API

The API integration allows external systems to retrieve findings, incidents, and other security events generated by the Inopli platform. This enables seamless integration with third-party systems such as SIEMs, dashboards, GRC platforms, or custom automation workflows.

Access to the API is read-only and secured through a private token provided by the platform. No configuration is required on the user’s side.

How It Works

Each company receives a private API token generated by the Inopli platform. This token is scoped to the organization and must be included in the Authorization header of all API requests.

The API provides structured, RESTful endpoints for accessing:

• Confirmed findings

• Incident records

• VIP exposure data

• Asset and profile information

All requests return data in JSON format, and the platform logs all access attempts for security and auditing purposes.

Access Details

• Token Delivery: The token is issued by the Diazero Technologies team and delivered securely to the company

• Rate Limiting: Access is rate-limited per company

• Expiration: Tokens do not expire by default but can be manually rotated by the platform administrator upon request

📌 Security Note: This token provides access to sensitive organizational data. It must be stored securely and treated as a credential.

Example Use Cases

• Pull all true positive findings in the last 48 hours for correlation in a SIEM

• Retrieve open incidents to auto-create tickets in an ITSM platform

• Export VIP-related alerts into a GRC system for continuous risk monitoring