=2024-02-15
- limit
The number of devices returned
SSO
Single Sign On
Request:
curl -X POST "<api_url>/partner-api/auth/signin"
-H "Authorization: Bearer <ACCESS_TOKEN>"
-d '{<json_request_parameters>}'
Response:
{
"dashURL": "<dash_url>",
"messages": ["success"],
"success": true,
"status": 200
}
This API is used to get access to TG client portal for users using single sign-on from third party portal.
HTTP Request
POST <api_url>/partner-api/auth/signin
Request Attributes
| Attribute | Description | Type | Required |
|---|---|---|---|
| cid | Company Id assigned by TG | Number | true |
| uid | User Id assigned by TG | Number | true |
Response Attributes
| Attribute | Description | Type |
|---|---|---|
| dashURL | TG Client Dashboard URL for user to login | String |
Company - New API
This chapter contains the latest information in creating new regular, trial, and freemium merchants
Important Setup
These are the required resellerID and apikey that needs to be secured before proceeding.
Reseller ID and Form API Key
resellerID- Assigned by TG. You can get it from Reseller Overview Page[Resellers > Overview]See image below:
apikey- Can be generated in Edit API Account page[Management > API Account > edit]See image below:
Create Trial Merchant
This api is used to create TRIAL merchant
Request:
curl -X POST "<api_url>/api/company.php/post_createtrialmerchant"
Response:
{
"companyID": "X3Z0o9GRPL",
"companyName": "Test Trial Merchant",
"mid": "a10023",
"adminName": "Trial Merchant Admin",
"adminEmail": "admin@trialmerchant.com",
"messages": ["company created!"],
"success": true,
"status": 200
}
HTTP Request
POST <api_url>/api/company.php/post_createtrialmerchant
Request Attributes
| Attribute | Description | Type | Required |
|---|---|---|---|
| companyName | name of merchant | String | true |
| companyAddress | merchant address | String | true |
| companyCity | merchant city | String | true |
| companyCountry | merchant country | ISO 3166-1 alpha-2 | true |
| companyZip | merchant zip | String | true |
| billingB2UID | for B2U purposes | String | |
| resellerID | assigned by TrustGuard | String | true |
| mid | id of the merchant in your database | String | |
| companyVAT | merchant VAT | String | true |
| companyCOC | merchant COC | String | true |
| customerName | admin name | String | true |
| customerEmail | admin email | String | true |
| customerPhone | admin phone number | String | true |
| customerLanguage | Prefered language. options: (en/nl) | ISO 639-1 | true |
| apikey | FORM API KEY | String | true |
Create Freemium Merchant
This api is used to create FREEMIUM merchant
Request:
curl -X POST "<api_url>/api/freemium.php/post_createmerchant"
Response:
{
"companyID": "X3Z0o9GRPL",
"companyName": "Test Freemium Merchant",
"mid": "a10023",
"adminName": "Freemium Merchant Admin",
"adminEmail": "admin@freemiummerchant.com",
"messages": ["company created!"],
"success": true,
"status": 200
}
HTTP Request
POST <api_url>/api/freemium.php/post_createmerchant
Request Attributes
| Attribute | Description | Type | Required |
|---|---|---|---|
| customerName | admin name | String | true |
| customerEmail | admin email | String | true |
| customerPhone | admin phone number | String | true |
| customerUrl | admin phone number | String | true |
| resellerId | assigned by TrustGuard | String | true |
| companyName | name of merchant | String | true |
| customerLanguage | Prefered language. options: (en/nl) | ISO 639-1 | true |
| customerCountry | merchant country | ISO 3166-1 alpha-2 | true |
| mid | id of the merchant in your database | String | |
| apikey | FORM API KEY | String | true |
Create Regular Merchant
This api is used to create Regular merchant
Request:
curl -X POST "<api_url>/api/company.php/post_createmerchant"
Response:
{
"companyID": "X3Z0o9GRPL",
"companyName": "Test Regular Merchant",
"mid": "a10023",
"adminName": "Regular Merchant Admin",
"adminEmail": "admin@regularmerchant.com",
"messages": ["company created!"],
"success": true,
"status": 200
}
HTTP Request
POST <api_url>/api/company.php/post_createmerchant
Request Attributes
| Attribute | Description | Type | Required |
|---|---|---|---|
| companyName | name of merchant | String | true |
| companyAddress | merchant address | String | true |
| companyCity | merchant city | String | true |
| companyCountry | merchant country | ISO 3166-1 alpha-2 | true |
| companyZip | merchant zip | String | true |
| billingB2UID | for B2U purposes | String | |
| resellerID | assigned by TrustGuard | String | true |
| mid | id of the merchant in your database | String | |
| companyVAT | merchant VAT | String | true |
| companyCOC | merchant COC | String | true |
| customerName | admin name | String | true |
| customerEmail | admin email | String | true |
| customerPhone | admin phone number | String | true |
| customerLanguage | Prefered language. options: (en/nl) | ISO 639-1 | true |
| apikey | FORM API KEY | String | true |