Overview & API
The Cado API enables third party tools and automation scripts to integrate with the Cado platform.
You can use the API and the pre-made out-of-the-box integrations to trigger operations in the platform (e.g. acquire instances from your cloud environments), retrieve data that our system captured (e.g. suspicious events), manage and control investigation projects, and more.
This section provides a quick onboarding flow that is required for every integration followed in this section.
Creating and Storing an API Access Key
Before diving into any of the integrations we have with the Cado platform - we first need to understand the correct way to authenticate and access the Cado API.
To be able to access the different resources of the API, any request must be provided with a valid API Key generated by our authentication server.
To generate that key you can do the following inside Cado Repsonse:
- Go to Settings in the bottom left and click the API tab.
- Under Access Tokens click the Create New Key button.
- Take note of the Public Key, this is the identifier that we can use for revoking the key later on if needed.
- Take note of the Secret Key, you'll need to save this somewhere private (like a password manager), as you won't be able to see it again after you close the dialog. This is the key we need to provide to the third-party integration providers.
The Secret Key is used as the Access Token.
The API Secret Key will only be shown once, so it is recommended to save it to a secure place, like password manager.
Platform Base URL
Often you'll see in the following tutorials that we are referring to "Platform Base URL" - which is the IP or Domain of where the platform was deployed, for example:
https://ec2example.compute.amazonaws.com
Full API Documentation
You can view the Swagger docs for the API at /apidocs
You can view examples for the API at https://github.com/cado-security/cado-api-examples