Well-Known Endpoint
The Well-Known endpoint allows you to submit well-known entities that will never be evaluated with negative reputation.
Insert Well-Known Entity
This endpoint allows you to insert a well-known entity into the ThreatWinds platform.
Endpoint
POST /api/ingest/v1/well-known
Request Headers
| Header | Description |
|---|---|
Authorization | Bearer token for authentication (optional if using API key/secret) |
api-key | Your API key (optional if using Authorization header) |
api-secret | Your API secret (optional if using Authorization header) |
Note: The
user-idandgroupsheaders are added automatically by the API gateway when required and should not be provided by the client.
Required Roles
Access to this endpoint is controlled by role-based permissions defined in the gateway. Users must have at least one of the required roles assigned to their account to access this endpoint.
Required role: trusted
This endpoint requires the trusted role, which allows users to submit well-known entities that are excluded from negative reputation evaluation.
Request Body
The request body should be a JSON object with the following structure:
{
"type": "string",
"attributes": {
"string": "string"
}
}
Parameters
| Parameter | Type | Description |
|---|---|---|
type | string | The type of the entity (e.g., “ip”, “domain”, “url”). Required. |
attributes | object | Attributes for the entity. Must include a key matching the entity type (e.g., an ip entity must have attributes.ip). More information about available attributes in Entity Types and Entity Mapping |
Note: The main attribute key must match the entity type. For example, an IP entity must include
attributes.ipwith the IP address value.
Note: Well-known entities are automatically visible to the public (
VisibleBy: ["public"]) with a reputation of 0 andwellKnown: true.
Response
Success Response (202 Accepted)
{
"message": "acknowledged"
}
Error Responses
| Status Code | Description |
|---|---|
| 400 | Bad Request - Invalid input data |
| 401 | Unauthorized - Authentication failed |
| 403 | Forbidden - Insufficient permissions |
| 500 | Internal Server Error - Malformed user-id header value |
Error Response Headers
For responses with status codes other than 200 and 202, the following headers are included:
| Header | Description |
|---|---|
| x-error | Contains a description of the error that occurred |
| x-error-id | Contains a unique identifier for the error for support |
Error Codes
| Status Code | Description | Possible Cause |
|---|---|---|
| 400 | Bad Request | Invalid request parameters or malformed JSON |
| 401 | Unauthorized | Missing or invalid authentication credentials |
| 403 | Forbidden | Authenticated user lacks permission for this operation |
| 500 | Internal Server Error | Malformed user-id header value |
Example
curl -X POST "https://apis.threatwinds.com/api/ingest/v1/well-known" \
-H "Content-Type: application/json" \
-H "api-key: your-api-key" \
-H "api-secret: your-api-secret" \
-d '{
"type": "ip",
"attributes": {
"ip": "8.8.8.8"
}
}'