Coro public API

Coro API reference

Coro Cybersecurity Public API (v1)

This is the Coro Cybersecurity platform API specification reference.

This section provides a complete reference listing for the Coro Cybersecurity REST API resource model.

About the resource reference

This reference lists all the resources available through the Coro REST API.

Each section relates to a specific resource and provides its name, description, unique URI path, and the list of operations you can perform on it.

For each operation, you can find:

A complete description of the action
Request parameters
A list of potential responses
Security (authentication) requirements

The portal also provides code samples and examples for making requests in a number of programming languages, together with samples of the possible response bodies.

In addition to this, Coro provides a Try It feature where you can interact with the API directly through the portal. To use Try It, you'll need to first obtain Client ID and Secret credentials; for more information, see Authentication.

Download OpenAPI description

View and download the Coro API JSON specification

Overview

URL

https://support.coro.net

E-mail

support@coro.net

Servers

Coro mock API server

https://docs.coro.net/_mock/api/api-docs/

Coro US API server target URL

https://api.secure.coro.net/

audit-logs

This is the audit log resource.

Operations

authentication

This is the resource for API authentication requests.

Use this resource to validate your identify and to obtain a bearer token to use when accessing other API resources.

Operations

devices

This is the Devices resource.

Use this resource to get details of all protected devices for a particular workspace.

Operations

portal-users

This is the portal user resource.

Use this resource to get details of all portal users added to the specified workspace.

Operations

subscriptions

This is the subscriptions resource.

Use this resource to view and manage workspace subscriptions.

Operations

Retrieve the subscription of a specific workspace

Request

Retrieve the subscription details of a specific workspace, including the modules and add-ons that are enabled and disabled.

Security

JWT

Headers

Workspacestringrequired

The workspace identifier, which isolates API requests inside the provided workspace scope.

Example: corodevonmicrosoftcom_TX7T_u

curl -i -X GET \
  https://docs.coro.net/_mock/api/api-docs/v1/subscriptions \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Workspace: corodevonmicrosoftcom_TX7T_u'

Responses

Success

Bodyapplication/json

modulesobject(SubscriptionModules)

bundlesArray of stringsunique

Items Enum"endpointProtection""managedEndpointProtection""emailProtection""managedEmailProtection""sase""managedSase""coroEssentials""managedCoroEssentials""coroClassic""managedCoroClassic"

Response

application/json

{
  "modules": {
    "cloudSecurity": { … },
    "endpointSecurity": { … },
    "emailSecurity": { … },
    "userDataGovernance": { … },
    "endpointDataGovernance": { … },
    "edr": { … },
    "network": { … },
    "securedWebGateway": { … },
    "mdm": { … },
    "securityAwareness": { … }
  },
  "bundles": [
    "endpointProtection"
  ]
}

Update the subscription of a specific workspace

Request

Update the subscription of a specific workspace. Modifying your subscription alters your billing amount. Required modules and add-ons must be enabled. To get the details of which modules and add-ons must be enabled for different bundles offered by Coro, use the POST request to the /subscription endpoint.

Security

JWT

Headers

Workspacestringrequired

The workspace identifier, which isolates API requests inside the provided workspace scope.

Example: corodevonmicrosoftcom_TX7T_u

Bodyapplication/jsonrequired

modulesobject(SubscriptionModules)

bundlesArray of stringsunique

Items Enum"endpointProtection""managedEndpointProtection""emailProtection""managedEmailProtection""sase""managedSase""coroEssentials""managedCoroEssentials""coroClassic""managedCoroClassic"

curl -i -X PUT \
  https://docs.coro.net/_mock/api/api-docs/v1/subscriptions \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'Workspace: corodevonmicrosoftcom_TX7T_u' \
  -d '{
    "modules": {
      "cloudSecurity": {
        "enabled": true,
        "addons": [
          {
            "name": "inboundGateway",
            "enabled": true
          }
        ]
      },
      "endpointSecurity": {
        "enabled": true,
        "addons": [
          {
            "name": "inboundGateway",
            "enabled": true
          }
        ]
      },
      "emailSecurity": {
        "enabled": true,
        "addons": [
          {
            "name": "inboundGateway",
            "enabled": true
          }
        ]
      },
      "userDataGovernance": {
        "enabled": true,
        "addons": [
          {
            "name": "inboundGateway",
            "enabled": true
          }
        ]
      },
      "endpointDataGovernance": {
        "enabled": true,
        "addons": [
          {
            "name": "inboundGateway",
            "enabled": true
          }
        ]
      },
      "edr": {
        "enabled": true,
        "addons": [
          {
            "name": "inboundGateway",
            "enabled": true
          }
        ]
      },
      "network": {
        "enabled": true,
        "addons": [
          {
            "name": "inboundGateway",
            "enabled": true
          }
        ]
      },
      "securedWebGateway": {
        "enabled": true,
        "addons": [
          {
            "name": "inboundGateway",
            "enabled": true
          }
        ]
      },
      "mdm": {
        "enabled": true,
        "addons": [
          {
            "name": "inboundGateway",
            "enabled": true
          }
        ]
      },
      "securityAwareness": {
        "enabled": true,
        "addons": [
          {
            "name": "inboundGateway",
            "enabled": true
          }
        ]
      }
    },
    "bundles": [
      "endpointProtection"
    ]
  }'

Responses

Accepted

Bodyapplication/json

string

Enum"100 CONTINUE""101 SWITCHING_PROTOCOLS""102 PROCESSING""103 EARLY_HINTS""103 CHECKPOINT""200 OK""201 CREATED""202 ACCEPTED""203 NON_AUTHORITATIVE_INFORMATION""204 NO_CONTENT"

Response

application/json

"100 CONTINUE"

Stop subscription for the given workspace.

Request

Security

JWT

Headers

Workspacestringrequired

The workspace identifier, which isolates API requests inside the provided workspace scope.

Example: corodevonmicrosoftcom_TX7T_u

curl -i -X PUT \
  https://docs.coro.net/_mock/api/api-docs/v1/subscriptions/stop \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Workspace: corodevonmicrosoftcom_TX7T_u'

Responses

Success

Bodyapplication/json

string

Enum"100 CONTINUE""101 SWITCHING_PROTOCOLS""102 PROCESSING""103 EARLY_HINTS""103 CHECKPOINT""200 OK""201 CREATED""202 ACCEPTED""203 NON_AUTHORITATIVE_INFORMATION""204 NO_CONTENT"

Response

application/json

"100 CONTINUE"

Start subscription for the given workspace.

Request

Security

JWT

Headers

Workspacestringrequired

The workspace identifier, which isolates API requests inside the provided workspace scope.

Example: corodevonmicrosoftcom_TX7T_u

curl -i -X PUT \
  https://docs.coro.net/_mock/api/api-docs/v1/subscriptions/start \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Workspace: corodevonmicrosoftcom_TX7T_u'

Responses

Success

Bodyapplication/json

string

Enum"100 CONTINUE""101 SWITCHING_PROTOCOLS""102 PROCESSING""103 EARLY_HINTS""103 CHECKPOINT""200 OK""201 CREATED""202 ACCEPTED""203 NON_AUTHORITATIVE_INFORMATION""204 NO_CONTENT"

Response

application/json

"100 CONTINUE"

Retrieve the module and add-on details of specific bundles

Request

Retrieve the details of modules and add-ons included in specific bundles offered by Coro. These details can be used to update your subscription with the PUT request to the /subscription endpoint. Modifying your subscription alters your billing amount.

Security

JWT

Headers

Workspacestring

The workspace identifier, which isolates API requests inside the provided workspace scope.

Example: corodevonmicrosoftcom_TX7T_u

Bodyapplication/jsonrequired

bundlesArray of stringsunique

Items Enum"ENDPOINT_PROTECTION""MANAGED_ENDPOINT_PROTECTION""EMAIL_PROTECTION""MANAGED_EMAIL_PROTECTION""SASE""MANAGED_SASE""CORO_ESSENTIALS""MANAGED_CORO_ESSENTIALS""CORO_CLASSIC""MANAGED_CORO_CLASSIC"

curl -i -X POST \
  https://docs.coro.net/_mock/api/api-docs/v1/subscriptions/bundleInfo \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'Workspace: corodevonmicrosoftcom_TX7T_u' \
  -d '{
    "bundles": [
      "ENDPOINT_PROTECTION"
    ]
  }'

Responses

Success

Bodyapplication/json

modulesobject(SubscriptionModules)

bundlesArray of stringsunique

Items Enum"endpointProtection""managedEndpointProtection""emailProtection""managedEmailProtection""sase""managedSase""coroEssentials""managedCoroEssentials""coroClassic""managedCoroClassic"

Response

application/json

{
  "modules": {
    "cloudSecurity": { … },
    "endpointSecurity": { … },
    "emailSecurity": { … },
    "userDataGovernance": { … },
    "endpointDataGovernance": { … },
    "edr": { … },
    "network": { … },
    "securedWebGateway": { … },
    "mdm": { … },
    "securityAwareness": { … }
  },
  "bundles": [
    "endpointProtection"
  ]
}

tickets

This is the Tickets resource.

Use this resource to get details of all tickets stored in the Coro platform for a particular workspace.

Operations

tickets-summary

This is the Tickets Summary resource.

Use this resource to get details of tickets for a particular workspace, grouped by protection component.

Operations

usage

This is the resource for Coro usage.

Use this resource to obtain information about usage

Operations

users

This is the protected user resource.

Use this resource to get details of all protected users added to the specified workspace.

Operations

webhook-configuration

Use this resource to manage or view details of existing webhooks configurations, or to create new webhook configurations.

Operations

workspaces

Use this resource to view details of provisioned workspaces, or to create new workspaces.

Operations

Coro Cybersecurity Public API (v1)

About the resource reference

audit-logs

authentication

devices

portal-users

subscriptions

Retrieve the subscription of a specific workspace

Request

Responses

Was this helpful?

Update the subscription of a specific workspace

Request

Responses

Was this helpful?

Stop subscription for the given workspace.

Request

Responses

Was this helpful?

Start subscription for the given workspace.

Request

Responses

Was this helpful?

Retrieve the module and add-on details of specific bundles

Request

Responses

Was this helpful?

tickets

tickets-summary

usage

users

webhook-configuration

workspaces

Coro Cybersecurity Public API (v1)

About the resource reference

audit-logs

authentication

devices

portal-users

subscriptions

Retrieve the subscription of a specific workspace

Request

Responses

Was this helpful?

Update the subscription of a specific workspace

RequestExpand all

Responses

Was this helpful?

Stop subscription for the given workspace.

Request

Responses

Was this helpful?

Start subscription for the given workspace.

Request

Responses

Was this helpful?

Retrieve the module and add-on details of specific bundles

Request

Responses

Was this helpful?

tickets

tickets-summary

usage

users

webhook-configuration

workspaces

Request